IETF Logo Mail Archive

[Lake] LAKE background

Göran Selander <goran.selander@ericsson.com> Wed, 17 July 2019 13:50 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19417120407 for <lake@ietfa.amsl.com>; Wed, 17 Jul 2019 06:50:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJCRjx0o0Z5D for <lake@ietfa.amsl.com>; Wed, 17 Jul 2019 06:50:11 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00050.outbound.protection.outlook.com [40.107.0.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 272C512040A for <lake@ietf.org>; Wed, 17 Jul 2019 06:50:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nARRxjnO+XfFr2NmI647LmwT/PQUujtlXVObUMjIPZcrxyZXBhdPi8iN72RjcZCFUdeFSydnaLTP090bQ5LwI1FHcKNPUmQP+SNpbtV8VzyrhFgYusHg/dzM8KiwFQ5xFVhGzC/YPhfR+5TcHkuF28d3W519vFlM8xNWO12knzVl44c1hq8bfoWtf0HLZwKF5CtGaQ2wX92T03Q7hdKyROmNNj5xYe/mC6+CH+b8Y5GcpE8yMI3CEfwtLeMniRcbL9UfiOEq/mnR/mWAd4QUgPCL3IFrPVTS6VX3hlo+Hyndv3ctpi1dcWEhBIvYuIZY7x9P7sthBLIGqsthrdZDsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+izlIUXQlYqELGOXI0U4GEmQj5tqIubm5J2uhvEvlaw=; b=JmRSMZZ+ICTjyD3xnfrxVHAUUUWoRFggfAifwAXSS/nSN11cqXNknNCKm9wlH0kNufPpGNQyRvlFWT2HRDiLvJ2+/c+y0aoSGaoPsGu61aWmtUvpKVhc34ztheZBVxIBSxiPntOSLte/KuUab4DR6ITyZyVoRXhx1CelYKcz4AxbtaS3BNC3Hc5seIsLL/p6gNU2mky9/isCYaxHoxG9hFlqFM3N2nVxT7zMpbUiy2NPeKGJPkvJhdV70Ef9qSVioq/IMpoj5xdS3gLq1JOfxD5989O2bohj+rCH4JO35aEFy+rxAtZTWqKQ4JvG8c58+yVaS/zRLXVA9sBqc5yNaw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=ericsson.com;dmarc=pass action=none header.from=ericsson.com;dkim=pass header.d=ericsson.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+izlIUXQlYqELGOXI0U4GEmQj5tqIubm5J2uhvEvlaw=; b=IZjozoWVfzpMcoCF07Gn/E+1o/R0OWkiCxGUiLsMKVFnftlIbDNieFsm2wYyrUt32UDSUDGSo/bYoe3BFDCrypLeY15kc+x/kNeGZujTqNM0pRBT2YHUH4nZh59KtXQp9HNuwifVt2PPUDxEbYs08j1ZWmE8dhcBLfX3bbHBCWY=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB4425.eurprd07.prod.outlook.com (20.176.167.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.7; Wed, 17 Jul 2019 13:50:08 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::cca7:a4d8:9ffe:c62d]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::cca7:a4d8:9ffe:c62d%6]) with mapi id 15.20.2094.009; Wed, 17 Jul 2019 13:50:08 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: LAKE background
Thread-Index: AQHVPKaLUzu6P1u+7Uig2fMo1SHOUA==
Date: Wed, 17 Jul 2019 13:50:08 +0000
Message-ID: <49100BDA-7693-4BD4-844C-B673E870EB3A@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1a.0.190609
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [213.89.213.86]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 67a0c89e-db77-4a78-95e1-08d70abdae6a
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:HE1PR07MB4425;
x-ms-traffictypediagnostic: HE1PR07MB4425:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <HE1PR07MB4425C3F299FF0E9DBF820F49F4C90@HE1PR07MB4425.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01018CB5B3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(136003)(376002)(366004)(39860400002)(189003)(199004)(64756008)(66946007)(53936002)(2906002)(7116003)(221733001)(66446008)(3846002)(6116002)(66476007)(66556008)(71200400001)(256004)(66066001)(2351001)(26005)(6916009)(186003)(76116006)(14444005)(14454004)(1730700003)(8936002)(81156014)(6306002)(86362001)(7736002)(8676002)(6506007)(305945005)(66574012)(5640700003)(2616005)(58126008)(6486002)(6512007)(81166006)(316002)(478600001)(476003)(3480700005)(99286004)(5660300002)(6436002)(25786009)(102836004)(33656002)(2501003)(486006)(68736007)(85202003)(71190400001)(966005)(85182001)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB4425; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: YyylO5i3z0VGy2MjSnaZ0Z9zsnCieygZm+4yNXxbwvp7wVrS2EUiVQAVRn02IBwK5ckzTupWqLOMYNiRyq1FVQH+x9a5lyE08rSDAXCAtcTBERf0nPe5jwRCwlce9h+nLKMw0O7Ca5T4luXeQBv0hT9MeO3K7WTW5+9/AWlJvvNYsV24JDMxYnLWOIF2g1M8xMHVht+7hXux15cIZiDDJFV23ZZjxVLp/DWruQeUDOkad/AZyXvAGfCIOXfqPiQRTDy02lK2ghsGRMKftuJZW9mUATJOok2E53pn3D1Ab+z7TL1wt5KkjfiGWGRTWhYzwmI/n2oEh3ML6VrtbNQR1ItXKO3bpDWKZAWyQFUd20LCClGHGhuUglGbL0qbuu1++ptVfYS/qE7IJK7zTl202nOZXDdI+b9CW8D668ff7Ok=
Content-Type: text/plain; charset="utf-8"
Content-ID: <341AAA2133A95D408C5F4CC1ED478B74@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 67a0c89e-db77-4a78-95e1-08d70abdae6a
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2019 13:50:08.5283 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: goran.selander@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4425
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/vb--vBX4x242h4Ijz3w6fNBpIQM>
Subject: [Lake] LAKE background
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 13:50:14 -0000

