search

opentechinstitute / commotion-feed

Feed of Commotion components to be pulled in by OpenWRT
GNU Affero General Public License v3.0
4 stars 11 forks source link

Serval route signing key in olsr-mdp is static #16

Closed areynold closed 10 years ago

areynold commented 11 years ago

FINDING ID: iSEC-COMMO13-10

TARGETS: The Serval route signing key.

DESCRIPTION: The Serval route signing key is static across all Commotion instances. This provides no security, as anyone with the key can publish signed routes that all other routers will accept. The key can either be extracted from the firmware or downloaded on GitHub to be later leveraged by attackers.

Additionally, iSEC is unaware of a method within the web interface to change or rotate these keys.

EXPLOIT SCENARIO: An attacker joins the backhaul wireless mesh network by brute forcing WEP. The attacker generates malicious OLSR route advertisements and signs them with the known secret key. The routers will identify the signature as valid and update their routing tables accordingly, allowing the malicious user to redirect traffic as he sees fit.

SHORT TERM SOLUTION: Several options:

LONG TERM SOLUTION: Handling secure key generation and distribution is a difficult problem with both technical and UI/UX challenges. Consider policies related to the security level of the router as described in commotion-openwrt issue 23

jheretic commented 11 years ago

Short term solution (clearer defaults): opentechinstitute/luci-commotion#19 Actual solution (full keyring interface): opentechinstitute/luci-commotion#26

glamrock commented 10 years ago

To solve the original bug, I'm removing the section of 20-olsrd that sets a default serval key. Default key is being removed entirely, and as one doesn't exist, serval will create a new keyring+key.

There are separate issues in that we should be supporting a full serval keyring suite, and possibly also setting they serval keyring to be off by default. There are heavy ui, security, and crypto implications with both.

Edited to add: In commotion-feed/packages/serval-dna/files/etc/init.d/serval-dna, there is a check on line 8 to see if there is an existing serval keyring, and if not it adds a keyring. Consensus is that it generates a key to go with the new keyring, but I will need to test to be sure. I'm also flagging the default keyfile for removal in v1.

critzo commented 10 years ago

This issue has been addressed by https://github.com/opentechinstitute/commotion-feed/issues/16 in https://github.com/opentechinstitute/commotion-openwrt/pull/77