Re: [Tm-rid] HHIT trust proof for Auth messages
"Wiethuechter, Adam" <adam.wiethuechter@axenterprize.com> Thu, 03 October 2019 19:46 UTC
Return-Path: <adam.wiethuechter@axenterprize.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20A6E1200B7 for <tm-rid@ietfa.amsl.com>; Thu, 3 Oct 2019 12:46:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id utsinDq3oMOB for <tm-rid@ietfa.amsl.com>; Thu, 3 Oct 2019 12:46:18 -0700 (PDT)
Received: from mail-qk1-x729.google.com (mail-qk1-x729.google.com [IPv6:2607:f8b0:4864:20::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 770DC120098 for <tm-rid@ietf.org>; Thu, 3 Oct 2019 12:46:18 -0700 (PDT)
Received: by mail-qk1-x729.google.com with SMTP id u184so3610524qkd.4 for <tm-rid@ietf.org>; Thu, 03 Oct 2019 12:46:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TBbFPAvbaDmo67T2d9FI1d7DHmSvNwCH1ThILWFDAC8=; b=VBQq3gtx8R1K0Ao/8PR2ntmAa0nAWgOXvQ7jV6KX9MppiKxrmM4pAIZoYOrJTz8K50 SxgC4L8ZQ3PxzUU1J3bbLHHQNf8b3tTw/OT/GaYCtyFUwdZabFBSLloLhqJnOhH24Lb3 krVhqIufyKGU7/cnUincXy8CJNdlu2fAshp4o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TBbFPAvbaDmo67T2d9FI1d7DHmSvNwCH1ThILWFDAC8=; b=g8AB8QyhXbH4Y9yK5tFauZIWsY5iJFA+8xA6BEtmkQ8lHNRQPyDwMmRT+LiCOAhxHZ WNRNl1kzyIqLnBYvYYM0tIA5oxgQQFwBnisxo8KsKA5kbZRuKs5OO8iUbsFEhOebtPTV wvuL6TaPsexNmSksx5sH9rkZefKofR0hV5wDBjoHo9qXLqJG8C33tg8EoqvZwq05MTww k2NcUhzE+cGEZ5YhYv2Quw/tyCnYre8XqZ0u4sLyb9N+IbNq3jLDc+SKlHozOGpubLMj L2o5RioJezowVBhAmOAGJLVNzToThSP2fM8iifLvuaNvk22fzv6FF+4JNKqKcWvaE1gQ Aprg==
X-Gm-Message-State: APjAAAXtoKKbadSJm4cIneCSVCJL2ba92pdwAdGUhPH0E0xLTE650zJJ nmG5F0KXBtGkQKRbXxYi0WEH32RW5+VwFjnkdrzvm9E=
X-Google-Smtp-Source: APXvYqzsfyOdIuZF1/zzlKCv4jKHFgUykURwjJVQB0BBfrxnbQ16dQsD9sjseSDtTIw8QVfQPYwqlYATQuUzjs/oqak=
X-Received: by 2002:a37:a106:: with SMTP id k6mr6054143qke.158.1570131977394; Thu, 03 Oct 2019 12:46:17 -0700 (PDT)
MIME-Version: 1.0
References: <c8342d06-203f-6f51-d227-12501a291fc7@labs.htt-consult.com> <CA+r8TqVNVOOCAipmTN5BqH3UGnpezsL748iLWnc7Ra=rVtD9sg@mail.gmail.com> <5994016b-0006-f45c-3f53-6094ed768b3c@labs.htt-consult.com> <CA+r8TqU-nhUgLv_eGYMTh6kCoX6UnDH=4XznR168Pvp780==9g@mail.gmail.com> <e6c8facf-3c96-5c29-bd75-30ed09594d41@labs.htt-consult.com>
In-Reply-To: <e6c8facf-3c96-5c29-bd75-30ed09594d41@labs.htt-consult.com>
From: "Wiethuechter, Adam" <adam.wiethuechter@axenterprize.com>
Date: Thu, 03 Oct 2019 15:46:06 -0400
Message-ID: <CA+r8TqXRE3uR7TcqXCbuKTBQsvniFS1312mvbZQnfgThbPZH=w@mail.gmail.com>
To: Robert Moskowitz <rgm@labs.htt-consult.com>
Cc: "tm-rid@ietf.org" <tm-rid@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c372cb059406d6a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/eQ5bEChSciqPmnAXFbwFOHJ42hQ>
Subject: Re: [Tm-rid] HHIT trust proof for Auth messages
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Trustworthy Multipurpose RemoteID <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Oct 2019 19:46:23 -0000
Bob, It was never my intention to removed the HHIT from the authentication message for the reasons you just stated. This was a miscommunication on my part. It also stemmed from my misunderstanding of FEC in general and how they work. Michael, Stu sat down with me today and gave me a brief explanation of FECs and his approach he was thinking and pointing out the flaw that you also noticed. I still need to understand his idea a bit better to get it down in writing/format but I am getting there. On a more general note; the ASTM proposed standard I can confirm is 5 pages long (17 + 23 *4 = 109 bytes). The reasoning behind this and possible paths forward are still being looked at. On Thu, Oct 3, 2019 at 9:09 AM Robert Moskowitz <rgm@labs.htt-consult.com> wrote: > > > On 10/2/19 4:04 PM, Wiethuechter, Adam wrote: > > While waiting for Gabriel to answer our emails I have been playing