IETF Logo Mail Archive

Re: [core] Question reg. draft-fossati-tls-iot-optimizations-00

"Kraus Achim (INST/ESY1)" <Achim.Kraus@bosch-si.com> Wed, 02 November 2016 10:33 UTC

Return-Path: <Achim.Kraus@bosch-si.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C05F129A94 for <core@ietfa.amsl.com>; Wed, 2 Nov 2016 03:33:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rLRT73AczrRO for <core@ietfa.amsl.com>; Wed, 2 Nov 2016 03:33:05 -0700 (PDT)
Received: from smtp6-v.fe.bosch.de (smtp6-v.fe.bosch.de [IPv6:2a03:cc00:ff0:100::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C259E12948A for <core@ietf.org>; Wed, 2 Nov 2016 03:33:04 -0700 (PDT)
Received: from vsmta12.fe.internet.bosch.com (unknown [10.4.98.52]) by imta23.fe.bosch.de (Postfix) with ESMTP id BD81615800EB for <core@ietf.org>; Wed, 2 Nov 2016 11:33:02 +0100 (CET)
Received: from IMBVW2EXC00.bosch-si.com (vsgw22.fe.internet.bosch.com [10.4.98.11]) by vsmta12.fe.internet.bosch.com (Postfix) with ESMTP id 5AE4B1B802CE for <core@ietf.org>; Wed, 2 Nov 2016 11:33:02 +0100 (CET)
Received: from IMBPW2EXD01.bosch-si.com ([fe80::d052:f355:928e:e5ba]) by IMBVW2EXC00 ([10.55.1.51]) with mapi id 14.03.0319.002; Wed, 2 Nov 2016 11:33:31 +0100
From: "Kraus Achim (INST/ESY1)" <Achim.Kraus@bosch-si.com>
To: "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] Question reg. draft-fossati-tls-iot-optimizations-00
Thread-Index: AQHSNOxftrDwnBm7nkS6PSjsWoQnz6DFc/4w
Date: Wed, 02 Nov 2016 10:33:31 +0000
Message-ID: <BC36447FF5C62E46BEF3F124D3C1E8925E1F5F6B@imbpw2exd01.bosch-si.com>
References: <D43F60A9.74AFB%thomas.fossati@alcatel-lucent.com>
In-Reply-To: <D43F60A9.74AFB%thomas.fossati@alcatel-lucent.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.55.144.83]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1679-8.0.0.1202-22672.006
X-TMASE-MatchedRID: rR9SQp8n2dyI0KPyMNrNUmiYls8x2M90g99C97sXB8BaW2Ktn+I8/gJi /2DIfq9Rez/EUh3QCyHHpZuZ3IYNvWFqPXSLpNdAQr2qXCJMSV9xueIW2fKuyBmdszUMJB8N7x9 p3gUCtau38hZSe5R4COIj5FCNOlGGMH15eekLeUjdVIk47x+oozuKSkmuy7/oseONmEIl6cJA4P VjVK5/Im+Zvj88gdTZddp9twAzPQfqdbO3BmJfQS97pb4g5HCtINC+F8tjh5Vb6PBUqmq+UgSZ5 qOGnBM5gct++BEaTInQ8BdF0tIzbAMWCgdCzp+adXz3l78F3Yk4WsSNiH/UXv5PMwphTQFKwrdU duPQbycjaqRm+lkbK0cl4K/01QBtTEZzxMifA6DWmh5xCo4mMCnGh6cFQ6shY8r/ndGdDsXLsLv Op8aQimL5s4ubXppG1OPX3xI6D8eRQnbVeiX91pGtJGqXJFNbGa8+8BBl2GZ9oMm9FgNHpPILKG vXWj5AjzgVoOjNndxbliWSnph9PlBG6pbcJ33UW3dczJ1Roxdwd1KoPLMiFO2bjZi+EXNnmtHuQ hKV0oOPvD59Vg5864k314wYp692CPZ3/cnGpCT6VYPrdDdperxy3Klthorp8GcWhSV/q9Vw7RHq jDtHrGW2u0246gKRy++vVUcR0QpPl4fYsHrovya1MaKuob8PC/ExpXrHizzgl5c3SmXK4vRWeCs wuZrgV+lCDzhvoi3QXnWb4yS/fd+v/jwN8PyKuZH4LSX2+NUbTlrvbfDnJ8A5YKm8dwM6WB1CTk tboe5V0zXF6woEeWfBx9sBf6lQxnBNS7lXiZeeAiCmPx4NwGNn8XPiALIb+gD2vYtOFhgqtq5d3 cxkNQP90fJP9eHt
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/2_Rtm5TYB_YTqNd0F413CwsABb0>
Subject: Re: [core] Question reg. draft-fossati-tls-iot-optimizations-00
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 10:33:09 -0000

Hi Thomas,

thanks for your answer. 
Though draft-fossati-tls-iot-optimizations-00 was published in the tls wg, I posted my question there.

Currently I'm simply not sure, if I understood the approach right, but according your answer, 
I guess Stephen (Farrell) may be the right person, to give an answer.

