IETF Logo Mail Archive

Re: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt

Göran Selander <goran.selander@ericsson.com> Wed, 31 October 2018 15:36 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3E72130E2A for <6tisch@ietfa.amsl.com>; Wed, 31 Oct 2018 08:36:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.791
X-Spam-Level:
X-Spam-Status: No, score=-3.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=cs4bjziz; dkim=pass (1024-bit key) header.d=ericsson.com header.b=WWjibcvz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KifnAeQsPTAZ for <6tisch@ietfa.amsl.com>; Wed, 31 Oct 2018 08:36:53 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC54D130E59 for <6tisch@ietf.org>; Wed, 31 Oct 2018 08:36:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1541000205; x=1543592205; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=U9ocZ/geTYgJTU9WIsgKHbFLkyRN2Y9V3ptGXjmouwM=; b=cs4bjzizTx3M5X7y8vRaOdkE9n/C7Xy5IlCjoKamkC106IH+KTfv4mXUiVK0ZosB aLdRFWn9GZWRT8ROB4aE2CPSvT6Pgbawo1FXpemwFVv+AkspIARaB67jTQZjFBbE pF8fifytaXZ7IJEcLzjCFGzweqq8NC40teZ4xAdfJXU=;
X-AuditID: c1b4fb30-1ebff70000007d19-27-5bd9cc0d0164
Received: from ESESSMB504.ericsson.se (Unknown_Domain [153.88.183.122]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 18.47.32025.D0CC9DB5; Wed, 31 Oct 2018 16:36:45 +0100 (CET)
Received: from ESESSMB504.ericsson.se (153.88.183.192) by ESESSMB504.ericsson.se (153.88.183.192) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 31 Oct 2018 16:36:45 +0100
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB504.ericsson.se (153.88.183.165) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Wed, 31 Oct 2018 16:36:45 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U9ocZ/geTYgJTU9WIsgKHbFLkyRN2Y9V3ptGXjmouwM=; b=WWjibcvzusa/sINXmlnmnYZXfBHdr8h3CGrPRC+0k9OaSj+XlaifAygzZCA8Gsi2EV4qg5t0s3Hrhic2WeOzpKdcuNQ9Lsz+PjoTZaFrNDE8MNtZNbg9sn1EGRfwPgccImohRLCQF+THTuEI1PIPSBv1PZYnYWpPBW8GcOAwVak=
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com (20.177.190.219) by AM6PR07MB4054.eurprd07.prod.outlook.com (52.134.116.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.9; Wed, 31 Oct 2018 15:36:44 +0000
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::1061:1e88:206e:e289]) by AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::1061:1e88:206e:e289%5]) with mapi id 15.20.1294.021; Wed, 31 Oct 2018 15:36:44 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "draft-ietf-6tisch-minimal-security@ietf.org" <draft-ietf-6tisch-minimal-security@ietf.org>, "6tisch@ietf.org" <6tisch@ietf.org>
Thread-Topic: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt
Thread-Index: AQHUapYlvQQ0cG1avkmtE9HxWFRvMaUs3iyAgALwXQCAAHMzgIACHrOA
Date: Wed, 31 Oct 2018 15:36:44 +0000
Message-ID: <FE8D938F-2BBF-440B-A8EA-A4A7DE0C8641@ericsson.com>
References: <154027458402.13510.6626746365533128943@ietfa.amsl.com> <CANDGjyfu5frC=yufcAOa9Wbg12-uj+j+pnDmqmgwRgGdWpKsJA@mail.gmail.com> <D3744C7E-8120-4362-BF08-87257AA207FB@ericsson.com> <13277.1540489931@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.12.0.181014
x-originating-ip: [192.176.1.87]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM6PR07MB4054; 6:O0LNvUPNHBrY2STQlVqAaXT+FrlY4JzVRPUKTQRi3paTODoD6dZOuk9gDrrPqSWsBdlwvizBmRs9DsLmITpgE1RinZaj8BV2rOFYRC0N0HyayjiHKBG9bSSQQBCY1VY4XFwGiraDP5MfNcEyoA76BntbQNO9+0xsPKPMuKSLuhtrANZFQkmx6SRyWe+/VqrUZcVFE50FDZqooM9arvfKqJA30LBwPsjHWhOlaL1PhrIb9D6TI6XpqqDmKuUzHJaqk3R6q5Netx6y68gz03FBnaAb2FRfJ7Rs/DKFxZlai0OjVW/ZOcvecrV8qbaoYvi7hTkcCh8C8omGNpLVpCFtf9BLJX4deVw1Br3VEFK+E5jzxqaNbFbe9l/WwLP9FPJllhStByQXdHh/Fmi10PvY0y4Lb3p3zhCVy5F7DAfm0T2KkJ6kEXGDj/aSLIM7z+LPv6zoDbu4/jtMV2akxFW3SQ==; 5:TBynEXuZvGbwb/Bu1dwHTYz51fUXLMlH2y3gLvaYANjaSbPG5IRSN4RhG2d4DsJqWQKXsdhTVqynZJJ6wabUfIL+YwbyoAgQw11QSOhcrupmGx5Fl5UmhiiXagl0tghu+uJOL+Nqe96NA5FP8RQMFQrLUryI6s7FohJoVhtFeu8=; 7:uKyeYqGfqlA9qMpsgMWaAI4+68k1LJY76LpLoBPvku5bK3Mf2LMGOCRPKL2BwiNsZvgPq368wkI4IMxOldyOs+tOp8QDlIYA/E7/aUtzjvt6z+K4GKwp9A7UC340r2SuUgy5aR5TUKI8tvSl8Np8Wg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 7eb840e2-f9a7-4657-019b-08d63f46a992
