Re: [6tisch] 6tisch join requirements for 6top
<yoshihiro.ohba@toshiba.co.jp> Mon, 01 December 2014 23:49 UTC
Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 525741A89AF for <6tisch@ietfa.amsl.com>; Mon, 1 Dec 2014 15:49:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.701
X-Spam-Level:
X-Spam-Status: No, score=-1.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ft-lD2mFOxGj for <6tisch@ietfa.amsl.com>; Mon, 1 Dec 2014 15:49:46 -0800 (PST)
Received: from imx2.toshiba.co.jp (inet-tsb5.toshiba.co.jp [202.33.96.24]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA3BC1A1BE1 for <6tisch@ietf.org>; Mon, 1 Dec 2014 15:49:45 -0800 (PST)
Received: from arc1.toshiba.co.jp ([133.199.194.235]) by imx2.toshiba.co.jp with ESMTP id sB1Nnb0h001018; Tue, 2 Dec 2014 08:49:37 +0900 (JST)
Received: (from root@localhost) by arc1.toshiba.co.jp id sB1Nnacc007296; Tue, 2 Dec 2014 08:49:36 +0900 (JST)
Received: from ovp2.toshiba.co.jp [133.199.192.144] by arc1.toshiba.co.jp with ESMTP id JAA07293; Tue, 2 Dec 2014 08:49:36 +0900
Received: from mx12.toshiba.co.jp (localhost [127.0.0.1]) by ovp2.toshiba.co.jp with ESMTP id sB1NnaOt006016; Tue, 2 Dec 2014 08:49:36 +0900 (JST)
Received: from TGXML208.toshiba.local by toshiba.co.jp id sB1NnZHZ027293; Tue, 2 Dec 2014 08:49:35 +0900 (JST)
Received: from TGXML210.toshiba.local ([169.254.4.170]) by TGXML208.toshiba.local ([133.199.70.17]) with mapi id 14.03.0195.001; Tue, 2 Dec 2014 08:49:36 +0900
From: yoshihiro.ohba@toshiba.co.jp
To: watteyne@eecs.berkeley.edu, ksjp@berkeley.edu
Thread-Topic: [6tisch] 6tisch join requirements for 6top
Thread-Index: AQHQAp6mzn11Yy2yUkumPgLa1+2pqpxvN/yAgAA3cgCAATc9AIAAwgWAgAXb3wCABDOD4A==
Date: Mon, 01 Dec 2014 23:49:35 +0000
Message-ID: <674F70E5F2BE564CB06B6901FD3DD78B29D05F10@TGXML210.toshiba.local>
References: <D0876D12.C03C%rsudhaak@cisco.com> <32412.1415737868@sandelman.ca> <D087B62D.C081%rsudhaak@cisco.com> <10653.1415740821@sandelman.ca> <CADJ9OA_LFkGDuyG_0bf=07d7cvC9FNRr5cMGTmYw2PR=g9XQHA@mail.gmail.com> <8193.1416253349@sandelman.ca> <21619.12717.53454.214321@fireball.kivinen.iki.fi> <E045AECD98228444A58C61C200AE1BD848A77CB5@xmb-rcd-x01.cisco.com> <21620.25926.119766.130028@fireball.kivinen.iki.fi> <54750807.9070901@berkeley.edu> <CADJ9OA_FS2qsTEGCDMMu_wwN=NsfARW26rw_9g9ROP=AHorB3g@mail.gmail.com>
In-Reply-To: <CADJ9OA_FS2qsTEGCDMMu_wwN=NsfARW26rw_9g9ROP=AHorB3g@mail.gmail.com>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
x-originating-ip: [133.196.20.148]
msscp.transfermailtomossagent: 103
Content-Type: multipart/alternative; boundary="_000_674F70E5F2BE564CB06B6901FD3DD78B29D05F10TGXML210toshiba_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/zB9KYW8NQaebn0QmiTG374c-e4U
Cc: 6tisch@ietf.org
Subject: Re: [6tisch] 6tisch join requirements for 6top
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Dec 2014 23:49:48 -0000
There is some weakness if a device does not store a frame counter (i.e., ASN in TSCH) across a reboot. There can be a replay attack by sending a copy of beacon fame sent in the past, letting the rebooted device to re-use the frame counter (until the device synch up with correct ASN). Yoshihiro Ohba From: 6tisch [mailto:6tisch-bounces@ietf.org] On Behalf Of Thomas Watteyne Sent: Sunday, November 30, 2014 1:20 AM To: Kris Pister Cc: 6tisch@ietf.org Subject: Re: [6tisch] 6tisch join requirements for 6top Tero, all, As the key is AES-CCM key that means that every single device needs to store their frame counters to stable storage. This sets quite high requirements for the devices. In theory they should also store the frame counters for all the peers they are talking to, but I don't know if any device does that. Usually they only store their own frame counter to flash every now and then, and then on the restart they load it from the flash, and add big enough counter to it to make sure that it is unique. IEEE802.15.4e-2012 TSCH [1], the ASN is used as the Frame Counter for security operations, so you don't have to store the frame counters to stable storage, right? Thomas [1] http://standards.ieee.org/getieee802/download/802.15.4e-2012.pdf On Tue, Nov 25, 2014 at 2:51 PM, Kris Pister <ksjp@berkeley.edu<mailto:ksjp@berkeley.edu>> wrote: No, when someone defines protocol B that is not compatible with protocol A then they will pick a different well-known key. That is the whole idea. ksjp On 11/25/2014 3:17 AM, Tero Kivinen wrote: So when someone is running the protocol A and B both over the same default well-known key then you still have the problem... _______________________________________________ 6tisch mailing list 6tisch@ietf.org<mailto:6tisch@ietf.org> https://www.ietf.org/mailman/listinfo/6tisch
- [6tisch] CoAP resource management - draft-ietf-6t… Raghuram Sudhaakar (rsudhaak)
- Re: [6tisch] CoAP resource management - draft-iet… Michael Richardson
- Re: [6tisch] CoAP resource management - draft-iet… Carsten Bormann
- Re: [6tisch] CoAP resource management - draft-iet… Raghuram Sudhaakar (rsudhaak)
- Re: [6tisch] CoAP resource management - draft-iet… Michael Richardson
- Re: [6tisch] CoAP resource management - draft-iet… Thomas Watteyne
- Re: [6tisch] CoAP resource management - draft-iet… Pascal Thubert (pthubert)
- [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Xavier Vilajosana
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top Pascal Thubert (pthubert)
- [6tisch] on the fallacy of default keys (was: Re:… Rene Struik
- Re: [6tisch] on the fallacy of default keys (was:… Pascal Thubert (pthubert)
- Re: [6tisch] on the fallacy of default keys Rene Struik
- Re: [6tisch] 6tisch join requirements for 6top Pat Kinney
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top Pascal Thubert (pthubert)
- Re: [6tisch] 6tisch join requirements for 6top Kris Pister
- Re: [6tisch] 6tisch join requirements for 6top Thomas Watteyne
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- [6tisch] emails on 802.15.4 specs Rene Struik
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top yoshihiro.ohba
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Thomas Watteyne
- Re: [6tisch] 6tisch join requirements for 6top Carsten Bormann
- Re: [6tisch] 6tisch join requirements for 6top Thomas Watteyne
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top Tero Kivinen
- Re: [6tisch] 6tisch join requirements for 6top yoshihiro.ohba
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top dejichen
- Re: [6tisch] 6tisch join requirements for 6top Michael Richardson
- Re: [6tisch] 6tisch join requirements for 6top Thomas Watteyne