Re: [core] OSCORE: Questions about Section 5.2

Christian Amsüss <christian@amsuess.com> Thu, 11 October 2018 11:09 UTC

Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF066130E4F for <core@ietfa.amsl.com>; Thu, 11 Oct 2018 04:09:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 58omoEi-TUFo for <core@ietfa.amsl.com>; Thu, 11 Oct 2018 04:09:53 -0700 (PDT)
Received: from prometheus.amsuess.com (alt.prometheus.amsuess.com [IPv6:2a01:4f8:190:3064::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D3D6130DD5 for <core@ietf.org>; Thu, 11 Oct 2018 04:09:52 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by prometheus.amsuess.com (Postfix) with ESMTPS id 1969A41AD8; Thu, 11 Oct 2018 13:09:50 +0200 (CEST)
Received: from poseidon-mailbox.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id C14982A; Thu, 11 Oct 2018 13:09:47 +0200 (CEST)
Received: from hephaistos.amsuess.com (hephaistos.amsuess.com [IPv6:2a02:b18:c13b:8010::71b]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id A3B7A10E; Thu, 11 Oct 2018 13:09:46 +0200 (CEST)
Received: (nullmailer pid 3328 invoked by uid 1000); Thu, 11 Oct 2018 11:09:44 -0000
Date: Thu, 11 Oct 2018 13:09:44 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Jaro Fietz <jaro.fietz@aisec.fraunhofer.de>
Cc: core@ietf.org, martin.striegel@aisec.fraunhofer.de, stefan.hristozov@aisec.fraunhofer.de, jaro.fietz@gmx.de
Message-ID: <20181011110943.GE31858@hephaistos.amsuess.com>
References: <bd95ea38-7425-13d6-a955-1e60a5bd0945@aisec.fraunhofer.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="SWTRyWv/ijrBap1m"
Content-Disposition: inline
In-Reply-To: <bd95ea38-7425-13d6-a955-1e60a5bd0945@aisec.fraunhofer.de>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/iW3gV42ab4quwVsgQchyaZohEBw>
Subject: Re: [core] OSCORE: Questions about Section 5.2
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 11:09:56 -0000

Hello Jaro,

I can answer just a small part of this:

On Thu, Oct 11, 2018 at 11:14:16AM +0200, Jaro Fietz wrote:
> Given [2] and my interpretation, the Sender ID of all relevant nodes
> in a network would have the same length, only different contents.

The expectation is that the shortest (zero-length) ID would be used in
cases wherever that's beneficial, eg. when a constrained device
primarily utilizes one context in which it is addressed as a server. For
the communication partner (which might be an unconstrained device in
such scenarios, and/or rarely addressed as a server), one would pick an
ID that's long enough to tell all that device's incoming messages apart.

> While the (size, id)-pairs (1, [1]) and (2, [0,1]) would
> technically be different sender IDs, I don't know if implementations would
> actually honour that behaviour

They certainly should. Left-trimming zeros off an ID will lead to
surprising results in every 256th situation.

> while aiocoap uses the zero-stripped length of its number
> representation [6].

You briefly had me worried I got it wrong myself -- but the
left-trimming that's happenign is on the sequence numbers, not on the
sender IDs. Sequence numbers need to be represented by the shortest big
endian (but non-zero-length) representation; representing them any
different would break the AAD agreement.

> I'm currently implementing parts of OSCORE in C for a minimal OSCORE server.

Slightly off topic: Would that happen to be a freely licensed
implementation? If so, I know of an embedded operating system project
that would love to hear about this.

Best regards
Christian

-- 
A beginning is the time for taking the most delicate care that the
balances are correct.
  -- Princess Irulan, Manual of Muad'Dib