IETF Logo Mail Archive

Re: [6tisch-security] [6lo] [Anima] Comments needed for Security Bootstrapping of IEEE 802.15.4 based Internet of Things

Behcet Sarikaya <sarikaya2012@gmail.com> Mon, 23 February 2015 20:59 UTC

Return-Path: <sarikaya2012@gmail.com>
X-Original-To: 6tisch-security@ietfa.amsl.com
Delivered-To: 6tisch-security@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 835F91A6F17; Mon, 23 Feb 2015 12:59:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UgYm6QU4uIOF; Mon, 23 Feb 2015 12:59:05 -0800 (PST)
Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B9A71A6F01; Mon, 23 Feb 2015 12:59:05 -0800 (PST)
Received: by labge10 with SMTP id ge10so21142434lab.12; Mon, 23 Feb 2015 12:59:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=bgCjGCwkEawEEeUye/leKIL+oF4mXOZ2UJEybeW+puQ=; b=XH0OLVJTFWNJPTFeQg6GqltJoAr7xI+iR8tLi/21aahCmujN60bEAt2jxqLJgbkV1S Zc3LJFGn0BzweRVB3/HbxAnSOsKFeowpuwgvnFyQDlcsbgW/l8uhH3RfU+ZySPwzYMDn iff8W2gphPZ95GRQavK/rCliDHGbNlRdQJR9FQhh5i8ohgccuPlxi5CLKDmAYBk8m/xR 1/qL6V4oRkIJSp8p85fmY0sOQpY8KLEwLlOTXgDs/6jjSY6ntdPitKbcR3WgQ3gLMy8L s0iBPesBJQgG71HZmMjonX9mnG8HLBL2hp6i9EwnMuB7YcCWI7uTy2RZk0H30qPAY4+u nIrg==
MIME-Version: 1.0
X-Received: by 10.112.141.225 with SMTP id rr1mr10670599lbb.71.1424725143416; Mon, 23 Feb 2015 12:59:03 -0800 (PST)
Received: by 10.114.187.13 with HTTP; Mon, 23 Feb 2015 12:59:03 -0800 (PST)
In-Reply-To: <54E86F9A.8020104@gmx.net>
References: <77FA386512F0D748BC7C02C36EB1106D921776@szxeml557-mbs.china.huawei.com> <6426.1422664463@sandelman.ca> <77FA386512F0D748BC7C02C36EB1106D92CC62@szxeml557-mbs.china.huawei.com> <54E7219B.6040006@gridmerge.com> <54E72846.20807@gmx.net> <54E7824A.4040906@gmail.com> <cf14f8df23dc2552f062976775e76549@xs4all.nl> <54E86F9A.8020104@gmx.net>
Date: Mon, 23 Feb 2015 14:59:03 -0600
Message-ID: <CAC8QAcc9QK1zq8paSCjd-A6b+FfB1bFqfcaseM3qPLZxy5sAeA@mail.gmail.com>
From: Behcet Sarikaya <sarikaya2012@gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/6tisch-security/EjjPdm7hA45ayU9V9LkXKae2Oe4>
Cc: consultancy@vanderstok.org, 6tisch-security <6tisch-security@ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>, "Hedanping (Ana)" <ana.hedanping@huawei.com>, robert.cragie@gridmerge.com, "6lo@ietf.org" <6lo@ietf.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>, "anima@ietf.org" <anima@ietf.org>
Subject: Re: [6tisch-security] [6lo] [Anima] Comments needed for Security Bootstrapping of IEEE 802.15.4 based Internet of Things
X-BeenThere: 6tisch-security@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: sarikaya@ieee.org
List-Id: Extended Design Team for 6TiSCH security architecture <6tisch-security.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch-security>, <mailto:6tisch-security-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch-security/>
List-Post: <mailto:6tisch-security@ietf.org>
List-Help: <mailto:6tisch-security-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch-security>, <mailto:6tisch-security-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Feb 2015 20:59:07 -0000

Hi Hannes,

On Sat, Feb 21, 2015 at 5:44 AM, Hannes Tschofenig
<hannes.tschofenig@gmx.net> wrote:
> Peter, Brian,
>
> I would strongly recommend not to use the term bootstrapping. Replacing
> it with some other word that explains what you want to do.
>
> After-all, we are engineers and not marketing guys. I tend to get a bit
> nervous when I read terms like "zero-touch" and alike that create the
> impression that there is no configuration that needs to be done by
> anyone. Of course, that's not the case.

Sorry but, Hannes, you have been saying these things for some time but
I have not heard your proposal yet. What should we call it if not
bootstrapping?

>
> With all the security drafts in NETCONF (zerotouch) or in ANIMA I get
> the impression that we are re-inventing the wheel not only because we
> want to work on new stuff but largely because we actually don't
> understand the state of the art ourselves anymore. I fear that the
> <draft-he-iot-security-bootstrapping-00> document also falls into the
> category of not understanding the state-of-the-art.

