Suggestion: Native Linux Network Encryption (NLNE)

Jesse Cox ki4jgt at gmail.com
Tue Apr 17 17:05:12 UTC 2018 

You guys don't know me. I'm not a developer of the OS but I think I have 
something which could benefit it in the long run.

Here's the thing: I've been watching video after video about data 
security and encryption and why the average person refuses to adopt 
encryption standards. According to most of these videos, encryption is 
lacking in the world because it's complicated and no one wants to take 
the time to uncomplicate it. SSL was phased in because Netscape added it 
to their browser, forcing all the others to adopt it. I don't have the 
time to develop this project but I have an idea of how to implement a 
native encryption over insecure networks, for all Linux devices on the 
network. If this were a Linux router, it'd also be able to provide 
security despite having an open network.

Here's the idea:

This is all over an unsecured network (so Alice and Bob both have IP 
addresses -- let's say in the IPv4 spectrum for local wifi with an open 
network).

Alice wants to talk to Bob and each of them have the networking software 
(virtual networking device) installed.

The virtual device works by creating an IPv6 address for its client (so 
they both have one). The IPv6 is a hash of each client's public key.

Let's say Alice's public key hash was 00:11:22:33:44:55:66

And Bob's was 77:88:99:10:11:12

Alice's virtual interface would broadcast a message over the IPv4 
network asking for 77:88:99:10:11:12's public key (since the IP is a 
hash, the key must match and since Bob is the only one with the private 
key to match the hash, he's the only one who can communicate.

Once Bob's interface sends Alice's interface his private key -- in 
response to the broadcast -- the interfaces can exchange AES keys and 
then communicate. The communications can't be hijacked at any point, 
just stopped.

Why is this important?

Linux as a system has a past of creating solutions which benefit their 
users well before any other system. As the push for encryption 
continues, history has shown us that users will not implement safety 
measures themselves. I think it'd be great for Ubuntu to set the 
standard for a Native Linux Network Encryption protocol, which starts on 
bootup with the system in question. This is just an idea but it'd be 
awesome and a major step forward in IT security.

More information about the Ubuntu-devel-discuss mailing list