Re: [Lwip] Intdir early review of draft-ietf-lwig-crypto-sensors-04
Zhen Cao <zhencao.ietf@gmail.com> Wed, 17 January 2018 07:56 UTC
Return-Path: <zhencao.ietf@gmail.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEBBA12F4CC; Tue, 16 Jan 2018 23:56:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8vXO2-JA0R0Y; Tue, 16 Jan 2018 23:56:17 -0800 (PST)
Received: from mail-vk0-x234.google.com (mail-vk0-x234.google.com [IPv6:2607:f8b0:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8A86131621; Tue, 16 Jan 2018 23:56:13 -0800 (PST)
Received: by mail-vk0-x234.google.com with SMTP id m197so4689123vka.3; Tue, 16 Jan 2018 23:56:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=DBpebLjdEkyb8kU4zqn8uq4teNMjWSqYBNDuQMVP0FE=; b=teyjwzN8Z92Jzd81pxBI01TNIbLpJ+I6bWKtWb4sxFpe25sknHSkdZLJwzFbFgl/rO kmDE4gQwXLJum4GEBEqbQiTJ5UKCToc6ljlChm5YB7ksc5Wfro+vOv+KI+q87kboeAHA 8YuHB6WiRM10AqAc2u5JvE3MqQa0FGJY2aOxkXEtVvYtk/4KxFHfMlojqVWfgm0m995X UV9aQDP51UnFtlXKY9xefRWDDSkA+64+YJ2FNIWDx0tsZHEoXktUCEkrIdLB5j69a0Vr bcxcSZ9F2YL1u1DWPVDdimU5y5q/cHd4uSjjgxm64mv6EqYlu9xgeY3r8xGhF3XqyR8c N4lA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=DBpebLjdEkyb8kU4zqn8uq4teNMjWSqYBNDuQMVP0FE=; b=kkPgeXxNCJpmovJQWYZ7xI8fVL1LXVTc5zFMx9qWr+wSvvx8DIWJ6W062d/BCVi/jD z+3auRzstt7j9wPLZwDrJtbcL9wvEbJtwLKjW4xlxhwB2BRsVzvhc+S8whe9gUGQPwT1 1v/vTMOEUX2H4kRuaDMMZiRotfCl+7Qp1cJkRI0CaR/97BDSRuF4npjWOZuUYQ6nx5C1 LTPEHjQq7FkdjgNFcuZSfqP1d7sLU5y+DrjLtxK+J04v1P/TCqM4lfCiS8eRAPma5z/j 44pmo/MR4NlaF3EiTW+eEXPfBpC6xAQrKPYX6HwRe1lf5d2dbc6oL3Erxxt0syjjVW7R B2QQ==
X-Gm-Message-State: AKwxytfwXBJzzwFf3l4vLXUqpc/+k2VpW28GnSkYjNyvtOyWJcN4iFU+ PqXS48nwMCVqwUGkh2lS5NT8sYEn4Iwj8hZYrQU=
X-Google-Smtp-Source: ACJfBotfedzSyhDx5Swt4i1xDZ/wSaSFCFVcrAy9mv18MteEX7CHL7ZRbK5VjYa2niD8tOAQTEEYLKCTVI9IQk1m+x0=
X-Received: by 10.31.183.5 with SMTP id h5mr1270959vkf.32.1516175772957; Tue, 16 Jan 2018 23:56:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.176.49.5 with HTTP; Tue, 16 Jan 2018 23:56:12 -0800 (PST)
In-Reply-To: <e5c315d9-2326-7e64-edc0-ba016706ab6c@ericsson.com>
References: <150931458233.3515.10214190547457562395@ietfa.amsl.com> <e5c315d9-2326-7e64-edc0-ba016706ab6c@ericsson.com>
From: Zhen Cao <zhencao.ietf@gmail.com>
Date: Wed, 17 Jan 2018 15:56:12 +0800
Message-ID: <CAFxP68zH6kgk3wq6-UN3kjd8yWj8naFuHZCba0frQPjz6uhpTw@mail.gmail.com>
To: Mohit Sethi <mohit.m.sethi@ericsson.com>
Cc: Tim Chown <tim.chown@jisc.ac.uk>, lwip@ietf.org, draft-ietf-lwig-crypto-sensors.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/4_e2IyZvBRZxbBr9vSUuB05SlwM>
Subject: Re: [Lwip] Intdir early review of draft-ietf-lwig-crypto-sensors-04
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Lightweight IP stack <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jan 2018 07:56:32 -0000
Hi Tim, Thank you again for reviewing this document, and a very happy new year of 2018 :) Could you help review the update according to Mohit's update and see if you have further concerns? so that as shepherd I can see if I can move it further. Many thanks and regards, Zhen On Tue, Dec 26, 2017 at 12:49 AM, Mohit Sethi <mohit.m.sethi@ericsson.com> wrote: > Dear Tim, > > Thanks for the detailed review and positive comments. We have now submitted > an updated version which can be found here: > https://tools.ietf.org/html/draft-ietf-lwig-crypto-sensors-05. The diff from > the previous version can be found here: > https://www.ietf.org/rfcdiff?url2=draft-ietf-lwig-crypto-sensors-05. > > Please find our responses to your specific comments inline. Let us know if > the modifications are not sufficient. > > --Mohit > > On 10/30/2017 12:03 AM, Tim Chown wrote: >> >> Reviewer: Tim Chown >> Review result: Ready >> >> Hi, >> >> This Informational draft describes the challenges in securing >> resource-constrained smart object / IoT devices, documenting the >> associated >> tradeoffs, and discussing the availability of appropriate cryptographic >> libraries for such devices. >> >> I have reviewed this document, and overall find it generally ready for >> publication, though I have some minor nits / comments for consideration >> below; >> these are just suggested changes / improvements, and I would not object >> strongly if all were ignored. >> >> General comments: >> >> The document is very easy and enjoyable to read, and the