Re: [6tisch-security] agenda for 2014-05-27 6tisch security call

[Jonathan Simon <jsimon@linear.com>]

Yoshihiro -

Q. In w/HART, are all beacon frames authenticated with a well-known key
even after a joining node obtained the runtime link layer key?

A. Yes. In WirelessHART the beacons (called "advertisements" but they serve
the same purpose and have similar content) are intended for devices not yet
in the network, so they always use the well-known key.  To discover other
nodes within the network, they use frames secured with the runtime
link-layer key.

Jonathan


On Tue, May 27, 2014 at 11:18 PM, <yoshihiro.ohba@toshiba.co.jp> wrote:

>  Hi Jonathan,
>
>
>
> Thank you for sending the summary of w/HART joining.
>
>
>
> I have question.
>
>
>
> In w/HART, are all beacon frames authenticated with a well-known key even
> after a joining node obtained the runtime link layer key?
>
>
>
> Regards,
>
> Yoshihiro Ohba
>
>
>
>
>
>
>
>
>
> *From:* 6tisch-security [mailto:6tisch-security-bounces@ietf.org] *On
> Behalf Of *Jonathan Simon
> *Sent:* Tuesday, May 27, 2014 10:41 PM
> *To:* Rene Struik
> *Cc:* Michael Richardson; 6tisch-security@ietf.org
> *Subject:* Re: [6tisch-security] agenda for 2014-05-27 6tisch security
> call
>
>
>
> Rene had asked on a previous call for someone to summarize WirelessHART
> joining - here you go.
>
> * One or more devices are sending beacons to advertise the presence of the
> network. In WirelessHART, this frame is unencrypted, but authenticated with
> a well known key.  The beacon contains the current ASN, which the joining
> device uses to synchronize its clock.
>
> * Once the joining node has heard a beacon, it continues listening for
> additional beacons for a short specified timeout.
>
> * The joining node encrypts a frame containing some HART specific content,
> including a list of beaconing neighbors it heard in the previous steps. The
> size of the payload is ~ 60 bytes.  The packet is routed by a "proxy" node
> - the joining parent. The frame is authenticated using the well-known key,
> and encrypted using a shared symmetric key known only by the node and the
> manager.
>
> * The manager responds with a frame containing the run-time link-layer
> key, the node's new short address (this takes the place of PAN coordinator
> association), and a unicast session key and starting nonce for the manager.
> This frame is encrypted with the symmetric key. The payload is ~ 60 bytes,
> and is routed to the proxy for delivery to the joining node - the proxy
> uses the link-layer well known key on the frame.
>
> * At this point the joining node transitions to using the run-time
> link-layer key for all link-layer frames, and the manager unicast session
> for end-to-end manager traffic. This ends the initial security handshake.
>
> * Over a number of additional frames, the manager assigns additional
> sessions, including broadcast sessions, and a unicast session to the
> Gateway (sink for all data traffic), and additional communications
> resources, routing information, etc.  There is no explicit transition from
> joining to joined - the mote transitions when certain key frames are
> received.
>
> * Note that a WirelessHART link-layer frame contains and additional frame
> type byte and a 4-byte link-layer MIC, on top of the unsecured 15.4 frame.
