Re: [Lwip] Iotdir early review of draft-ietf-lwig-crypto-sensors-04
Mohit Sethi <mohit.m.sethi@ericsson.com> Mon, 25 December 2017 17:46 UTC
Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1363126C2F; Mon, 25 Dec 2017 09:46:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GhIiuEdciTNT; Mon, 25 Dec 2017 09:46:16 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0A8F126C25; Mon, 25 Dec 2017 09:46:15 -0800 (PST)
X-AuditID: c1b4fb25-473ff7000000341b-d3-5a413964a68d
Received: from ESESSHC020.ericsson.se (Unknown_Domain [153.88.183.78]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 4A.FF.13339.469314A5; Mon, 25 Dec 2017 18:46:12 +0100 (CET)
Received: from nomadiclab.fi.eu.ericsson.se (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.80) with Microsoft SMTP Server id 14.3.352.0; Mon, 25 Dec 2017 18:46:11 +0100
Received: from nomadiclab.fi.eu.ericsson.se (localhost [127.0.0.1]) by nomadiclab.fi.eu.ericsson.se (Postfix) with ESMTP id D17D053690; Mon, 25 Dec 2017 19:49:33 +0200 (EET)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by nomadiclab.fi.eu.ericsson.se (Postfix) with ESMTP id EF5DC4E97E; Mon, 25 Dec 2017 19:49:32 +0200 (EET)
To: Samita Chakrabarti <samitac.ietf@gmail.com>
CC: lwip@ietf.org, draft-ietf-lwig-crypto-sensors.all@ietf.org
References: <150996104393.8207.2811572203550087788@ietfa.amsl.com>
From: Mohit Sethi <mohit.m.sethi@ericsson.com>
Message-ID: <9ef25087-dbf0-9f3b-31bb-1fb1cf965905@ericsson.com>
Date: Mon, 25 Dec 2017 19:46:10 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <150996104393.8207.2811572203550087788@ietfa.amsl.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030909050000010800060608"
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrBIsWRmVeSWpSXmKPExsUyM2K7n26KpWOUwdGdBhYXb35gsZi3T9ji +o8fzA7MHjtn3WX3WLLkJ1MAUxSXTUpqTmZZapG+XQJXxpbXzxgL/sRWTDr8irWBsS+ki5GT Q0LAROLIw//sXYxcHEIChxklVi9byQrh7GCUmLXvGJSzkVFi7bK3UGULGCVmz1/DCNIvLOAq cfZuMzOILSKgL9H+7zIbiM0s4CQx43YjSxcjB1CDk8T/JnmQMJuAnkTnueNg5bwC9hLf73SA 2SwCqhIPtn1lArFFBSIkmmbOZYWoEZQ4OfMJC4jNKeAs8ejBL7AbmAW6GSXObTjMAvGDmsTV c5vABgkJqEts7TjAOIFRaBaS/lnIemaB3WcmMW/zQ2YIW1ti2cLXULa4xK0n85kgbGuJGb8O skHYihJTuh+yQ9imEq+PfmSEsI0llq37y7aAkXMVo2hxanFSbrqRsV5qUWZycXF+nl5easkm RmCcHdzyW3UH4+U3jocYBTgYlXh4v+k4RgmxJpYVV+YeYlQBmvNow+oLjFIsefl5qUoivM7T HKKEeFMSK6tSi/Lji0pzUosPMUpzsCiJ85705I0SEkhPLEnNTk0tSC2CyTJxcEo1MHbIh39N 8zy7eW9zqSWrgKif3NeFchckWU2r8o5FcMaanP1ZnWpvfoy1iNm7hKVDuXmJko8W694fF4Rv 5KdPrNkiHV8XGFOzgXdOfzmjxJmCBIlEKU6Gqr2sYTlTf257EVz3/HxqWVR28dFlccppd7P/ 2Fer6G1RUIi2lWuybmSrdDe456fEUpyRaKjFXFScCAACXJ46uwIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/G5o41wqvhLwPOJx4MvEc5AGTnGU>
Subject: Re: [Lwip] Iotdir early review of draft-ietf-lwig-crypto-sensors-04
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Lightweight IP stack <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Dec 2017 17:46:19 -0000
Dear Samita, Thanks for the detailed review and positive comments. We have now submitted an updated version which can be found here: https://tools.ietf.org/html/draft-ietf-lwig-crypto-sensors-05. The diff from the previous version can be found here: https://www.ietf.org/rfcdiff?url2=draft-ietf-lwig-crypto-sensors-05. Please find our responses to your specific comments inline. Let us know if the modifications are not sufficient. --Mohit On 11/06/2017 11:37 AM, Samita Chakrabarti wrote: > Reviewer: Samita Chakrabarti > Review result: Ready with Nits > > I have reviewed draft-ietf-lwig-crypto-sensors-04 document for IOT-Directorate > review. The following are my comments: > > General : The document is easy reading and informative about current and > previous work. It is ready to publish with minor changes based on review > comments. > > Other comments: > Introduction: > It might be useful to discuss/clarify that multi-level security may be > important for IOT devices all the way from 'bootstrapping and management' to > application security. That perhaps can include obtaining IP-addresses > securely, mutual authentication between server and devices , etc. ( see > https://tools.ietf.org/html/draft-ietf-6lo-ap-nd-03) in those cases where each > device has an IP address. You rightly point out that security is important at all the different stages in the lifecycle of an IoT device. The Thing-to-thing Research Group (T2TRG) has a security considerations document (https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons-09) that