[Anima] NIST and BRSKI
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 09 October 2020 17:32 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A22EB3A0DA4 for <anima@ietfa.amsl.com>; Fri, 9 Oct 2020 10:32:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 500TsD6MFwZx for <anima@ietfa.amsl.com>; Fri, 9 Oct 2020 10:32:56 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD5A73A0D57 for <anima@ietf.org>; Fri, 9 Oct 2020 10:32:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 4F8D2389A8 for <anima@ietf.org>; Fri, 9 Oct 2020 13:38:25 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 9xh59_HZs1Iv for <anima@ietf.org>; Fri, 9 Oct 2020 13:38:24 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id DAA7938998 for <anima@ietf.org>; Fri, 9 Oct 2020 13:38:24 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id B42AD18B for <anima@ietf.org>; Fri, 9 Oct 2020 13:32:53 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima@ietf.org
X-Attribution: mcr
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 09 Oct 2020 13:32:53 -0400
Message-ID: <15324.1602264773@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/N-1b6P4vuTU8rma1XrpP5yL1M3w>
Subject: [Anima] NIST and BRSKI
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2020 17:33:05 -0000
A google alert found this: https://www.nist.gov/publications/formal-verification-bootstrapping-remote-secure-key-infrastructures-brski-protocol By some authors known to this WG. Author(s) Monika Singh, Mudumbai Ranganathan Abstract The last decade has seen significant growth in the number of IoT devices. These devices can connect to each other and networks. The process through which a new IoT device connects to the network and subsequently enables its services is called bootstrapping. A single entity connecting large numbers of new IoT devices to networks makes manual bootstrapping infeasible. It requires an automated system to enable a new device to be located and securely onboard the network. The Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol is one of the well-known protocols that provides a way for secure device onboarding. In this work, we present the first formal security analysis of the BRSKI protocol using a verification tool called AVISPA (Automated Validation of Internet Security Protocols and Applications). AVISPA provides a formal security validation of any network protocol by building and analyzing the formal security models of that protocols operations. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Anima] NIST and BRSKI Michael Richardson