Don't worry about it.


> I understand if
> someone is not up-to-speed with the most recent efforts in Thread
> (because they are only visible to members of that organization) but the
> ZigBee-IP work should be known. While ZigBee-IP may be considered dead
> by know

You mean

 by  now?

> it also appears to me that any new work in the IETF on
> security/routing/etc. for IEEE 802.15.4 will have to compete against
> Thread. Thread has seen a dramatic growth rate in terms of membership
> and so I doubt that work in the same area has a lot of chances for
> success.
>

Yes but what is Thread's solution on this? Is this different than what
we have in IETF?



> Sorry for the rant but I believe it will help everyone to figure out
> that most of the groups are actually developing the same solutions over
> and over again.

Agreed, so it should be based on IETF work?
>
> Now to the issue of the multi-vendor equipment. Adding new solutions (as
> it is done in ANIMA) while other groups and organizations have already
> standardized similar technologies (using different terminology) will not
> make the interoperability any better. I am sure you know that far too well.
>
> It would be great to have a conversation (maybe at the next IETF
> meeting) how the different environments (home environment, enterprise
> environments/industrial environments) are different in terms of
> provisioning credentials and configuration information to IoT devices.


Exactly. Maybe this is what Peter is pointing at when he says several
solutions can be developed, different for each environment.


> Needless to say that there are differences and you can see them when you
> look at how existing products work. That does, however, not necessarily
> mean that there are no common building blocks.

Good point.

>
> Ciao
> Hannes
>
> On 02/21/2015 12:14 PM, peter van der Stok wrote:
>> Hi Brian,
>>
>> Just a small annotation to your default approach comment.
>> Bootstrapping is subject to different installation procedures.
>> A clear example is the difference between home (plug and play) and the
>> building control where bootstrapping is organized from a database.
>> In the professional domain the order of things can depend on the
>> installer. For example, some may want to bootstrap together with the
>> setup of the network, others may want the network to be ready and then
>> do the security bootstrap.
>>
>> Although I agree with your concern expressed as "a default procedure to
>> decide on the bootstrap procedure", I think there is room for 2-4
>> different security bootstrap procedures.
>> These procedures will be chosen as function of the application domain
>> and application owner, installer.
>>
>> Peter
>>
>>
>>
>> Brian E Carpenter schreef op 2015-02-20 19:51:
>>> Hannes,
>>>
>>> I agree that we need to compare different approaches. I do have one
>>> concern in the anima context that leads me to the conclusion that
>>> we *must* pick a preferred solution: if we consider a collection of
>>> multivendor equipment in factory condition that we want to bootstrap
>>> itself into a secure network when we apply power, I don't see how
>>> we can avoid having a single default solution. If not, we get a
>>> rather ludicrous situation where we need a single default solution
>>> to the problem of choosing which bootstrap solution to use.
>>>
>>> Regards
>>>    Brian
>>>
>>> On 21/02/2015 01:27, Hannes Tschofenig wrote:
>>>> Hi Danping,
>>>>
>>>> I would also like to note that
>>>> [I-D.pritikin-anima-bootstrapping-keyinfra] is only one possible way of
>>>> distributing new keys (based on already pre-provisioned certificates). I
>>>> would like to understand how it relates to other approaches.
>>>> Particularly if you consider an approach "heavy" it would be good to
>>>> know what your main concerns are since there is no free lunch with
>>>> security and most of the design decisions are trade-offs.
>>>>
>>>> Ciao
>>>> Hannes
>>>>
>>>> On 02/20/2015 12:59 PM, Robert Cragie wrote:
>>>>> [I-D.pritikin-anima-bootstrapping-keyinfra] proposes a zero-touch
>>>>> bootstrapping key infrastructure to allow joining device securely and
>>>>> automatically bootstraps itself based on 802.1AR certificate.  It can't
>>>>> be directly used in 802.15.4 devices due to the high security
>>>>> complexity
>>>>> and heavy communication overhead.": I disagree with this statement. We
>>>>> used this approach in ZigBee IP. I agree some may think the
>>>>> communication overhead "heavy" but that doesn't mean it can't be done.
>>>>> The associated security complexity is also becoming less onerous as
>>>>> crypto accelerators become built into hardware and cores.
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Anima mailing list
>>>> Anima@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/anima
>>>>
>>>
>>> _______________________________________________
>>> Anima mailing list
>>> Anima@ietf.org
>>> https://www.ietf.org/mailman/listinfo/anima
>
>
> _______________________________________________
> 6lo mailing list
> 6lo@ietf.org
> https://www.ietf.org/mailman/listinfo/6lo
>

v2.23.0 | Report a Bug | By Email