Currently, the CEHRD project have been prolonged for one month to allow Serval to progress in the development of their Rhizome system that will allow video and other data to be exchanged in the mesh network created by the phones. As of now, December 2011 -, the monitors can only make voice calls, which is useful, but does not enable them to do all they wish.
The technical issues that will be worked out during this additional month are:
The possibility to set group keys that allow anyone with that key to decrypt messages sent to that group key. Only phones with the group key would bother to receive and forward the files. The security issue that is related with this functionality is thought that if someone seized a phone, they would be able to participate in that group without restriction. Thus For this reason it will be useful to change group keys on a periodic basis. Other people would be able to see that the file exists, and who sent it, and even it's name and version (so keep names neutral), but not the content of the file.
The main problem related to SMSs is that you get two notifications for every message, and you can't use the regular messaging app on the phone to send SMS over the mesh. Also, the recipient must be online and reachable at the time the message is sent. A possible solution is to implement a Rhizome-based message service for small meshes such that the recipient doesn't need to be online at the time of sending, but this will reveal information to others on the mesh about the fact that a message was sent, the time it was sent, to whom and from whom -- it would only be the content that is secret. Serval is trying to improve this by making the recipient harder to determine by, for example, having the message chain from a given user all be stored in a single file, distributed by Rhizome, with each message encrypted using the public key of the recipient, but without the key specified. This would also not allow anyone else to even know who the message was addressed to, only that it was not addressed to themselves. However, better crypto analysis is needed to assess the security of such a system.
To make sure the project is not leaving anything to the case the approach is to assume a complete lack of security and privacy, and work up from there. It is better to have a secure communication which is erroneously not trusted, rather than to trust communications which are in fact not secure. Important to notice here is that it will be easier for Serval to secure a Rhizome-based short message service than it will be to secure voice calls. The mesh SMS service used right now is currently completely insecure, and the Rhizome-based messaging proposed above has not been implemented at this time, and even if implemented, it will not hide the fact that some person has sent some message at some specific time.
Some of the possible solutions being worked are:
- Consolidate the Rhizome software and get software updates included so that we have a good foundation for easily moving forward.
- Keep working on adding security to the Rhizome software, and work towards adding distribution groups protected by a shared group key, including having a method for a phone to create a group, and then share the group key with specific phones.
- Think about making the secure short messaging extension to Rhizome
The Mesh Casting project will be over at the end of February 2012 and after that Internews will be releasing a research report on the development of the system and its testing. The hope is that the Mesh Network will become strong enough to be used and tested also in an emergency situation, where the value of easy and free communication where the mobile network is down can actually make the difference in between life and death.