As maybe not all people on the list are aware of the pre-history, I've compiled a small LAKE background in preparation for the BoF, complementing the information on the BoF Wiki [1]. If you have any questions, please use the mailing list so we can save time at the BoF.


1. LAKE is about specifying a lightweight authenticated key exchange protocol for OSCORE (RFC 8613).

The requirements are based on the conditions for deploying OSCORE in constrained environments (see 5. below). 


2. LAKE is not about designing a new AKE.

LAKE is about assessing which existing protocols comply with the requirements, and select one.

One key characteristic for comparing the performance of the protocol in constrained environments is protocol messages sizes. In order to make a fair comparison, all candidate proposals fulfilling the LAKE requirements need to use common assumptions (see Section 2 of [2]) when presenting message sizes (see Figure 5 of [2]). At least message sizes for PSK ECDHE and RPK ECHDE are needed for comparison.


3. A lightweight authenticated key exchange protocol for OSCORE is not a new subject in the IETF.

   * On the agenda for ACE WG F2F meetings at IETF 96, 97, 98, 99, 101, 102 and 103
   * Extensively discussed on SecDispatch mailing list Jan-June 2019, dedicated virtual interim March 5

If you have an active interest in this subject, please read up! The SecDispatch mailing list archive [3] contains answers to basic questions and pointers to the virtual interim material.


4. It is urgent to conclude on this issue.

   * There is no standard for deploying OSCORE with forward secrecy.
   * Dependent specifications have been stalled for a long time.


5. Summary of requirements.

The requirements for LAKE are summarized in Section 3 of [4]. To support the SecDispatch process, benchmarks were provided by people working with the relevant constrained network technologies where OSCORE will to be deployed: 6TiSCH, LoRaWAN and NB-IoT. One simple benchmark is the LoRaWAN 51 bytes packet size, see section 2.4.1. of [4].


Göran

[1] https://trac.tools.ietf.org/bof/trac/#LAKE
[2] https://tools.ietf.org/html/draft-ietf-lwig-security-protocol-comparison-03
[3] https://mailarchive.ietf.org/arch/browse/secdispatch/
[4] https://tools.ietf.org/html/draft-selander-lake-reqs-01

v2.23.0 | Report a Bug | By Email