SUPERMAN - a secure framework suitability for wireless communication security.

SUPERMAN – a secure framework suitability for wireless communication security.

The flexibility and mobility of Mobile Ad hoc Networks (MANETs) have made them increasing popular in a wide range of use cases. To protect these networks, security protocols have been developed to protect routing and application data. However, these protocols only protect routes or communication, not both. Both secure routing and communication security protocols must be implemented to provide full protection. The use of communication security protocols originally developed for wireline and WiFi networks can also place a heavy burden on the limited network resources of a MANET. To address these issues, a novel secure framework (SUPERMAN) is proposed. The framework is designed to allow existing network and routing protocols to perform their functions, whilst providing node authentication, access control, and communication security mechanisms. This paper presents a novel security framework for MANETs, SUPERMAN. Simulation results comparing SUPERMAN with IPsec, SAODV and SOLSR are provided to demonstrate the proposed frameworks suitability for wireless communication security. http://ieeexplore.ieee.org/document/7809102/?reload=true

This solution consists of two parts:
* SUPERMAN Linux Kernel Module
* SUPERMAN Linux Daemon

superman v1.0

Kernel Module
The kernel module provides the network layer packet processing required by SUPERMAN.

As packets pass through local in and local out, SUPERMAN applies end-to-end encryption/decryption to the packet to secure it’s contents. As packets pass through Post Routing and Pre Routing, SUPERMAN applies point-to-point HMAC tagging and verification.
In addition, the kernel module provides packet generation for the specialist SUPERMAN packet types and injects them into the appropriate parts of the network stack.

The following guide has been tested and works with (although may not be limited to) the following:
– Ubuntu x64 16.04 – desktop prefered although tested with server using SSH X tunnelling (ssh -X).
– Debian Jessie kernel 4.7.0-0.bpo.1-686-pae
– Kernel version 4.4.
– Running as a regular user who has sudo permissions.

Usage:

To create a CA certificate (which only needs to be done once), typically with the CA’s /etc/superman/ directory:

Source: https://bitbucket.org/wj88