[secdir] Answer to: review draft-ietf-lpwan-coap-static-context-hc-12
Ana Minaburo <ana@ackl.io> Fri, 03 July 2020 07:54 UTC
Return-Path: <ana@ackl.io>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AACBA3A011B for <secdir@ietfa.amsl.com>; Fri, 3 Jul 2020 00:54:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ackl-io.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ea9nXHsdL5Ow for <secdir@ietfa.amsl.com>; Fri, 3 Jul 2020 00:54:28 -0700 (PDT)
Received: from mail-il1-x136.google.com (mail-il1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E35B3A03F3 for <secdir@ietf.org>; Fri, 3 Jul 2020 00:54:28 -0700 (PDT)
Received: by mail-il1-x136.google.com with SMTP id t18so6621427ilh.2 for <secdir@ietf.org>; Fri, 03 Jul 2020 00:54:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ackl-io.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=sv7hnYnwgbPwX9DjrRJqUQiLFILD0LuYhZRIf58QD7U=; b=0zXBYctNLbncjM0txMsay9qg9OamEQt6bwaMaM4JgVvEX/JxLP+UCADSgNXAiKinOs g2ALqPH0DzWXtg2pkYKZGjmw2gsp+lMILos2nGqPx/SYIwdtMP5FYcY5GETeCNSJcdTt wXKO1RZA+XT/GrRjRjHbWq2Hob3TwRujIlCkuMvyQ4djSESjUE0ioum0O2K8Klm42pXH Sijpqq9vKZuuo+c4pH9vaGafbifEJ6e2xifVeUUSre898/yUh6vN2HoLnwKFefAp2dvq OBLlSiHuclD7ONGNo3cqWNMTlBuE9fLPB3h2iFXLIapRHXiE/stT4sIUXqJOZzEMwPwY 0H+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=sv7hnYnwgbPwX9DjrRJqUQiLFILD0LuYhZRIf58QD7U=; b=MkSP/7uvezmWjuTBsPjT7zAgAqmSZnB+9UGJVq/cn4ku+5kXtmsU836AybFf6COMVL AbucYz5aUU3w5oPPRBpB43s1mnJu4EGO4mBHQoK0NjYdSLQHpiF+ocFx1tD6ESkZnExL 99op3wghH2LCTReG5x/3PGhIAY638PELm98wi+f0HJm2pXTM5oZrMRGKY02y8IP2Pv+a GGuFrB0WwcSIg7q+RFMtoFiih/u2prq+IX+YMUV4R/31B3AcY5lTrcWK/kn6bEe6of8R rBIWBKqyS+p1J2QXRzgP5joC8Nn9gF7OHlSgN0o5sW4+nudIenvKQZ3CWS9ZhewL+p1g L1Lw==
X-Gm-Message-State: AOAM530cttnlDCKJ/PYeLBkPHbD1EJ582ITAikyoT+7ZJ9VPG6zROkDx 01dANITdEXvlcm+UASWkeox8jyu3Rct5OQj3/C88kg==
X-Google-Smtp-Source: ABdhPJxht1ve9t0FRgpWlRZOz1P7Fh6m9vxnJ2WARicW8tWQWzIX7gsb6S7ink+fRuiOzuwfzI0/eCXHVbt5Dnt/3Vk=
X-Received: by 2002:a92:9f4b:: with SMTP id u72mr10505810ili.200.1593762867231; Fri, 03 Jul 2020 00:54:27 -0700 (PDT)
MIME-Version: 1.0
References: <CAOPRf-c_Vn8hDPK7w9f4Ft2PLa2GDq0q0D4XiASNAm_76N-zRw@mail.gmail.com> <CAOPRf-e8RJt+Z9DVd9f_eCf7511+TfXGNqDrukSzX+5fwJ_p5Q@mail.gmail.com>
In-Reply-To: <CAOPRf-e8RJt+Z9DVd9f_eCf7511+TfXGNqDrukSzX+5fwJ_p5Q@mail.gmail.com>
From: Ana Minaburo <ana@ackl.io>
Date: Fri, 03 Jul 2020 09:54:01 +0200
Message-ID: <CAAbr+nSUs4V86GwrEoLV6Vu5UL9=CmxaixHPkRfbETie5PjCgA@mail.gmail.com>
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>, lp-wan <lp-wan@ietf.org>, secdir@ietf.org, last-call@ietf.org, draft-ietf-lpwan-coap-static-context-hc.all@ietf.org, Benjamin Kaduk <kaduk@mit.edu>, Paul Wouters <paul@nohats.ca>, Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ed9e105a984d5fa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/EZGn11U6QUX6rqXAfNliX23vQ9Q>
Subject: [secdir] Answer to: review draft-ietf-lpwan-coap-static-context-hc-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jul 2020 07:54:31 -0000
Dear all,
Thanks for reviewing our draft, we have been working the Security Section.
This new version reflects the fact that SCHC CoAP compression may not be
managed by the same entity as the IP/UDP compression.
We have published the version -14 with this new text:
Security considerations
*When applied to LPWAN, the Security Considerations of SCHC header
compression RFC8724 are valid for SCHC CoAP header compression. When CoAP
uses OSCORE, the security considerations defined in RFC8613 does not change
when SCHC header compression is applied.*
The definition of SCHC over CoAP header fields permits the compression of
header information only. The SCHC header compression itself does not
increase or reduce the level of security in the communication. When the
connection does not use any security protocol as OSCORE, DTLS, or other, it
is highly necessary to use a layer two security.
DoS attacks are possible if an intruder can introduce a compressed SCHC
corrupted packet onto the link and cause a compression efficiency
reduction. However, an intruder having the ability to add corrupted packets
at the link layer raises additional security issues than those related to
the use of header compression.
SCHC compression returns variable-length Residues for some CoAP fields. In
the compressed header, the length sent is not the original header field
length but the length of the Residue. So if a corrupted packet comes to the
decompressor with a longer or shorter length than the one in the original
header, SCHC decompression will detect an error and drops the packet.
*OSCORE compression is also based on the same compression method described
in {{rfc8724}}. The size of the Initialisation Vector (IV) residue must be
considered carefully. A residue size obtained with LSB CDA over the IV has
an impact on the compression efficiency and the frequency the device will
renew its key. This operation requires several exchanges and is
energy-consuming.*
SCHC header and compression Rules MUST remain tightly coupled. Otherwise,
an encrypted residue may be decompressed differently by the receiver. To
avoid this situation, if the Rule is modified in one location, the OSCORE
keys MUST be re-established.
----
Regards
Ana, Laurent & Ricardo
- [secdir] Answer to: review draft-ietf-lpwan-coap-… Ana Minaburo