quality of the >> writing >> is very good. The authors have clear expertise in the field. >> >> It may be worth considering teasing apart the evaluation and the >> architectural >> aspects of the document; these are somewhat interwoven as currently >> written. >> >> Related, there are some rather nice recommendations made throughout the >> document; these could perhaps be summarised either at the start or perhaps >> better the close of the document, e.g. on page 4 regarding selecting the >> hardware after determining the security requirements for a device, and not >> necessarily simply picking the most lightweight algorithm, or on page 7 >> regarding appropriate layers for tasks, or on page 9 regarding elliptic >> curve >> vs RSA, or on page 11 on real deployments using 32-bit microcontrollers, >> or the >> recommendation to the IETF community on page 14, or on planning for >> firmware >> updates on page 16, etc. > > We have now added a summary of important security recommendations from our > implementation experience in section 9. >> >> >> Comments by page: >> >> On page 5, in the first paragraph on provisioning, there is no hint of any >> bootstrap process for identities; this follows later on page 6, but a hint >> here, or just adding "as discussed on page 6 or in section x.y" might be >> nice. >> >> Also on page 5, I'd be interested in seeing some brief text added on the >> "remaining vulnerabilities" that are mentioned near the foot of the page. > > We have added new text here. "leap-of-faith or trust-on-first-use based > pairing methods assume that the attacker is not present during the initial > setup and are vulnerable to eavesdropping or man-in-the-middle (MitM) > attacks." >> >> >> On page 6, is it worth adding a little text on privacy somewhere? We've >> been >> doing some work through Christian Huitema and Daniel Kaiser on anonymous >> device >> pairing in the DNSSD WG, and a similar requirement might be desirable in >> some >> scenarios here? > > Christian had provided detailed feedback on privacy and identifiers. To > address this, we have added new text in section 3 (Challenges), section 4.1 > (Provisioning) and section 8.1 (Feasibility). >> >> >> On page 7, having said earlier you should pick the hardware after >> determining >> requirements, you then decide to pick an Arduino platform and see what you >> can >> manage to run on it. I fully understand why (and I'd be equally curious), >> but >> you should probably clarify the "conflict" further. > > There was missing text here. We have now completed the sentence. "Our choice > of a 8-bit platform may seem surprising since cheaper and more > energy-efficient 32-bit platforms are available. However, our intention was > to evaluate the performance of public-key cryptography on the smallest > platforms available. It is reasonable to expect better performance results > from 32-bit microcontrollers. >> >> >> On page 12, would a little more detail on RNG requirements, esp. for >> devices of >> this type, be worthwhile? > > We have also added a pointer to RFC4086 that provides a detailed discussion > on requirements and best practices for cryptographic-quality randomness. >> >> >> On page 16, you're hardcoding the IP address? Is it not possible to use >> RD? >> We've been comparing that and looking at interoperability with classic >> DNSSD in >> the DNSSD WG. > > The IP address of the resource-directory was hardcoded. The location of the > publish-subscriber broker was then discovered from the resource directory. I > should also add that this was a prototype implementation on a small device. > A real deployment would have used an actual domain name. >> >> >> On page 16, section 10 seems to have no content? Or should sections 11 >> onwards >> be subsections of section 10? > > Section 10, 11, 12, 13, 14 were related but somehow incorrectly placed. This > was an xml formatting error on our part. We have now fixed > section/subsection order. >> >> >> On page 17, at the end of section 11, should there also be some 'spin up' >> costs >> for the radio? > > Added. "in general the power requirements necessary to turn the radio on/off > and sending or receiving messages are far bigger than those needed to > execute cryptographic operations." >> >> >> Best wishes, >> Tim >> >> > >