> A network frame contains an additional 16-40 bytes of addressing, routing,
> security and other information.
>
> Hope this help!
>
> Jonathan
>
>
>
>
>
> On Mon, May 26, 2014 at 8:09 PM, Rene Struik <rstruik.ext@gmail.com>
> wrote:
>
>  Hi Michael:
>
> I would like to discuss the outstanding issues I summarized in my email of
> Tue last week, May 20, 2014, 9:45am EDT (see
> http://www.ietf.org/mail-archive/web/6tisch-security/current/msg00086.html<http://cp.mcafee.com/d/5fHCMUp41ESyNt55OWtSjtPqbwVBcSyUepvdEK3zhOyCOqejrzPPPz5XCN6ABqM1hYEvIundDOx-NVsTJQXIfcLZvC4TQTS6eLsKCO-PPXX3XUVzBHFShjlKepVkffGhBrwqrhdI6XYyMCY-ehojd79KVI05bVKY01MjbX6NehDY05zAVkIjbQ-PspjbppKcvxf5q4rTKYVMedKjBiNcLjXdNBcIn8lrxrW0GnPtU02rhhuhKr1vF6y0QJKjBiNcLjXdNBcIqnjh1F7U8qq87qNd42tQm2ZTOWoUQgejBiNcQgk-Pspjb6y2SDDCT63pO_o>).
> This was also one of the action items at the conclusion of last week's
> 6TiSCH security call.
>
> FYI - the w/HART communication flows were discussed during the 6TiSCH
> security conf call the week before, on Mon May 12, 2014. If one wishes to
> go over this again, that is fine, but I would prefer us giving preference
> to taking on already articulated issues (which were assigned as homework
> assignment to reflect upon) first (i.e., prior to item #4 of the proposed
> agenda).
>
> As another agenda point, I would like us to discuss the frequency of
> future calls (as part of EOB).
>
> Best regards, Rene
>
>
> On 5/26/2014 10:49 PM, Michael Richardson wrote:
>
> To remind, we moved the call from the 26th to the 27th at 10am EDT.
>
> That's 90 minutes from this email.
>
>
>
> 1) notewell.
>
> 2) intros
>
> 3) recap of draft-piro-
>
> 4) wirelesshart -way --- how does the communication work?
>
> 5) how to summarize all of this to the working group
>
> 6) how to close this process up?
>
>
>
> -- remember that the call is recorded, and the NoteWell applies.
>
>
>
> -- The URL to access the webex, which will we use for audio only:
>
>   https://cisco.webex.com/cisco/j.php?MTID=m2fe139bf876cea3ec62750cd580b7908 <http://cp.mcafee.com/d/5fHCN0SyNt55OWtSjtPqbwVBcSyUepvdEK3zhOyCOqejrzPPPz5XCN6ABqM1hYEvIundDOx-NVsTJQXIfcLZvC4TQTS6eLsKCO-PPXX3XUVzBHFShjlKepVkffGhBrwqrjdI6XYyMCY-ehojd79KVIDeqR4IOQGmHM0L3-nOQGmHwzMh93o93gUVldTQmjhOgtu7em_mvIUCevLp1ZWV0sqerL6T9OFoCnFZCUOCmbAaJMJZ0lbVKY01dEEL8TdwLQzh0qmT9OFoCnFZCUOCmdbFEwQzY4dd43JoCy1eWb1uXVtcsq879OFoCq8avpKcFBzh1rjPPrz1LmTw7w17>
>
>
>
> -- we will resume with the etherpad at:
>
>    http://etherpad.tools.ietf.org:9000/p/notes-ietf-89-6tisch-security <http://cp.mcafee.com/d/2DRPow71NJ5yWabBQXICXCQn1PapJ5MsO-rhs76zB5dAQsCT7DDD6bTdyd9aRw2zVg_oYKrfB3ZzOVLrFToupvW_c9LFLIctuVtdBZDDTS7TNP7bnjIyCHssPOEuvkzaT0QSOrodTV5xdVYsyMCqejtPo0fVA_yJG7jHk-Di-rL00kzhPuZYmO5p_gLbVKBTzhOnsDaBypuDSrzapoSVelb4OZfIT6kONsxlK5LE2FvdTw09J55V6VI5-Aq83iSVelb4OZfIT6kONFtd46AvwxFEwtH4Qg9ThobTvbFzzh0Velb4Ph1jXdNBcIq8bquursodJiZvpmK6GwY>
>
>
>
> I'm at +1 613 276-6809, IM: mcr@xmpp.credil.org or mcharlesr@gmail.com,
>
> if you need more than that to get in, or are having difficulties.
>
> Please make sure your audio works, and that you mute when not talking.
>
>
>
> --
>
> Michael Richardson <mcr+IETF@sandelman.ca> <mcr+IETF@sandelman.ca>, Sandelman Software Works
>
>  -= IPv6 IoT consulting =-
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> 6tisch-security mailing list
>
> 6tisch-security@ietf.org
>
