IETF Logo Mail Archive

Re: [6tisch] [secdir] secdir review of draft-ietf-6tisch-architecture-21

Tero Kivinen <kivinen@iki.fi> Wed, 10 July 2019 21:22 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B392C1201BC for <6tisch@ietfa.amsl.com>; Wed, 10 Jul 2019 14:22:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.419
X-Spam-Level:
X-Spam-Status: No, score=-3.419 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R0mpHUEyXgZb for <6tisch@ietfa.amsl.com>; Wed, 10 Jul 2019 14:22:20 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4B63120025 for <6tisch@ietf.org>; Wed, 10 Jul 2019 14:22:19 -0700 (PDT)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id x6ALMDB7027627 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 11 Jul 2019 00:22:13 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id x6ALMDjF017896; Thu, 11 Jul 2019 00:22:13 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <23846.22277.397906.443444@fireball.acr.fi>
Date: Thu, 11 Jul 2019 00:22:13 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
Cc: Mališa Vučinić <malishav@gmail.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "6tisch@ietf.org" <6tisch@ietf.org>
In-Reply-To: <MN2PR11MB35651DEA0C3FCF3DB1BA0660D8E20@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <2cced16c-d1df-88c2-eb21-7452b42f081a@mandelberg.org> <MN2PR11MB35651735463F27A247B4B0F0D8E00@MN2PR11MB3565.namprd11.prod.outlook.com> <23825.24715.882644.180316@fireball.acr.fi> <5229f400-076c-80e3-e0dc-a7cf3998abed@mandelberg.org> <MN2PR11MB35654D7658F0EEB05443F2ABD8E30@MN2PR11MB3565.namprd11.prod.outlook.com> <BYAPR11MB3558261B37E1E8FFFF4D8D27D8E30@BYAPR11MB3558.namprd11.prod.outlook.com> <62FC2528-9165-4E2E-89E5-6452D93030E0@gmail.com> <28248.1561477015@localhost> <7C7A7473-7266-4B09-BB41-79C871142BC9@gmail.com> <MN2PR11MB35651DEA0C3FCF3DB1BA0660D8E20@MN2PR11MB3565.namprd11.prod.outlook.com>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 8 min
X-Total-Time: 7 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/rFywkYV-A2rUZaA0mpao_sCxbbU>
Subject: Re: [6tisch] [secdir] secdir review of draft-ietf-6tisch-architecture-21
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 21:22:22 -0000

Pascal Thubert (pthubert) writes:
> My own Q&A
> 
> How is the bad ASN identified? -> I guess it can be picked from the
> frame counter in the Auxillary Security Header.

No, the auxillary security header does not contain ASN ever. The Frame
counter field is for frame counters, not for ASNs, and it is only 4
octets long, and you cannot fit ASN in there. ASN will be delivered in
the beacon frame inside the TSCH Syncronization IE. 

> But then does the spec require that the receiver checks the frame
> counter that the sender used ?

For frame counters yes, but frame counters are not used in TSCH mode.
In TSCH each device keeps track of ASN by its own clock, and as
everybody knows what ASN is, there is no need to transmit it between
nodes already in the network. ASN is only sent inside the IE for new
nodes.

And ASN will get implictly verified as if you do get out of sync with
ASN, then you will be using wrong ASN for nonce generation and all
your inbound security processing will fail. 

> Is that implemented? What is the reaction of the receiver in case of
> a bad ASN?

If it is secured frame, it will get SECURITY_ERROR for each frame
having wrong ASN, and it will drop the frames. For non secured frames,
it will not even notice the issue if it actually managed to be on
correct channel to hear the transmission. 

> -> It could send a beacon with a correct ASN I guess. But
> then how can we determine who of the 2 has the correct ASN? -> I
> guess a node should not have the right to act as coordinator until
> it confirmed his sense of ASN.

When PAN coordinator forms a TSCH network it will decide what ASN will
be used, and everybody else must sync with him when joining the
network, and must keep themselves in sync. If they loose track of ASN,
they must rejoin the network and regain the syncronization. 
-- 
kivinen@iki.fi

v2.23.0 | Report a Bug | By Email