[COSE] Multicast Use Case
Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 31 August 2015 07:22 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 747451AD0CA for <cose@ietfa.amsl.com>; Mon, 31 Aug 2015 00:22:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, J_CHICKENPOX_42=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nBdwcunLMEdG for <cose@ietfa.amsl.com>; Mon, 31 Aug 2015 00:22:28 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA7991AC39E for <cose@ietf.org>; Mon, 31 Aug 2015 00:22:27 -0700 (PDT)
Received: from [192.168.10.153] ([101.53.7.10]) by mail.gmx.com (mrgmx003) with ESMTPSA (Nemesis) id 0MUoiS-1ZBXy90bvQ-00Y7I2 for <cose@ietf.org>; Mon, 31 Aug 2015 09:22:26 +0200
To: "cose@ietf.org" <cose@ietf.org>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <55E400AC.7090507@gmx.net>
Date: Mon, 31 Aug 2015 09:22:20 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="EaNtEwPW7Fx5DH2R6iVU9vdlQx2jgAqlb"
X-Provags-ID: V03:K0:sJ4QZ61bYZ6a5ZvRvt49STHu/PYvODGfYhUTfL77wFm/sJAoCXB nGlluDRwgrkDOItnPklbj5FaKznxvWb5xlTC1p/7vDS87QpC0s2PoiK3oSTjDQWPFrPJVR0 WOppDK8SBnpTat9esdiQBsruC+xBazBkBr606D+LKQ6+RZLM7cklygWQm0h/NfXPcmiQ+pk q+OMaq7bLvYTvT2Y7KSeA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:0C7poBngssg=:7BgE/eSr+eh1uCI68OXzkx TjWPo26HmKMEyheVJG3um/f3vhCXfx3f1afS2Zo9EUxpwK22AChNdqCeByAdKS3evCwVXRJNC lQec4ZaM3+30aMKfoiHXK3jyNNf364Y0yEdtDacqEcBQ8KLLp1AY/m49f0h5w9XGWsyq7RKeb 7A+/749L0kb8cagD/vam6MJtPC1BKIxYs3UBthBD2lSux0C8pwHuhVG3NdWW9kGsPzEGy86ad 9Tj+N4xSrW9udvqeeiriU+DekoPjv/NehlQ/7s5SeCJdJGly9tvdeQAXX9BrIkB/YKR/PAfuQ xxMhY3muK8JFrUAH+9g2SEwr+CfDW2Z4YTaZDlQxvaH+q31Iy4us2ASyfjZi+THbUgaBmaao9 3SqjDaEDJcHQ27phPHvVANT79nfRH6knBgxB6Q/flDP0SZ39+yUKjhRTAWB3obVxwMMJk07xG mBfHo7ATVqQIS+oH/3A1rhtR+PiVpc7xLARCR/yI7zVdS2zdstZ07LgZgcjl+zCfPtdSlCp+I WUJi88p/3mG0wGxqWyoTp14lT0+207onsAwZsDU9UWW5qg9gmI+HdGiKIglgm+1BKEAAMbxS8 CmXccaRI7hjJjGr50FzJJIl8bo4+MsdNhQmhD+7FQieRSkVGC3B0rWspITeHi9te2skRrgyHK kuoJteXWBPrm9JIgiq5XtkASal/ZGFuLTjY2A5OKHByKpE/2iREE0piwlIC3kDGXPY7GHN5+0 XSUBkU8epLPTkbU64Ilj1RbJTFsVZWEhUPkGRQ==
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/1jSw_fFFfr3rIIU_Pny3j2r0vQw>
Subject: [COSE] Multicast Use Case
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2015 07:22:30 -0000
Hi Jim, Brian, all, I am trying to compare the work on multicast security done by Sandeed & co against an application layer solution using CBOR/COSE. The DTLS multicast includes the following relevant components: - Epoch: 2 Byte - Sender ID: 1 Byte - Sequence Number: 5 Byte The combination of epoch, sender id and sequence number are used as a nonce for the cipher and the use of the sender id ensures that no member of the group accidentally selects values that will cause re-use. The 1 byte sender id is chosen small to reflect the expected size of a group in the professional lighting environment, as explained in the DTLS multicast document. Ciphersuite related information includes: - Encrypted Content (variable length) - MAC (variable length) Content Type, Version and Length are DTLS-specific aspects that cannot be removed without re-design of the record layer. Data based on Figure 4 of http://tools.ietf.org/html/draft-keoh-dice-multicast-security-08.txt. Since there is no sequence number defined in COSE I put the epoch and the sequence number together into the nonce field. Here is the commented version of the COSE message I came up with: [ 2, // Encrypted COSE message { 1: 10, // Algorithm - AES-CCM-16-64-128 5: h'89f52fa' // 7-byte nonce }, h'7b9dcfa42c4e1d3182c402dc18ef8b5637de4fb62cf1dd156ea6e6e0', // encrypted payload. [ [ h'', { 1: -6, // Direct use of CEK 4: h'01' // Key ID - 0x01 }, h'' ] ] ] According to cbor.me the resulting COSE encoding has 59 bytes whereby 28 bytes are purely used for message encryption. This means that there is 31 bytes overhead with COSE compared to 12 bytes [= 8 for Epoch + Sequence Number + Sender ID, 3 bytes for Content Type and Version fields]. Ciao Hannes
- [COSE] Multicast Use Case Hannes Tschofenig
- Re: [COSE] Multicast Use Case Jim Schaad
- Re: [COSE] Multicast Use Case Sandeep Kumar
- Re: [COSE] Multicast Use Case Jim Schaad
- Re: [COSE] Multicast Use Case Kumar, Sandeep
- Re: [COSE] Multicast Use Case Carsten Bormann
- Re: [COSE] Multicast Use Case Stephen Farrell
- Re: [COSE] Multicast Use Case Göran Selander
- Re: [COSE] Multicast Use Case Hannes Tschofenig
- Re: [COSE] Multicast Use Case Hannes Tschofenig
- Re: [COSE] Multicast Use Case Hannes Tschofenig
- Re: [COSE] Multicast Use Case Somaraju Abhinav
- Re: [COSE] Multicast Use Case Jim Schaad