with > Reed-Solomon encoding with the message formats. I assume worst case > scenario of having only 5 pages to play with (the more I examine what I can > access for implementation the more convinced I am that this is the reality > of our situation) and I am using the above format to work out something > (specifically the shorter format as its the only one that fits currently). > > The first page has 17 bytes of user data, which is just to HHIT. We can > also obtain this via the Basic ID message so I am not that worried about > loss here. > > > I do not want to rely on the Basic ID Message for the HHIT. It is an > opening for attacks. The adversary sends Basic ID Messages with the UAS's > MAC addr but some other HHIT. This confuses the ground observer on what > HHIT to use to verify the signed message. Better to include the 16 bytes > of the UAS HHIT. > > The next 3 pages contain the trusted timestamp (not terribly important but > useful information) and the HHIT Signature (very important). If we lose any > one of these packets the whole point of authentication is gone. We still > have one page left, that Bob has marked as "payload". > > Assuming we want to run Reed-Solomon (and to my knowledge after doing some > internet search to understand it) we want an RS(92,69) with 8 bit symbols. > This will give us 23 bytes of parity that we would place into the "payload" > section and would protect the 3 signature pages from up to 11 errors. This > is assuming the following: RS(n,k) and 2t=n-k where; n=payload size, k=data > size, t=correctable errors. I used [1] as a reference to understand what I > was doing. > > Bob, also note that while I know BT5 is an option I am constraining myself > to BT4 for the time being as it is widely available and I don't fully > understand BT5 Extended Message format at this time. I also want to develop > up into BT5 (after getting BT4 formatting in a good state) and not develop > down into BT4. > > [1] > https://www.cs.cmu.edu/~guyb/realworld/reedsolomon/reed_solomon_codes.html > > On Wed, Oct 2, 2019 at 8:40 AM Robert Moskowitz <rgm@labs.htt-consult.com> > wrote: > >> Quickly, >> >> We have to find out why the reduction in size when BT5 is 255 bytes and >> the extended messages were designed to work in BT5. >> >> Bob >> >> On 10/1/19 12:12 PM, Wiethuechter, Adam wrote: >> >> All, >> >> Attached is a mock up of what Bob has here just in the new 0.8 version of >> the authentication message. >> >> There is a 23 byte payload limit or 25 bytes if we remove the reserved >> bytes and condense. I am unwilling to do this though as then the HHIT or >> Trust Timestamp fields would be fragmented across pages. Its already bad >> enough that the Trusted Timestamp and standard Timestamp fragment across >> the 32 bit boundary (within a page) and worse the signature across 3 whole >> pages already. While in practice this probably wouldn't affect much it >> makes it harder to understand/read I think. >> >> My concern, is that we are broadcasting over Bluetooth. There are 5 pages >> to the authentication message (from my understanding of the new standard). >> If we lose any one page it is most likely going to be a signature page (as >> it spans 3 whole pages) and there will be no way to achieve that which this >> format is intended for without the full signature. Perhaps the payload >> section that Bob marked in (and fills the final page of the authentication >> message) should be some sort of error correction on the signature? >> >> The second version I think is unattainable in the new format, unless >> someone here can defy the laws of physics and make numbers smaller than >> they actually are thus allowing more to fit within the 109 byte constrain >> of the message format. >> >> Questions, comments, concerns? >> >> On