[Tm-rid] Adam's current extended auth message
Robert Moskowitz <rgm@labs.htt-consult.com> Fri, 27 September 2019 16:37 UTC
Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27E97120A01 for <tm-rid@ietfa.amsl.com>; Fri, 27 Sep 2019 09:37:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sWn2jWhUNt-F for <tm-rid@ietfa.amsl.com>; Fri, 27 Sep 2019 09:37:09 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F22A120A24 for <tm-rid@ietf.org>; Fri, 27 Sep 2019 09:37:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 7887C615FA for <tm-rid@ietf.org>; Fri, 27 Sep 2019 12:37:08 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id cbK8+mSqxBBY for <tm-rid@ietf.org>; Fri, 27 Sep 2019 12:36:51 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 3B00E60029 for <tm-rid@ietf.org>; Fri, 27 Sep 2019 12:36:51 -0400 (EDT)
To: "tm-rid@ietf.org" <tm-rid@ietf.org>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
Message-ID: <1c0487eb-016e-5dbf-deb7-4fb7aeeb53e8@labs.htt-consult.com>
Date: Fri, 27 Sep 2019 12:36:44 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/6aeMZnhEY0l7Tj0JqQtnIZkJoC0>
Subject: [Tm-rid] Adam's current extended auth message
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Trustworthy Multipurpose RemoteID <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 16:37:21 -0000
I am sending this layout that Adam has been working on for people to get some idea of what we have been working on. It needs fixes and details. It uses ECDSA-384 sigs of 96bytes. I will be recommending EdDSA25519 sigs of 64 bytes. What goes into making the message hashes and how are they computed? For the later, i recommend SHAKE128 (or cSHAKE128). There is more, but I am short of time with Rosh Hashana Monday and Tuesday. Here it is: ================================================================= | General Format | ================================================================= Page 0: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------+-------+-------+-------+ | Msg. Header | # Hashes Left | STS-P | ETS-P | H-Alg | H-Len | +---------------+---------------+-------+-------+-------+-------+ | Start Timestamp | End Timestamp | +-------------------------------+-------------------------------+ | Hash of Previous Auth. Message | +---------------------------------------------------------------+ | Hash of Current Auth. Message | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ Msg. Header: (1 byte) Defined by ASTM Remote ID Message protocol. Bits 7-4: AuthType Bits 3-0: Data Page See https://github.com/opendroneid/specs, Message for more details. # Hashes Left: (1 byte) A count of the number of hashes to be found in this Auth message. This does not include the previous or current Auth message hashes. The first page will decrement this by 2 for the next page in the sequence. STS-P, ETS-P: (4 bits), (4 bits) This is a precision value for the Start and End timestamps respectively. See ASTM draft, Figure 3; Timestamp/Speed Accuracy field for details. We are only concered about bits 7-4. H-Alg, H-Len: (4 bits), (4 bits) These are fields for relaying information of the Hash algorithm used for the messages and the Hash length (in octets). For this example of the format a length of 4 bytes is used. Start Timestamp: (2 bytes) Time stamp dictating that messages hashed in this Auth message came after this specified time, but NOT after End Timestamp. See ASTM draft for Timestamp format details. End Timestamp: (2 bytes) Time stamp dictating that messages hashed in this Auth message came before this specified time, but NOT before Start Timestamp. See ASTM draft for Timestamp format details. Hash of Previous Auth. Message: (4 bytes) A hash of the previous send Auth message. Hash of Current Auth. Message: (4 bytes) A hash of the current Auth message. A few notes on this field: a) First during creation and signing of this message format this field MUST be set to 0. So the signature will be based on this field being 0, as well as its own hash. It is an open question of if we compute the hash, then sign or sign then compute. b) There a few different ways to cycle this message. We can "roll up" the hash of 'current' to 'previous' when needed or to completely recompute the hash. This mostly depends on the previous note. Message Hash: (4 bytes) A hash of a previously sent message. =============================================================================== Page 1 to N (N<=11): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | Msg. Header | # Hashes Left | RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ Msg. Header: (1 byte) Defined by ASTM Remote ID Message protocol. Bits 7-4: AuthType Bits 3-0: Data Page See https://github.com/opendroneid/specs, Message for more details. # Hashes Left: (1 byte) A count of the number of hashes to be found left in this Auth message. Every full page of hashes will decrement this by 5 until it reaches 0 (which signals the end of hashes and start of the Auth message signature). If a page has less than 5 hashes then the rest of the page should be padded with zeros. Message Hash: (4 bytes) A hash of a previously sent message. ========================================================================== Page N to K (N<=11 && K<=15): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | Msg. Header | # Hashes Left | RESERVED | +---------------+---------------+-------------------------------+ | Length | Signature Algorithm | +-------------------------------+-------------------------------+ | | | | | | | HIP Signature | | | | | | | +---------------------------------------------------------------+ Msg. Header: (1 byte) Defined by ASTM Remote ID Message protocol. Bits 7-4: AuthType Bits 3-0: Data Page See