discusses the different stages in the lifecycle and reviews the possible security threats. We reference this document in the related work section. We have modified the text to better highlight this. > > Section 2: > Regarding problems of provisioning and management of networks for the IOT > devices there may be additional issues – 1) different types of IOT devices and > the lack of standards way to provision them as they might be talking different > RF technologies and running L2 protocols only. 2) The iot nodes may be moving > individually or collectively and change networks; identifying the movement of > the iot nodes or identifying a particular node at any point of time uniquely > requires an intrinsic identification which might be useful to set during > bootstrapping of the node > > Regarding related work – does it consider IETF IOT security work only? There > have been some work and thought process going on regarding blockchain IOT > security in the industry. Perhaps that is out-of-scope of this document, but I > wanted to mention for authors’ considerations. > > > Section 5: > Authors of the document may also want to browse a SRAM PUF based technology > which provides unique ID based authentication mechanism. > https://www.intrinsic-id.com/intrinsic-id-joins-wi-sun-alliance/ Our focus in this document is mostly on IETF IoT security work. You correctly pointed out that there are many L2 protocols and they might use different provisioning methods.This can be challenge. Therefore we have added a new bullet in section 3. I provide the relevant text here for your convenience: "Smart object networks may rely on different radio technologies. Provisioning methods that rely on specific link-layer features may not work with other radio technologies in a heterogeneous network.". Identifying nodes or networks as they move can be seen as a requirement or an invasion of privacy, depending on the application scenario. Based on security directorate feedback on privacy of identifiers from Christian Huitema, we added this text: "small resource-constrained devices are often shipped with a single static identity. In many cases, it is a single raw public key. These long-term static identities makes it easy to track the devices (and their owners) when they move. The static identities may also allow an attacker to track these devices across ownership changes.". > Section 9: > Does the example simulate any particular deployment model or research > experiments ? It might be good to clarify that. Section 10 and 11: Looks like > section 11 is closely related to section 10. Should they be combined together ? > Else some more text is needed in section 10 on design trade-offs. Section 10, 11, 12, 13, 14 were related but somehow incorrectly placed. This was an xml formatting error on our part. We have now fixed section/subsection order. We do rely on a particular deployment model in our experiments. This is documented in section 4 and 7. I provide the relevant text snippet here for your convenience: "The security of this system relies on an SSH-like approach. In Step 1, upon first boot, sensors generate keys and register themselves in the publish-subscribe broker. Their public key is submitted along with the registration as an attribute in the CORE Link Format data [RFC6690]." > > Section 13: > Does this document recommend one layer of security to IOT devices ? There are > different types of IOT devices – some of them are very tiny and some are more > capable. Some definitely benefit for multi-level security than single layer of > security. L2 security is generally recommended for for all IOT networks. Does > data object protection only protect the application data (payload) or more ? For our experiments, we only protected CoAP application data (payload). > > Thanks for the initiative in documenting the valuable work in IOT security > implementation and crypto comparison. -Samita > >
- [Lwip] Iotdir early review of draft-ietf-lwig-cry… Samita Chakrabarti
- Re: [Lwip] [IoT-DIR] Iotdir early review of draft… Hannes Tschofenig
- Re: [Lwip] [IoT-DIR] Iotdir early review of draft… Samita Chakrabarti
- [Lwip] (on PUFs) Re: [IoT-DIR] Iotdir early revie… Rene Struik
- Re: [Lwip] (on PUFs) Re: [IoT-DIR] Iotdir early r… Hannes Tschofenig
- Re: [Lwip] (on PUFs) Re: [IoT-DIR] Iotdir early r… Rene Struik
- Re: [Lwip] Iotdir early review of draft-ietf-lwig… Mohit Sethi