With my understanding (see mail in tls, https://www.ietf.org/mail-archive/web/tls/current/msg21737.html),

I see following issues with the hash chain:
The scaling/performance depends on the "hash chain window" used to related the record to the dtls connection.
As larger the window, the more I'm in doubt, if that scales.
The robustness for clients, when we lose more packets then we assume in the window.
As smaller the window, the more I'm in doubt, if it's robust enough.

There may be an escape using the "record sequence number" in a more sophistic way
(e.g. using H(record.sequence_numer | connection_id) would help to skip faster over 
lost messages, but still with a large number of clients/connections, I don't see how this
scales). But right now I guess, we need more guidance, how it was intended.

Therefore I could think also of an alternative solution with an "connection id ticket" system.
The DTLS server sends after the handshake a ticket with the "encrypted connection id".
The DTLS client decrypts that ticket into the connection id and, if the client later  
didn't receive a message for a certain period of time (e.g. 20s), it adds that connection id to
the records until it receives a new ticket (encrypted new connection id) .
When the client receives a new ticket, then it could send the messages again without the 
connection id until it doesn't receive messages for the certain period of time, after which
the new ticket is used.
The DTLS server only accepts records with that "decrypted" connection id, if the MAC check is passed.
It the adjusts the address/port and emits a new ticket. If the DTLS server receives "invalid" 
(or no longer valid) connection ids, it uses the current address/port mapping to check the MAC and ignores
the message, when the check fails. 
The advantage of that would be, that "high frequent" traffic doesn't require such a connection id,
so it would just be used for "rarely" communicating client periods. Indicate with an extension, it would
leave the current DTLS implementation unchanged as long as they are proper working right now and
just offer an extension to those, wo would require it because of either to frequent address changes or
to limited bandwidth (for dtls resumes/handshakes).
And the server only needs those tickets, if the client and the server agrees on using them.

Mit freundlichen Grüßen / Best regards

Achim Kraus

Bosch Software Innovations GmbH
Communications (INST/ESY1)
Stuttgarter Straße 130
71332 Waiblingen
GERMANY
www.bosch-si.de
www.blog.bosch-si.com 

Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB 148411 B
Executives: Dr.-Ing. Rainer Kallenbach; Michael Hahn



-----Ursprüngliche Nachricht-----
Von: core [mailto:core-bounces@ietf.org] Im Auftrag von Fossati, Thomas (Nokia - GB)
Gesendet: Mittwoch, 2. November 2016 10:35
An: Hudalla Kai (INST/ESY1) <Kai.Hudalla@bosch-si.com>; core@ietf.org
Betreff: Re: [core] Question reg. draft-fossati-tls-iot-optimizations-00

Hi Kai, Achim (sorry for the late reply, I wasn't looking at the TLS list).

IIRC the idea came from Stephen (Farrell) in an attempt to add privacy-preserving properties to the (potentially) long term identifier.

It's clearly a strawman and I'm happy to discuss its merits (in particular the fact that when NAT rebinding happens without the client knowing it in advance, the privacy of this is already gone) and impact in the IoT space (in term of state that is kept on server side if handling multiple connections at a time).

However, whatever the mechanism we come up with, I think privacy preservation should be a goal, or at least something that is taken as a first class criterion for selection.

Cheers, t


On 02/11/2016 07:29, "core on behalf of Hudalla Kai (INST/ESY1)"
<core-bounces@ietf.org on behalf of Kai.Hudalla@bosch-si.com> wrote:
>Hi list,
>
>I have attended last week's meeting of the T2T RG in Ludwigsburg where 
>we had a vivid discussion around the problems of DTLS on mobile and 
>other NATed networks where the device's IP address and/or port are 
>expected to change once in a while.
>
>We quickly came to the conclusion that the CoAP spec will need to be 
>changed in a way that removes the transport's addressing information 
>from the Request/Response matching criteria when using DTLS.
>
>However, what alternative mechanism could be used instead?
>
>Section 4.2 of draft-fossati-tls-iot-optimizations-00 proposes to use a 
>connection ID as part of the DTLS record structure. While I understand 
>the usefulness of using a "long term identifier" for associating the 
>session with the client, I do not really understand, how a "hash chain" 
>could be put to use in this context to provide an improved level of 
>privacy.
>
>Could someone (of the authors) comment on that?
> 
>--
>Mit freundlichen Grüßen / Best regards
>
>Kai Hudalla
>Chief Software Architect
>
>Bosch Software Innovations GmbH
>Schöneberger Ufer 89-91
>10785 Berlin
>GERMANY
>www.bosch-si.com
>
>Registered office: Berlin, Register court: Amtsgericht Charlottenburg, 
>HRB 148411 B;
>Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn 
>_______________________________________________
>core mailing list
>core@ietf.org
>https://www.ietf.org/mailman/listinfo/core

_______________________________________________
core mailing list
core@ietf.org
https://www.ietf.org/mailman/listinfo/core

v2.23.0 | Report a Bug | By Email