IETF Logo Mail Archive

Re: [Dtls-iot] Secure Time (again)

Michael StJohns <msj@nthpermutation.com> Tue, 11 August 2015 14:58 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 406D31A905D for <dtls-iot@ietfa.amsl.com>; Tue, 11 Aug 2015 07:58:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.299
X-Spam-Level:
X-Spam-Status: No, score=-0.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MANGLED_MEN=2.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jEGCRNrJKnMb for <dtls-iot@ietfa.amsl.com>; Tue, 11 Aug 2015 07:58:22 -0700 (PDT)
Received: from mail-qg0-f47.google.com (mail-qg0-f47.google.com [209.85.192.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8C241A9029 for <dtls-iot@ietf.org>; Tue, 11 Aug 2015 07:58:22 -0700 (PDT)
Received: by qgeg42 with SMTP id g42so104741797qge.1 for <dtls-iot@ietf.org>; Tue, 11 Aug 2015 07:58:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-type; bh=vFdjE6IRbM13mnUaR9cWFVzJX06msMHXHmtSF9nC2Ro=; b=dBn2ojH7kxasI1yA9ZK0N/C/Q7ntKP598x3VMgWwnsloxOS6zl72LngAA0vaLhXWc/ K4NkEJl7Qmk0aTv20MlUibzPkM6bHCIiDeMQPKxgY2sILolJuhcK0Nk2kAN93Kh4EbQ8 y0smlsm0ma2FvEvMGQjUVezP2zg1igTWmk0uAoEzrCSTcEsZTStBFnUf1JIN7iXiyLWc 6DbBB8TbvXcngQIdwI+LiUCQzns+us+KBUqTQsuP2heAsIP/YYtnm/WyCjFkPde5EyHp iy8xuwcbaA62KEo9Fejk/EU657JxBlN1gDvSCjJ5KCGIE77OB7BBtnRE15DFk+FGDB+G Z74w==
X-Gm-Message-State: ALoCoQn9onbv+/861xJ0dk/EPeMjp7B6kAYVWPDTMW97t7Gx+SoOddmfkSwqjrNC6QOmerELeHfX
X-Received: by 10.140.239.84 with SMTP id k81mr51884950qhc.66.1439305101959; Tue, 11 Aug 2015 07:58:21 -0700 (PDT)
Received: from ?IPv6:2601:148:c000:1bb4:25a8:b49c:958b:8d09? ([2601:148:c000:1bb4:25a8:b49c:958b:8d09]) by smtp.gmail.com with ESMTPSA id s91sm1295333qge.44.2015.08.11.07.58.21 for <dtls-iot@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Aug 2015 07:58:21 -0700 (PDT)
To: dtls-iot@ietf.org
References: <55C4D1CE.6010802@gmx.net> <55C79A90.5070900@nthpermutation.com> <55C9CFB4.5070702@gmx.net> <CABcZeBPfV9fmu_67sT0ewf+dRy5Ww4_nZUeQyhBQ9+RsHb_g2g@mail.gmail.com> <55CA0692.9000509@gmx.net> <55CA0837.5050008@nthpermutation.com> <55CA0A5C.1020304@sics.se> <55CA0AAB.8070808@gmx.net>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <55CA0D93.5020209@nthpermutation.com>
Date: Tue, 11 Aug 2015 10:58:27 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1
MIME-Version: 1.0
In-Reply-To: <55CA0AAB.8070808@gmx.net>
Content-Type: multipart/alternative; boundary="------------000206070206020800090105"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dtls-iot/U7kmRO-lSDworDPbRQoFZ0ka6h8>
Subject: Re: [Dtls-iot] Secure Time (again)
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 14:58:24 -0000

On 8/11/2015 10:46 AM, Hannes Tschofenig wrote:
> A possible alternative is to do it like the Kerberos folks did it,
> namely by adding it to the key distribution mechanism (which would then
> be ACE).

TANSTAFFL - there ain't no such thing as a free lunch.

I don't believe that "secure" time is possible without persistent time 
and that's difficult to do for cheap battery operated IOT nodes (or so 
I've been told).  The best you can do is generally "tell me N times" 
similar to NTP and hope you're part of the mesh hasn't been captured by 
bad data.

There's also the tradeoff between precision and accuracy that needs to 
be considered.  IOT nodes with cheap clock circuitry will drift. If you 
want millisecond precision and 1 part per billion accuracy you're going 
to be disappointed (note that I didn't do the math - I may have meant 
1PPTrillion or 1PPMillion).

Then there's the whole latency thing - you might get a signed time 
object from Kerberos, but that object may have been sent a week ago.  If 
you have no persistent time and you're just coming up..... welcome to 
last week.

I think any system on the mesh is going to require something like NTPs 
tell me N times to work.  I don't think that NTP is a drop in fix though.

Time is not a simple thing.  Secure time is frankly arcane and not meant 
for mere mortals to delve into.  :-)

I'm wondering if it might not be a bad idea to invite Dave Mills to come 
to an IETF to do a presentation on secure mesh time and give us his 
thoughts.

Mike


>
>
> On 08/11/2015 04:44 PM, Ludwig Seitz wrote:
>> If falling back to NTP means additional traffic (which I strongly
>> suspect) this is not a god thing in the IoT world. The attraction of
>> using DTLS/TLS is that you can piggyback the information in the
>> handshake (that you have to do anyways).
>>
>> So is there an alternative? Could we use RFC4680?
>
>
> _______________________________________________
> dtls-iot mailing list
> dtls-iot@ietf.org
> https://www.ietf.org/mailman/listinfo/dtls-iot

v2.23.0 | Report a Bug | By Email