https://github.com/opendroneid/specs, Message for more details. # Hashes Left: (1 byte) A count of the number of hashes to be found in this Auth message. This does not include the previous or current Auth message hashes. For this page (and all subsequent pages) it SHOULD be 0. Length: (2 bytes) length is octets, excluding Length, and Padding Signature Algoirthm: (2 bytes) Self explanatory. HIP Signature: (96 bytes) Based on ECDSA-384 Signature. If smaller HIT based signature is used then more hashes can fit into the full message format across the 16 pages. With a ECDSA-384 signature a maximum of 64 message hashes can be sent. 23 bytes per page * 16 pages = 368 bytes - 96 bytes for sig = 272 bytes - 8 bytes for timestamps = 264 bytes - 8 bytes for auth message hashs = 256 bytes / 4 bytes per hash = 64 hashes See RFC4754 for detail on ECDSA-384 and RFC7401 on HIPs use of ECDSA for HI/HIT. If the end of the signature does not fill a full page, it WILL be padded with zeros at the end. ============================================================================ Page 0: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------+-------+-------+-------+ | Msg. Header | # Hashes Left | STS-P | ETS-P | H-Alg | H-Len | +---------------+---------------+-------+-------+-------+-------+ | Start Timestamp | End Timestamp | +-------------------------------+-------------------------------+ | Hash of Previous Auth. Message | +---------------------------------------------------------------+ | Hash of Current Auth. Message | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ Page 1 to N (N<=11): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | Msg. Header | # Hashes Left | RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ Page N to K (N<=11 && K<=15): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | Msg. Header | # Hashes Left | RESERVED | +---------------+---------------+-------------------------------+ | Length | Signature Algorithm | +-------------------------------+-------------------------------+ | | | | | | | HIP Signature | | | | | | | +---------------------------------------------------------------+ ============================================================================ DETAILED EXAMPLE OF FULL AUTH MESSAGE FORMAT ================================================================= | AUTH PAGE 0 | ================================================================= 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------+-------+-------+-------+ |0 0 0 1 0 0 0 0|0 0 1 1 0 1 0 0| STS-P | ETS-P | H-Alg |0 1 0 0| +---------------+---------------+-------+-------+-------+-------+ | Start Timestamp | End Timestamp | +-------------------------------+-------------------------------+ | Hash of Previous Auth. Message | +---------------------------------------------------------------+ | Hash of Current Auth. Message | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ ================================================================= | AUTH PAGE 1 | ================================================================= 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ |0 0 0 1 0 0 0 1|0 0 1 1 0 0 1 0| RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ ================================================================= | AUTH PAGE 2 - 9 | ================================================================= 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ |0 0 0 1 0 0 1 0|0 0 0 0 0 1 0 1| RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ |0 0 0 1 1 0 0 1|0 0 0 0 0 1 0 1| RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ ================================================================= | AUTH PAGE 10 | ================================================================= 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ |0 0 0 1 1 0 1 0|0 0 0 0 0 0 0 0| RESERVED | +---------------+---------------+-------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ | Message Hash | +---------------------------------------------------------------+ ================================================================= | AUTH PAGE 11 - 15 (Signature) | ================================================================= 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ |0 0 0 1 1 0 1 1|0 0 0 0 0 0 0 0| RESERVED | +---------------+---------------+-------------------------------+ | Length | Signature Algorithm | +-------------------------------+-------------------------------+ | | | | | | | HIP Signature | | | | | | | +---------------------------------------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+-----------------------------------------------+ |0 0 0 1 1 1 0 0| | +---------------+ | | | | | | | | | | HIP Signature | | | | | | | | | +---------------------------------------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+-----------------------------------------------+ |0 0 0 1 1 1 0 1| | +---------------+ | | | | | | | | | | HIP Signature | | | | | | | | | +---------------------------------------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+-----------------------------------------------+ |0 0 0 1 1 1 1 0| | +---------------+ | | | | | | | | | | HIP Signature | | | | | | | | | +---------------------------------------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+-----------------------------------------------+ |0 0 0 1 1 1 1 1| | +---------------+ | | HIP Signature | | | | | +---------------------------------------------------------------+ | | | | | Padding | | | | | +---------------------------------------------------------------+
- [Tm-rid] Adam's current extended auth message Robert Moskowitz
- Re: [Tm-rid] Adam's current extended auth message Wiethuechter, Adam
- Re: [Tm-rid] Adam's current extended auth message Wiethuechter, Adam