[6lo] Diet-ESP
Daniel Migault <mglt.ietf@gmail.com> Tue, 17 February 2015 03:08 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64D4C1A8953; Mon, 16 Feb 2015 19:08:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JX0zEwofWnpT; Mon, 16 Feb 2015 19:08:06 -0800 (PST)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 201CD1A86DE; Mon, 16 Feb 2015 19:08:06 -0800 (PST)
Received: by mail-wi0-f169.google.com with SMTP id em10so28729342wid.0; Mon, 16 Feb 2015 19:08:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=pWmNHJMhRGBPYWTwFNrWY+JYUCgZic2S4P9Rf97Zx7I=; b=lm2aoyUblgcbfAU0kMJZbV6pVGq+PkiZDzTLtwcB5PpZ7KMhgG/HM/D1oxYWO7yed0 1h5igppEbVDHHSGN4fsCTTh45yBaCgfJVA9Iu8CVKFvSgzCbhE+rqNTeanVZ/Lx/SEkc vX9BE/nLgRd5pMIBr5u3i2PSPUcAaMb/CbepI2Vsx0W/y1Erb0AXCFz0UCs72DwPhVgC w49SXeiEaeis+NKXlx7tR3KIU3tRrSN0a/WjXZLwTtzh74bMSkhKDpnMoVtgpAgVxRtd GJIAaabwZpIbYdX7/mYDcVLXJiUO0ivJ2NmWZ5Bn9tCouxUkKMbkjCgz3Oyqw2GkONwp XRiw==
MIME-Version: 1.0
X-Received: by 10.194.200.68 with SMTP id jq4mr55981623wjc.128.1424142484654; Mon, 16 Feb 2015 19:08:04 -0800 (PST)
Received: by 10.194.68.39 with HTTP; Mon, 16 Feb 2015 19:08:04 -0800 (PST)
Date: Tue, 17 Feb 2015 04:08:04 +0100
Message-ID: <CADZyTkkqjSQe1HvMhLqg1g1-bxGc3iXB8kjL81qJgieCwV6h8Q@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
To: 6lo@ietf.org
Content-Type: multipart/alternative; boundary="047d7b86ea96e85118050f4002c7"
Archived-At: <http://mailarchive.ietf.org/arch/msg/6lo/2PJXf97E9hx0xXdQgWDmbi5eV7o>
Cc: "ipsec@ietf.org" <ipsec@ietf.org>
Subject: [6lo] Diet-ESP
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Feb 2015 03:08:08 -0000
Please find the new version of Diet-ESP a compress IPsec/ESP for IoT. We
have implemented and tested Diet-ESP. Compared to the standard IPsec/ESP,
Diet-ESP can reduce the networking overhead added to unprotected data from
100% to a few percent. I will be happy to present these draft next IETF.
Feel free to make comments!
The drafts includes:
1) draft-mglt-6lo-diet-esp-requirements
<http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-requirements/>:
lists the requirements for Diet-ESP
2) draft-mglt-6lo-aes-implicit-iv
<http://datatracker.ietf.org/doc/draft-mglt-6lo-aes-implicit-iv/>:
indicates how to avoid carrying the IV in each ESP packet. It is instead
generated by each peers. The protocols described in the draft can be used
with the regular IPsec/ESP.
3) draft-mglt-6lo-diet-esp
<http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp/> describes the
core Diet-ESP protocol, that is how to compress/decompress each fields of
the standard IPsec/ESP. Compression is discribed through a Diet-ESP Context.
4) draft-mglt-6lo-diet-esp-payload-compression
<http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-payload-compression/>:
describes how the clear text can be compressed before encryption. In fact
unless IPsec/ESP is used with NULL encryption, the data in the ESP packet
is encrypted. Encryption makes compression hard to perform. Instead
compressing before encrypting can be very efficient. This makes possible to
remove UDP/TPC/IP tunnel headers.
5) draft-mglt-6lo-diet-esp-context-ikev2-extension
<http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-context-ikev2-extension/>:
describes how to negociate Diet-ESP with IKEv2. In fact this mostly result
in an agreement for the DIet-ESP Context. This exchange may then be
extended to Diet-HIP Exchange.
BR,
Daniel
--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
- [6lo] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Stephen Kent
- Re: [6lo] [IPsec] Diet-ESP Carsten Bormann
- [6lo] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Hannes Tschofenig
- Re: [6lo] [IPsec] Diet-ESP Paul_Koning
- Re: [6lo] [IPsec] Diet-ESP Scott Fluhrer (sfluhrer)
- Re: [6lo] [IPsec] Diet-ESP Scott Fluhrer (sfluhrer)
- Re: [6lo] [IPsec] Diet-ESP Paul Wouters
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Daniel Migault
- Re: [6lo] [IPsec] Diet-ESP Hannes Tschofenig
- Re: [6lo] [IPsec] Diet-ESP Paul_Koning