IETF Logo Mail Archive

Re: [6tisch] [secdir] secdir review of draft-ietf-6tisch-architecture-21

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Wed, 26 June 2019 11:51 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7551120283 for <6tisch@ietfa.amsl.com>; Wed, 26 Jun 2019 04:51:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=JATbs1uo; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=w/0KVMj8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q516OR3cwZ_q for <6tisch@ietfa.amsl.com>; Wed, 26 Jun 2019 04:51:44 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D6D812023E for <6tisch@ietf.org>; Wed, 26 Jun 2019 04:51:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3380; q=dns/txt; s=iport; t=1561549904; x=1562759504; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=VpuMZMR3FOKbJcabOlekcOSR0CDV8COYROOzGfY4Ow8=; b=JATbs1uo4JJa8nvH/pLcmtXDr2AoJnkAvB9Eq+u1Cep6nWSJ2pZuBzgc B7UkDE7c8NRtKb5ZeU0gkEdjM/Y3VteYoslBnGtbjc4BJocx8IhSpWYnB YNPbQlibGco47kXAz8HSEHgpwojT9Aa8CVEjShESSwBseBKXa68YoDo7m A=;
IronPort-PHdr: 9a23:FlUpOx0CeyLF/pH3smDT+zVfbzU7u7jyIg8e44YmjLQLaKm44pD+JxKGt+51ggrPWoPWo7JfhuzavrqoeFRI4I3J8RVgOIdJSwdDjMwXmwI6B8vQEVH7MfTndTASF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BtAAD/WxNd/4ENJK1kGwEBAQEDAQEBBwMBAQGBVgMBAQELAYFDJCwDgT8gBAsoCoQLg0cDjlqCW5c+glIDVAkBAQEMAQEtAgEBhEACF4JmIzcGDgEDAQEEAQECAQVtijcMhUoBAQEDARIRBA0MAQE3AQ8CAQgSCAImAgICMBUCDgIEAQ0NGoRrAw4PAQKaNQKBOIhfcX4zgnkBAQWFBRiCEQmBDCgBhHCGUB0XgUA/gRFGgU5+PoRGgwgygiaOWJtGCQKCFpQKl1SNKZcXAgQCBAUCDgEBBYFmIoFYcBWDJ4JBg3CKU3KBKYxhAYEgAQE
X-IronPort-AV: E=Sophos;i="5.63,419,1557187200"; d="scan'208";a="288247914"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 26 Jun 2019 11:51:19 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x5QBpJOC024331 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 26 Jun 2019 11:51:19 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 26 Jun 2019 06:51:18 -0500
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 26 Jun 2019 06:51:18 -0500
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 26 Jun 2019 06:51:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VpuMZMR3FOKbJcabOlekcOSR0CDV8COYROOzGfY4Ow8=; b=w/0KVMj8cJm9eiZfcTrqtIyF+X1/ofJn0fgI5q5FHhf7HPHdMCCiMpIBsQcWbNFNHh0j9afO/0138Kq0W0I/mh4HdR4H8Q1CK4vtl31IBw8QG3Y62vnSufGuD3gT2Dy8C0cYzZjyzZarZ3PzNT5ojcdFDY3z82AEnB7BqQbrD50=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4413.namprd11.prod.outlook.com (52.135.39.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.16; Wed, 26 Jun 2019 11:51:17 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a%6]) with mapi id 15.20.2008.017; Wed, 26 Jun 2019 11:51:17 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Mališa Vučinić <malishav@gmail.com>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Tero Kivinen <kivinen@iki.fi>, "6tisch@ietf.org" <6tisch@ietf.org>
Thread-Topic: [6tisch] [secdir] secdir review of draft-ietf-6tisch-architecture-21
Thread-Index: AQHVKitVZAMqDsUZHEuS/CYS/vDUhKaqVH6wgAEk6YCAAAywAIAAbXDggAACzzCAAI0ZqoABNPqAgAAY60A=
Date: Wed, 26 Jun 2019 11:50:51 +0000
Deferred-Delivery: Wed, 26 Jun 2019 11:49:58 +0000
Message-ID: <MN2PR11MB35651DEA0C3FCF3DB1BA0660D8E20@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <2cced16c-d1df-88c2-eb21-7452b42f081a@mandelberg.org> <MN2PR11MB35651735463F27A247B4B0F0D8E00@MN2PR11MB3565.namprd11.prod.outlook.com> <23825.24715.882644.180316@fireball.acr.fi> <5229f400-076c-80e3-e0dc-a7cf3998abed@mandelberg.org> <MN2PR11MB35654D7658F0EEB05443F2ABD8E30@MN2PR11MB3565.namprd11.prod.outlook.com> <BYAPR11MB3558261B37E1E8FFFF4D8D27D8E30@BYAPR11MB3558.namprd11.prod.outlook.com> <62FC2528-9165-4E2E-89E5-6452D93030E0@gmail.com> <28248.1561477015@localhost> <7C7A7473-7266-4B09-BB41-79C871142BC9@gmail.com>
In-Reply-To: <7C7A7473-7266-4B09-BB41-79C871142BC9@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [173.38.220.49]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fc0b375a-0893-4817-0e28-08d6fa2c9910
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4413;
x-ms-traffictypediagnostic: MN2PR11MB4413:
x-microsoft-antispam-prvs: <MN2PR11MB44138A98BA6CD7FE302D2760D8E20@MN2PR11MB4413.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00808B16F3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(396003)(346002)(136003)(39860400002)(376002)(189003)(199004)(73956011)(66446008)(14454004)(52536014)(64756008)(66066001)(6436002)(68736007)(33656002)(8936002)(66476007)(4326008)(25786009)(7696005)(229853002)(5660300002)(76176011)(66556008)(478600001)(6506007)(11346002)(476003)(102836004)(26005)(186003)(2906002)(446003)(486006)(256004)(86362001)(76116006)(54906003)(71190400001)(71200400001)(316002)(305945005)(66946007)(53936002)(110136005)(6666004)(8676002)(55016002)(81156014)(6116002)(7736002)(9686003)(3846002)(81166006)(6246003)(14444005)(99286004)(74316002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4413; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 9Z75kx06gS6rLHSoJP1jazGhGBiTez55whoUVxJezVojvHngAbS1vP/9ae2JnwGPbBaXxNW2Of1WZyC0mZ0bAM7ErR3JnbtWA+voNq8tu1dVKBHC99G2prrnOYTV5tVUB1U3rF1Bb5ot0ghC138rJdEmPASWjPlpVE13BE72CpCiWPmpg7aQcvnFagMiCq35ZWJjQCF6xOUrLP/L65YqxoRYro0PFSFQWhfnjIazEuZktkSUtrccQRZfptwbEwu3a6sKuzAf8l5PtXR4Vre6HionKB0B+ttGxfwOdEP+T0AQ4UpvLKsbBkXtsChc4y2XwzccKX5XMVCeirSVA8CbiE4CNy2maPERhIhU2cO5kqt81BN1ZVNlr32JNPHAkucOO/jeZl7ygFYHL2FXIZt5a+5WHJynw+oGrPve0bFuFXI=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: fc0b375a-0893-4817-0e28-08d6fa2c9910
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jun 2019 11:51:17.1336 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pthubert@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4413
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/5ZLiOTwAbWf_IYuBLW2oemUxgCE>
Subject: Re: [6tisch] [secdir] secdir review of draft-ietf-6tisch-architecture-21
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 11:51:47 -0000

