Re: [6tisch] Benjamin Kaduk's No Objection on draft-ietf-6tisch-enrollment-enhanced-beacon-13: (with COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 27 February 2020 19:23 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 532323A09A5; Thu, 27 Feb 2020 11:23:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fwiJGiXV0kyx; Thu, 27 Feb 2020 11:23:03 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9560E3A09A1; Thu, 27 Feb 2020 11:23:02 -0800 (PST)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 01RJMxeq010840 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 27 Feb 2020 14:23:01 -0500
Date: Thu, 27 Feb 2020 11:22:58 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: 6tisch@ietf.org, draft-ietf-6tisch-enrollment-enhanced-beacon@ietf.org
Message-ID: <20200227192258.GF98042@kduck.mit.edu>
References: <158206755196.14101.10514108989438939697.idtracker@ietfa.amsl.com> <3706.1582226579@dooku> <20200222051155.GJ53538@kduck.mit.edu> <9524.1582504285@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <9524.1582504285@localhost>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/BjKHbDZXqV_rJkRByDJNmCYUUG8>
Subject: Re: [6tisch] Benjamin Kaduk's No Objection on draft-ietf-6tisch-enrollment-enhanced-beacon-13: (with COMMENT)
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 19:23:05 -0000

On Sun, Feb 23, 2020 at 07:31:25PM -0500, Michael Richardson wrote:
> 
> Benjamin Kaduk <kaduk@mit.edu> wrote:
>     > Thanks for these updates!  I see you had one question at the end...
> 
>     >> >    visible.  Encrypting the schedule does not prevent an attacker from
>     >> > jamming, but rather increases the energy cost of doing that jamming.
>     >>
>     >> > Perhaps also the side effects/collateral damage of the jamming.
>     >>
>     >> I'm not sure what you are saying/suggesting here.
> 
>     > If the attacker doesn't know the schedule, they use more power ("energy
>     > cost") to jam all the time, in some sort of always-on broadband jamming
>     > technique.  This broadband jamming could end up blocking traffic the
>     > attacker doesn't care about, in addition to the target of the jamming;
>     > that in turn might make the fact that the attacker is jamming at all easier
>     > to detect.  I'm suggesting that the attacker's decision process about
>     > whether/how to jam is much more complicated if they don't have the schedule
>     > available, and there are additional factors that would come into play that
>     > might discourage the attacker from jamming even though (as is already
>     > noted) it does not "prevent" the attacker from jamming.
> 
> So, just to be clear, the schedule is happening thanks to RFC8180, section 4.5.
> What this document adds is the ability to determine which EB are from the
> same network, even if they have different PANID.
> 
> There is a very good discussion about the jamming costs in:
>       https://datatracker.ietf.org/doc/draft-tiloca-6tisch-robust-scheduling/
> 
> Unfortunately, it isn't clear if this work can go ahead in the IETF as it
> apparently makes changes that the IEEE is responsible for.  At the same time,
> it must coordinate with (re-)keying , which the IEEE is not responsible for.
> 
> I don't know what else I could say in enhanced beacon about this.
> The topic of selective jamming is a bit distant from this document.

Okay, I see your point.

Thanks for the extra reference!

-Ben