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:AM6PR07MB4054;
x-ms-traffictypediagnostic: AM6PR07MB4054:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-microsoft-antispam-prvs: <AM6PR07MB405460ADA94379AA270F2F05F4CD0@AM6PR07MB4054.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(37575265505322)(248295561703944);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(3231382)(944501410)(52105095)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123562045)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:AM6PR07MB4054; BCL:0; PCL:0; RULEID:; SRVR:AM6PR07MB4054;
x-forefront-prvs: 084285FC5C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(39860400002)(136003)(366004)(396003)(189003)(199004)(51444003)(54906003)(66066001)(33656002)(85202003)(316002)(4326008)(106356001)(478600001)(71200400001)(105586002)(2900100001)(53936002)(83716004)(25786009)(81156014)(71190400001)(8676002)(58126008)(6512007)(5660300001)(15650500001)(6486002)(8936002)(6436002)(93886005)(229853002)(256004)(99286004)(82746002)(66574009)(14444005)(26005)(86362001)(7736002)(6506007)(81166006)(102836004)(36756003)(6116002)(305945005)(2906002)(14454004)(3846002)(186003)(446003)(2616005)(6246003)(486006)(476003)(97736004)(68736007)(5250100002)(76176011)(85182001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR07MB4054; H:AM6PR07MB4822.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: HB8Ii+8R6RxuMek6ZihlPUknYQ6O2EocLnjSPSFojUToiiz+0uBmycBIS/pP4IJlQI09a9DCBaov8HsuNV0c1xzjSs1frnPkocu36zkLjtbv6iQmn6moFy24691pKaEbx7bebt9Qt8hDhnnAzFwwBYEL7NwMeDReqUqWULwCB+Lbz+HJWD0SRyj2g4W0oWx98hOgp5xkXvXvvrmthIvXQoRTFxn+Vwintzk0wVs7kHjK2ZSNQ0hMEipac0EOtsQsG/AgCAuSGExu/8Q1gxOHKifJ2ABitGHQWha8UUycHIFE7XhiRx1QUuek3N+dfddavccA+MDdrD4WDvvNgtRyRQdQfioNtRcjgZa6Iq5KFdc=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <FB6D3067EFF7CC47A4529A066480B387@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 7eb840e2-f9a7-4657-019b-08d63f46a992
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Oct 2018 15:36:44.3291 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB4054
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprCKsWRmVeSWpSXmKPExsUyM2J7lS7vmZvRBlduW1ksu9vHbPHntqxF z6F+dgdmjyVLfjJ5tMzZwxzAFMVlk5Kak1mWWqRvl8CVMWUia8EOuYp3q8+xNzBeke1i5OSQ EDCReHzqL0sXIxeHkMARRolJv/4zQzjfGCU+bZrLDlIlJLCESeL8xBKQBIvABGaJNZMWsUNU TWGSuPH1M1T/I0aJxjXT2UBa2ARcJB40PGICsUUE9CSWH3nGCFLELNDBKLHjRSvYXGEBb4kz TY+YIYp8JJ6vbmCFsN0kpk3fDmRzAO1TlehvjwYJ8wrYS8zbPRNq2X1GiX2PvoHVMwqISXw/ tQZsGbOAuMStJ/OZIL4TkFiy5zwzhC0q8fLxP7B6UQF9iQWnpzODzJcQUJBY8lcSokRW4tL8 brA7JQSusUlsn/ETqldX4sPUqVC2r8T7LWdZIIqOM0pMefKcDSKhJXFv5kUmiIPiJJrWNUDF syU2LXkL1RwjseNJCzuELSexqvchywRGo1lI7p4FdBOzgKbE+l36EGEPifmb/rJC2IoSU7of ss8Ch4WgxMmZT1gWMLKuYhQtTi1Oyk03MtJLLcpMLi7Oz9PLSy3ZxAhMKwe3/DbYwfjyueMh RgEORiUeXuf9N6OFWBPLiitzDzFKcDArifB+PwoU4k1JrKxKLcqPLyrNSS0+xCjNwaIkzmvh tzlKSCA9sSQ1OzW1ILUIJsvEwSnVwOg4eWvG9oUn2ViZbr5mfVEnrHVlp+De37sT2Xky9nwM YuFZ+OB2ODfD19+9jCdS6lacC4vKd09mqnhicVtg6bKghcb7l0wuMZJlrjyzZMeP8IQ/k6p6 8tJk51/+pFkxq7yVqSgojy84t2n1D+FFLBfkc6WDwgQD+3+dq310onDTWs4HcQIn3yqxFGck GmoxFxUnAgCDiajbJwMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/ndfHJ25Pp8TXipYwmxI0Mq9c2oY>
Subject: Re: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2018 15:36:56 -0000

