[Cfrg] OER (Re: ASN.1 in IEEE 1609.2 (was Re: Curve selection revisited))

Carsten Bormann <cabo@tzi.org> Tue, 29 July 2014 07:06 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id E8FCB1ABD19 for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 00:06:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BXcGapCs4_fq for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 00:06:26 -0700 (PDT)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02CD51ABD17 for <cfrg@irtf.org>; Tue, 29 Jul 2014 00:06:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de []) by informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id s6T76I3g027345 for <cfrg@irtf.org>; Tue, 29 Jul 2014 09:06:18 +0200 (CEST)
Received: from [] (ip-2-203-149-66.web.vodafone.de []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id 6CAB04B5; Tue, 29 Jul 2014 09:06:16 +0200 (CEST)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <CACz1E9rUhwErnP_eG_=UC2EpT7M6z89ZdNr7ijNJxnaBA+RJAQ@mail.gmail.com>
Date: Tue, 29 Jul 2014 09:06:05 +0200
X-Mao-Original-Outgoing-Id: 428310365.563093-646eca5baa9889c3cd65c3f347435436
Content-Transfer-Encoding: quoted-printable
Message-Id: <5984C963-58D0-414E-AA5C-E02F749B5410@tzi.org>
References: <CACz1E9rUhwErnP_eG_=UC2EpT7M6z89ZdNr7ijNJxnaBA+RJAQ@mail.gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/h79pFCJw_hg3FsFy57gw0ySI8mg
Subject: [Cfrg] OER (Re: ASN.1 in IEEE 1609.2 (was Re: Curve selection revisited))
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2014 07:06:28 -0000

On 29 Jul 2014, at 05:38, William Whyte <wwhyte@securityinnovation.com> wrote:

> Octet Encoding Rules, or OER

Many people here may not be familiar with this newest member of the growing family of ASN.1 encoding rules.  Until recently, OER was strictly domain-specific.  Now, it has been submitted to ITU-T and surfaced as X.696 (ISO/IEC 8825-7).

The original NTCIP document specifying OES has this to say:

> Annex A Justification for OER
> (Informative)
> During the development of the NTCIP, in 1995, the NEMA 3-TS Technical Committee began to learn about the Simple Network Management Protocol (SNMP) and Abstract Syntax Notation One (ASN.1). The committee liked the design of both SNMP and ASN.1, but was concerned about the massive bandwidth requirements that the SNMP solution imposed. As such, the committee set forth to establish a new protocol, called the Simple Transportation Management Protocol (STMP), which would meet the bandwidth requirements of intelligent transportation systems.
> The STMP was designed around the concept of configuring message content at run-time, but prior to actual message use, and using more compact encoding rules. Unfortunately, the NEMA committee was unaware of ISO's development of Packed Encoding Rules (ISO PER), ISO 8825-2. Thus, instead of using ISO PER, NEMA developed their own encoding rules, which were limited to the needs of STMP. To further complicate the matter, NEMA also named their encoding rules Packed Encoding Rules (NEMA PER).
> By 1998, several firms were implementing the STMP and the supporting encoding rules, and through this process, several ambiguities were noticed in the NEMA PER standard. Further, the Committee realized that some people were becoming confused by the two versions of PER. Finally, the committee was being asked to investigate an extension to STMP that would use fixed messages. Thus, the Committee conducted an investigation to determine whether the standard should be modified to use ISO PER, or if the existing standard (STMP) should simply be clarified.
> After a detailed review of the issue, the Committee, in association with various NTCIP Working Groups that had since been established, decided to clarify the original specification due to the inherent complexity of the ISO PER.
> It also agreed that the long-term solution was to develop a separate document that would formally define these new encoding rules for all ASN.1 Types. Finally, it was decided that the name of the encoding rules should be changed in order to minimize confusion, and the committee decided upon the name "Octet Encoding Rules” because of the octet-aligned nature of the encoding. [...]

Different from BER, OER focuses on generating fixed-size fields when that fixed size can be derived from the ASN.1 type constraints.  It also recognizes the importance of unsigned integers*).  With some care, something resembling a classic IETF packet format could be written down in ASN.1 assuming OER (at least as long as everything is byte-aligned)**).

While BER is structurally self-describing (you can decode the structure of an ASN.1 BER object even without having the data definition at hand), for an OER object you do need the data definition to make any sense of it.  Generic tools cannot be written: implementations are specific to the data definition or need an interpreter for the ASN.1 language in which it is written (i.e., the modern variant, not the older dialect used in the IETF). This reliance on information from the data definition is not different from TLS notation or box notation, but might be surprising for those who think about ASN.1 in terms of BER.

The companies that supply ASN.1 tools love OER.  The market for commercial ASN.1 tools had been drying up when open-source ASN.1 tools became better and better.  OER presents new opportunities for commercial tools.  I’m sure they will know to avoid another “PER disaster”***).

Grüße, Carsten

*) (A pet peeve many of us have with BER is that it only supports signed integers, which are less interesting in many embedded applications.)

**) Hand-crafted packet formats will almost always win over generated ones unless the complexity is so high that shortcuts have to be taken in the handcrafting.

***) (Little known outside that community, bugs in the pretty much single-sourced ASN.1 PER tools almost sunk H.323 in the mid-90s).