GPG encrypted WLAN
Why not use GPG for WLAN encryption? This may be possible with routers running under Linux and having enough CPU power.
The idea: The router knows which WLAN-user owns which GPG-key. Data Packets travelling through the wireless lan are encrypted by the router with the public GPG key of the user to whom the packet should go.
When a new user joins the WLAN, an administrator tells the router the key number and MAC-Adress of the new user. The router downloads the key from a keyserver and identifies the new user by his MAC-Adress. It now encrypts the data packets for the new user with his GPG key. Only the person owning the key will be able to decrypt the packets. The new user is ready to go in a few minutes and the wlan security is dramatically increased because every user has his own key.
To secure the administration area to add new users, the administration control panel may be only available via an ethernet cable to the router and secured by a password or the administrator once tells the router over the ethernet cable who he is (MAC-Adress and GPG-key) and then is able to add or delete users via WLAN.
The faking of MAC-Adresses is not effective anymore because the intruder has to own the secret key and know the password for it.
Someone who knows more than me, please think of it, its only an idea and i don't know if it's possible to put into reality.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
I really think something of this sort would be rather far-fetched. Sure it's a good idea and everything, but something of this sort would require implementation not only in the wireless clients, but also the wireless access points as well. What this means is that you would have to obtain a GPG-enabled router (if one exists), or a GPG-enabled firmware for a router (which would be third-party and hence void your warranty should you use it). - hyperair