> https://www.ietf.org/mailman/listinfo/6tisch-security <http://cp.mcafee.com/d/2DRPoO86QmbEEKnjKOrKrhs7cFCQn1PbVJ5MsqekkSjhOrsuuusoLsS8QAHm0afB3ZzOVI-kfSfbCZKDtxVB_HYMC-C-MNRXBQSnSuvvovv7csJteOaqJNPfaxVZicHs3jr1JwTvAm4TDNOb2pEVdTdAVPmEBC5eBYTu00U9GX33VkDa3JssDaBypuDSrzapoSVelb4OZfIT6kONsxlK5LE2FvdTw09J55V6VI5-Aq83iSVelb4OZfIT6kONFtd46AvwxFEwtH4Qg9ThobTvbFzzh0Velb4Ph1jXdNBcIq8bquursodLWbv>
>
>
>
>
>  --
>
> email: rstruik.ext@gmail.com | Skype: rstruik
>
> cell: +1 (647) 867-5658 | US: +1 (415) 690-7363
>
>
> _______________________________________________
> 6tisch-security mailing list
> 6tisch-security@ietf.org
>
> http://cp.mcafee.com/d/avndzgQ93gArhoKyyVteX9KVJ5MsOCrhs7cLCQn1NEVhjpd79JNVVVNyZPoziiJo0E-kfSfbCPVg_oYKrSWtS7Cn-LP2rWrX37nKnjpvpVZZxZYsNORQX8FGT7cYG7DR8OJMddECQjt-hojuv78I9CzATsSjDdqymokWnPtU03wCHIcfBisEeRNOsGm9BWvpKcFBzrAVkIjbQ-Pspjb5O5mUm-waBYTu00CQknArCMnWhEwdbrAVkIjbQ-Pspjb6BQQgqh-26Cy1SIjh0Dt5wLtYKCed43AVkIjd45fIT6kONEwJFVVJNwSeVhsrLe-Fkd
>
>
>
>
> --
>
> --
> Jonathan Simon, Ph. D
> Director of Systems Engineering
> Dust Networks at Linear Technology
> 30695 Huntwood Ave
> Hayward, CA 94544-7021
> (510) 400-2936
> (510) 489-3799 FAX
> jsimon@linear.com
>
> **LINEAR TECHNOLOGY CORPORATION**
> *****Internet Email Confidentiality Notice*****
>  This e-mail transmission, and any documents, files or previous
> e-mail messages attached to it may contain confidential information that
> is legally privileged. If you are not the intended recipient, or a
> person responsible for delivering it to the intended recipient, you are
> hereby notified that any disclosure, copying, distribution or use of any of
> the information contained in or attached to this transmission is
> STRICTLY PROHIBITED. If you have received this transmission in error,
> please immediately notify me by reply e-mail, or by telephone at (510)
> 400-2936, and destroy the original transmission and its
> attachments without reading or saving in any manner. Thank you.
>
> _______________________________________________
> 6tisch-security mailing list
> 6tisch-security@ietf.org
>
> http://cp.mcafee.com/d/2DRPow76QmbEFLzzhOM-rKrhs7cFCQn1PbVJ5MsqekkSjhOrsuuusoLsS8QAHm0afB3ZzOVI-kfSfbCTA7hPXPb_nVNZNBVxzHTbEzHIYYepd7bz8XBHEShhlKM_OEuvkzaT0QSyrhdTV5xdVYsyMCqejtPpesRG9pxjFvdTw0e2qKMM-l9OwXn79OFoCnFZCUOCmdKjBiNcLjXdNBcIn8lrxrW0GnPtU02rojhKUr1vF6y0QJKjBiNcLjXdNBcIqnjh1F7U8qq87qNd42tQm2ZTOWoUQgejBiNcQgk-Pspjb6y2SDDCT63rt_U2SVUlVB0
>
>


-- 
-- 
Jonathan Simon, Ph. D
Director of Systems Engineering
Dust Networks at Linear Technology
30695 Huntwood Ave
Hayward, CA 94544-7021
(510) 400-2936
(510) 489-3799 FAX
jsimon@linear.com

**LINEAR TECHNOLOGY CORPORATION**
*****Internet Email Confidentiality Notice*****
 This e-mail transmission, and any documents, files or previous
e-mail messages attached to it may contain confidential information that
is legally privileged. If you are not the intended recipient, or a
person responsible for delivering it to the intended recipient, you are
hereby notified that any disclosure, copying, distribution or use of any of
the information contained in or attached to this transmission is
STRICTLY PROHIBITED. If you have received this transmission in error,
please immediately notify me by reply e-mail, or by telephone at (510)
400-2936, and destroy the original transmission and its attachments without
reading or saving in any manner. Thank you.