[Ace] use of object security
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 22 May 2014 18:38 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFC971A0293 for <ace@ietfa.amsl.com>; Thu, 22 May 2014 11:38:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.952
X-Spam-Level:
X-Spam-Status: No, score=-1.952 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_12=0.6, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F9WJAoFQDh89 for <ace@ietfa.amsl.com>; Thu, 22 May 2014 11:38:54 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.252.184]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 082D51A02BD for <ace@ietf.org>; Thu, 22 May 2014 11:38:54 -0700 (PDT)
Received: from sandelman.ca (desk.marajade.sandelman.ca [209.87.252.247]) by tuna.sandelman.ca (Postfix) with ESMTP id 4987920011; Thu, 22 May 2014 14:41:16 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 1B93D63B0B; Thu, 22 May 2014 14:38:49 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 079D063B09; Thu, 22 May 2014 14:38:49 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: =?utf-8?Q?Mali=C5=A1a_Vu=C4=8Dini=C4 =87?= <malishav@gmail.com>, "ace@ietf.org" <ace@ietf.org>
In-Reply-To: <1715C7B6-DC74-447B-B66D-B942D50FE933@imag.fr>
References: <1715C7B6-DC74-447B-B66D-B942D50FE933@imag.fr>
X-Mailer: MH-E 8.2; nmh 1.3-dev; GNU Emacs 23.4.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Thu, 22 May 2014 14:38:48 -0400
Message-ID: <3877.1400783928@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: http://mailarchive.ietf.org/arch/msg/ace/0iClMX9rfuo_5_x-insjoMIopAk
Subject: [Ace] use of object security
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 May 2014 18:38:58 -0000
subject was: Subject: Re: [Ace] Adrian Farrel's Block on charter-ietf-ace-00-00: (with BLOCK) Mališa Vučinić <malishav@gmail.com> wrote: > I refer everyone interested to our DTLS-based architecture named OSCAR > (http://arxiv.org/pdf/1404.7799) that will be presented during IEEE > WoWMoM in June. Very interesting. I think maybe your figure 1 appears too early, or appears without enough explanation, or perhaps is too detailed for that point in the paper. You write that "The relation between j'th access secret Sj and i'th resource Ri is dependent on authorization policies and the desired level of confidentiality." I guess the point is that the one can make Sj a "group" key, or distribute it on per-end-point basis, based upon the level of audit and paranoia. The whole thing is very similar to the pre-IKE IPsec SKIP mechanism, including the lack of crypto parameter negotiation. http://en.wikipedia.org/wiki/Simple_Key-Management_for_Internet_Protocol http://tools.ietf.org/html/draft-ietf-ipsec-skip-06 You write earlier: > Due to the physical constraints, the number of supported cryptographic > ciphers is limited. Indeed, constrained devices often have a single > supported cipher suite (selected at the compile time). This fact reverses > the paradigm encountered in the Internet where one of the security concerns > during the handshake is the downgrade attack (the attacker forces two > parties to use the weakest common and later: > The request contains header carrying preferred content types. If capable, > server responds with the content supported by the client. Therefore, to > solve the interoperability issues, we require an additional accept option > carrying supported ciphers. I am not yet convinced that: a) the downgrade attack can be ignored. b) that this permits us to incrementally deploy new cryptographic protocols as the ones we have become weak over a multi-decade deployment period of many IoT. I am pleased that OSCAR is not shy about asymmetric operations. I am reminded of Jari's temperature sensor. (You bring security to Jari's 4-bit microcontroller multicast temperature sender...) but, I think it would be easier to think of a light switch. Imagine a light bulb receives a message from some sender that it should turn on. But the light bulb is *already* turned on. In that context, there may be no reason to always validate the asymmetric signature. This is similar to how the replay counter in IPsec works: if we already saw that packet, we can tell that without bothering to authenticate it. This assumes no active, on-path, attacker will bother to change an "off" signal into a "on" signal (invalidating the signature). Such an attacker is easily caught, and so the attack is very unlikely to succeed. Is your contiki code available? You write at the end: > However, as it (IPsec) resides in the Operating System kernel, it is > impractical for typical IoT applications. 1) There is no requirement that IPsec be in the kernel, the reason people put it there is so that it can act as service for layer-4 protocols, but if you want to re-implement those protocols (UDP is trivial) in userspace, one can easily have IPsec in an application using a raw IP socket. 2) when implemented over UDP, one can even have it in application library. 3) most IoT operating systems have no concept of a "kernel" anyway, so the concern is really only on the more capable endsystems (the smartphones and desktop systems) which want to talk to the IoT devices. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Ace] Adrian Farrel's Block on charter-ietf-ace-0… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Likepeng
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Likepeng
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Barry Leiba
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Jari Arkko
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Barry Leiba
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Göran Selander
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Corinna Schmitt
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Ludwig Seitz
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Göran Selander
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Barry Leiba
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Behcet Sarikaya
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Göran Selander
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Carsten Bormann
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Behcet Sarikaya
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Kathleen Moriarty
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Jari Arkko
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Likepeng
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Carsten Bormann
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Robert Cragie
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Adrian Farrel
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Likepeng
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Stefanie Gerdes
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Göran Selander
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Likepeng
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Jari Arkko
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Barry Leiba
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Robert Cragie
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Behcet Sarikaya
- Re: [Ace] Adrian Farrel's Block on charter-ietf-a… Mališa Vučinić
- [Ace] use of object security Michael Richardson
- Re: [Ace] use of object security Malisa Vucinic