Fri, Sep 27, 2019 at 12:40 PM Robert Moskowitz < >> rgm@labs.htt-consult.com> wrote: >> >>> And here is something I have been working on as condensed proof of HHIT >>> ownership objects that can be put into the auth messages. I have not >>> done that yet, like Adam has: >>> >>> <figure> >>> <artwork> >>> 0 1 2 3 >>> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | HHIT | >>> | | >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | TIMESTAMP | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | HHIT | >>> | SIG | >>> . . >>> . . >>> . . >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> / PAYLOAD / >>> / / >>> / +-------------------------------+ >>> / | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> >>> HHIT 16 byte HHIT of EdDSA25519 HI >>> TIMESTAMP 4 byte packet trust until timestamp >>> HHIT SIG 64 byte Signature of whole packet >>> PAYLOAD 0 to n bytes of payload >>> Length 84 + n bytes >>> </artwork> >>> </figure> >>> <figure> >>> <artwork> >>> 0 1 2 3 >>> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | DEV HHIT | >>> | | >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | TIMESTAMP | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | DEV HHIT | >>> | SIG | >>> . . >>> . . >>> . . >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | DEV HI | >>> | | >>> | | >>> | | >>> | | >>> | | >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | AUTH TIMESTAMP | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | AUTH HHIT | >>> | | >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | AUTH | >>> | SIG | >>> . . >>> . . >>> . . >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> / PAYLOAD / >>> / / >>> / +-------------------------------+ >>> / | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> >>> DEV HHIT 16 byte Dev HHIT of EdDSA25519 HI >>> TIMESTAMP 4 byte packet trust until timestamp >>> DEV HHIT SIG 64 byte Signature of whole packet >>> DEV HI 32 byte Device HI of EdDSA25519 HI >>> AUTH TIMESTAMP 4 byte Dev HHIT trust until timestamp >>> AUTH HHIT 16 byte Authorizer's HHIT of EdDSA25519 HI >>> AUTH SIG 64 byte Signature of Device HHIT-HI >>> PAYLOAD 0 to n bytes of payload >>> Length 200 + n bytes >>> </artwork> >>> </figure> >>> >>> | Type | Length | >>> >>> -- >>> Tm-rid mailing list >>> Tm-rid@ietf.org >>> https://www.ietf.org/mailman/listinfo/tm-rid >>> >> >> >> -- >> 73's, >> Adam T. Wiethuechter >> >> >> -- >> Robert Moskowitz >> Owner >> HTT Consulting >> C: 248-219-2059 >> F: 248-968-2824 >> E: rgm@labs.htt-consult.com >> >> There's no limit to what can be accomplished if it doesn't matter who >> gets the credit >> > > > -- > 73's, > Adam T. Wiethuechter > > > -- > Robert Moskowitz > Owner > HTT Consulting > C: 248-219-2059 > F: 248-968-2824 > E: rgm@labs.htt-consult.com > > There's no limit to what can be accomplished if it doesn't matter who gets > the credit > -- 73's, Adam T. Wiethuechter
- [Tm-rid] HHIT trust proof for Auth messages Robert Moskowitz
- Re: [Tm-rid] HHIT trust proof for Auth messages Wiethuechter, Adam
- Re: [Tm-rid] HHIT trust proof for Auth messages Michael Richardson
- Re: [Tm-rid] HHIT trust proof for Auth messages Wiethuechter, Adam
- Re: [Tm-rid] HHIT trust proof for Auth messages Robert Moskowitz
- Re: [Tm-rid] HHIT trust proof for Auth messages Wiethuechter, Adam
- Re: [Tm-rid] HHIT trust proof for Auth messages Card, Stu
- Re: [Tm-rid] HHIT trust proof for Auth messages Robert Moskowitz
- Re: [Tm-rid] HHIT trust proof for Auth messages Michael Richardson
- Re: [Tm-rid] HHIT trust proof for Auth messages Robert Moskowitz
- Re: [Tm-rid] HHIT trust proof for Auth messages Wiethuechter, Adam
- Re: [Tm-rid] HHIT trust proof for Auth messages Michael Richardson
- Re: [Tm-rid] HHIT trust proof for Auth messages Wiethuechter, Adam