Hello Malisa

> >> Instead, as with traditional TSCH, the joined node can obtain its
> >> time information from its time source neighbor, i.e. RPL preferred
> >> parent, by triggering an exchange of link-layer frames with L2
> >> security features enabled. The MSF draft already mandates that the
> >> first outgoing message from the joined node after joining is the 6P
> >> ADD message to its preferred parent, which consequently gets
> >> protected with
> >> L2 security.
> >
> > But, how can the L2-security work if the newly-joined node has an
> > ancient ASN?  Won't the parent just drop the packet as being a replay, and
> then what?
> 
> Yes, so the node will desynchronize eventually, fall out of network and restart
> the join process, hopefully with a different network.

My own Q&A

How is the bad ASN identified? -> I guess it can be picked from the frame counter in the Auxillary Security Header.
But then does the spec require that the receiver checks the frame counter that the sender used ? Is that implemented?
What is the reaction of the receiver in case of a bad ASN?  -> It could send a beacon with a correct ASN I guess.
But then how can we determine who of the 2 has the correct ASN? -> I guess a node should not have the right to act as coordinator until it confirmed his sense of ASN.

Otherwise, a bad ASN with the good modulo gets the frame in the right channel offset...

> 
> >> What needs to be specified clearly is that this first 6P exchange
> >> should not be encrypted but only authenticated at L2.
> >> Upon successful completion of the first 6P exchange with its time
> >> (routing) parent, the joined node obtains a negotiated cell and as a
> >> side effect proves freshness of the ASN used.
> >
> > I'd rather that we added a new exchange, rather than special casing some 6P
> > interaction here.   An RPL DIS would be a better choice here, I think, with
> > an RPL DAO unicast reply.  Still, I hate to special case this as being
> > authenticated only.
> > Doesn't that have to happen first?
> 
> Whatever packet we send here, be it DIS or 6P, they need to have special
> handling in terms of L2 security… Is DIS mandatory to send upon preferred
> parent selection?

It is not mandatory but we could use it. A more generic method would be for the pledge to solicit a beacon with a nonce that does not depend on ASN and see check the MIC/MAC of the beacon.
 
All the best,

Pascal

v2.23.0 | Report a Bug | By Email