Hi Michael,

Sorry for delayed response, this got hanging in my outbox. 

> 25 okt. 2018 kl. 19:52 skrev Michael Richardson <mcr+ietf@sandelman.ca>:
> 
> 
> Göran Selander <goran.selander@ericsson.com> wrote:
>> Now, the PSK in the Constrained Join protocol is used as the OSCORE Master
>> Secret, from which the Sender/Recipient Contexts, including Sender/Recipient
>> Keys, are derived. It is these keys, not the PSK, which are used for
>> authentication and communication security in OSCORE, so they need to be
>> unique and independent in each pledge. Since the Sender/Recipient Contexts
>> are derived from the PSK and the pledge identifier using HKDF, the derived
>> keys are expected to get these good properties as long as the input to HKDF
>> is different for different endpoints. So, having unique PSKs is a sufficient
>> condition. But having unique pledge identifiers is also sufficient, even if
>> the same PSK is used: Pledges may be provisioned directly with the
>> Sender/Recipient Context in a 1-touch fashion without access to the PSK, and
>> can then run the Constrained Join protocol. In fact, this is a quite
>> attractive deployment scheme:
> 
>> * The pledges do not need to implement HKDF or SHA-256.
> 
> What I'm hearing is that Pledges may be provisioned (at the factory) with:
>     SRContext = HKDF(PSK, PledgeIdentifier, other-stuff)
> 
> while the JRC can be provisioned with:
>      1) PSK
>      2) list of valid PledgeIdentifiers
> 
> What does not change is that:
>     a) SRContext still must be kept a secret.
>     b) SRcontext is still unique per-pledge (so can't be baked directly into firmware!)
> 
> So this is easier for the JRC, but does not really change anything in the way
> that Pledges have to be "touched".
> 

Right, this was not a comment about changing one-touch, which is the basic assumption of minimal security. This was a note that other secrets can be provisioned in the same one-touch manner with certain benefits to pledge and JRC. 

>> But even if you don’t do that, I propose that you do describe the deployment
>> scheme sketched above, for example in an appendix, and explain in that
>> section why this scheme is secure even though it is not complying with
>> the
> 
> I agree that putting it into an appendix would work.
> A completely separate document might also a good idea. (An operational BCP)
> 
> In particular, leaving it to another document might allow other things that
> need to be baked in uniquely to be described.  I am thinking about a
> connection to the hash-based signature work that the SUIT WG cares about.

I think that having at least a paragraph in an appendix of this draft would be good as it also illustrates how the requirement on PSK uniqueness can be slightly eased. 

Thanks,
Göran

v2.23.0 | Report a Bug | By Email