IETF Logo Mail Archive

Re: [6lo] Comments needed for Security Bootstrapping of IEEE 802.15.4 based Internet of Things

"Hedanping (Ana)" <ana.hedanping@huawei.com> Mon, 02 February 2015 08:13 UTC

Return-Path: <ana.hedanping@huawei.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA1CE1A002A; Mon, 2 Feb 2015 00:13:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Limt7hPqpqpp; Mon, 2 Feb 2015 00:13:36 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DB831A000B; Mon, 2 Feb 2015 00:13:35 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml401-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BRZ36103; Mon, 02 Feb 2015 08:13:33 +0000 (GMT)
Received: from SZXEML433-HUB.china.huawei.com (10.82.67.210) by lhreml401-hub.china.huawei.com (10.201.5.240) with Microsoft SMTP Server (TLS) id 14.3.158.1; Mon, 2 Feb 2015 08:13:31 +0000
Received: from szxeml557-mbs.china.huawei.com ([169.254.6.208]) by szxeml433-hub.china.huawei.com ([10.82.67.210]) with mapi id 14.03.0158.001; Mon, 2 Feb 2015 16:13:19 +0800
From: "Hedanping (Ana)" <ana.hedanping@huawei.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Thread-Topic: [6lo] Comments needed for Security Bootstrapping of IEEE 802.15.4 based Internet of Things
Thread-Index: AQHQM5RsrNIDfMmvyk2+BhTY9xEGY5zY7gyAgAQCtnA=
Date: Mon, 02 Feb 2015 08:13:19 +0000
Message-ID: <77FA386512F0D748BC7C02C36EB1106D92CC62@szxeml557-mbs.china.huawei.com>
References: <77FA386512F0D748BC7C02C36EB1106D921776@szxeml557-mbs.china.huawei.com> <6426.1422664463@sandelman.ca>
In-Reply-To: <6426.1422664463@sandelman.ca>
Accept-Language: en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.94.103]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <http://mailarchive.ietf.org/arch/msg/6lo/FZGI9Q2t4hsLYz2-emVcywpQFeI>
Cc: "6tisch-security@ietf.org" <6tisch-security@ietf.org>, "anima@ietf.org" <anima@ietf.org>, "6lo@ietf.org" <6lo@ietf.org>
Subject: Re: [6lo] Comments needed for Security Bootstrapping of IEEE 802.15.4 based Internet of Things
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Feb 2015 08:13:41 -0000

Hi Michael,
Thank you for the interest and the questions are illuminating. Please see my reply inline.

	> I have added a number of CCs, I think that this fits into ANIMA best.
	> 

	> Hedanping (Ana) <ana.hedanping@huawei.com> wrote:
	>     > A new draft is submitted, it's about the security bootstrapping
	>     > architecture and methods for IoT networks that implement IETF
	> protocols
	>     > (e.g. 6LoWPAN, 6lo, RPL, AODV, DSR) over IEEE 802.15.4.
	>     > Two types of bootstrapping methods are developed: network level
	>     > bootstrapping and joining device level bootstrapping
	> 
	>     > The link is:
	>     > http://tools.ietf.org/html/draft-he-iot-security-bootstrapping-00
	> 
	> I read the document with great interest.
	> I found that you explained the incremental boot-strapping process quite well,
	> and nobody has clearly articulated the process yet.  People have just assumed
	> that everyone knows this process, but really it needs to get written down, so I
	> thank you for doing that.

Thank you for the praise. As it is the initial version, more discussions and comments are needed to make it better.

	> 
	> Given that:
	> 
	>    Because IEEE 802.15.4 maximum payload size is 128 Bytes, a standard
	>    security bootstrapping protocol should be light-weight with low
	>    complexity.  The protocol must allow for commissioning of devices
	> 
	> I was surprised that the draft then suggested EAP with PANA as a transport:
	> 
	>    If EAP is used, PANA can be used to relay the authentication message
	>    from configured FFDs to 6LBR.  If the validation is successful, the
	>    IP address and network key are generated and delivered to the FFD.
	> 
	> But, EAP-TLS with PANA is exactly what the Zigbee IP specification has specified.
	> Do you envision any changes from that specification?

Zigbee IP specification was developed to enable IP address for Zigbee application, thus the protocol stack are built on IETF's standards, including EAP-TLS. 
As discussed in many working groups, TLS might result in a significant amount of retransmissions due to unreliable communication capability of the network and device, thus energy will be consumed fast.
I think EAP over DTLS /profiled DTLS could be a good option.

	> A minority of people had prefered this mechanism for 6tisch-security, but
	> none stepped forward to write up that mechanism.   Perhaps this draft could
	> fulfill that need?

Yes, we should describe more clearly on this mechanism, and maybe this draft is a right place. It would be great if folks in the mailing list make comments and contribution on this technical point. 

	> You write that the IP address would be generated; usually that occurs via
	> distribution of PIOs via ND (router-adveristments) or RPL.  Were you going to
	> suggest something else here?

According to my knowledge, IP address can be generated once a device is authenticated to network access, afterwards, other further protocols can use IP to communicate. 
Besides, PANA needs IP as well. The incremental bootstrapping takes advantage of such IP address generation mechanism, so that PANA can be run without any problem.
  

	> From the ANIMA and 6tisch-security point of view, my view is that this is all
	> about the choice of certificates for the TLS setup.  Do you have any view on
	> how that might work?

For unconstrained environment, I agree with you. But when it comes to constrained device and constrained network communication, TLS might not be a good choice as mentioned before. Certificate is not a good choice either due to the high cost. 
I would like to say: it is about the choice of credential type for secure channel setup. The good candidates of credential types are Raw public key, Physical Unclonable Function (PUF).

	> 
	> The 6tisch-security bootstrap process aims to create a
	> YANG/CBOR-over-CoAP-over-DTLS session between a Join Coordinator and the
	> Joining Node: over that management link, security (and timeslot scheduling)
	> would be provisioned.

CoAP-DTLS coincides with my idea.
Yang sounds like at a higher level, but I think EAP is actually the mechanism running behind ^_^


Regards,
Ana

v2.23.0 | Report a Bug | By Email