submission 15-11-0364-00-0hip slide 1 project: ieee p802.15 working group for wireless personal area...
Post on 18-Dec-2015
213 views
TRANSCRIPT
Submission
15-11-0364-00-0hip<Sept 2010>
Slide 1
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)
Submission Title: [Bootstrapping using HIP]Date Submitted: [11 May, 2011]Source: [Cao Zhen, Liu Dapeng] Company [China Mobile Communications Corporation]Address [28 Xuanwumenxi Ave. Beijing, China]Voice:[+86-66006688], FAX: [+86-10-63601087], E-Mail:[{caozhen,liudapeng}@chinamobile.com]
Abstract: [This document discusses the method of using HIP and diet-HIP to bootstrap the IEEE 802.15.4 network ]
Purpose: [For information and discussion]
Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15.
Submission
15-11-0364-00-0hip
Slide 2
Bootstrapping WPAN using HIPZhen Cao, Dapeng Liu
April 25, 2011
<Sept 2010>
Submission
15-11-0364-00-0hip
The Problem • IEEE standards ensure connectivitiy at MAC
and Phy layer• IETF standards achieve IP connectivity• IEEE 802.15.4 MAC encodes encryption
payload, but no way to initiate the keys• How to initially configure the network?
– How nodes authenticate to the network – How nodes get the IP address – … – In one word, how to bootstrap?
<Sept 2010>
Slide 3
Submission
15-11-0364-00-0hip
What’s Bootstrapping
• Any process before the network can operate – Link-layer address– MAC layer configuration – Encryption/authentication keys
<Sept 2010>
Slide 4
Submission
15-11-0364-00-0hip
System level requirements
• Data Confidentiality
• Data Integrity
• Keys and key freshness
• Multi domain support
• Identities
<Sept 2010>
Slide 5
Submission
15-11-0364-00-0hip
Bootstrapping using HIP
• End-to-end bootstrapping – Using HIP to establish the SA between two end
points – Using the HIP-established SA to delieve the
management objects
<Sept 2010>
Slide 6
PAN Coordinator
Bootstrapping and get the configuration objects
Other network
Submission
15-11-0364-00-0hip
What’s HIP
<Sept 2010>
Slide 7
IP layerIP layerIP layerIP layer
FragmentationFragmentation
Link LayerLink LayerLink LayerLink Layer
ForwardingForwardingForwardingForwarding
IPsecIPsec
Transport LayerTransport LayerTransport LayerTransport LayerEnd-to-end, HITs
Hop-by-hop, IP addresses
HIPHIP
MobilityMobilityMobilityMobility
Multi-homingMulti-homingMulti-homingMulti-homing
v4/v6 bridgev4/v6 bridgev4/v6 bridgev4/v6 bridge
Submission
15-11-0364-00-0hip
HIP Basic Exchange
<Sept 2010>
Initiator Responder
I1: HITI, HIT
R or NULL
R1: HITI, [HIT
R, puzzle, DH
R, HI
R]sig
I2: [HITI, HIT
R, solution, DH
I, {HI
I}]
sig
R2: [HITI, HIT
R, authenticator]
sigUser data messagesUser data messages
Con
trol
Dat
a
Submission
15-11-0364-00-0hip
The problem with HIP
• HIP BEX (Basic Exchange) is heavy weight – Puzzle solutions – SA negotiation – IPsec
<Sept 2010>
Slide 9
Submission
15-11-0364-00-0hip
Diet HIP
<Sept 2010>
Slide 10
• The HIP DEX, rather than a BEX, exchange is identified by a DEX HIT
– I & R HITs included in exchange headersI R
I1 ::= () ------>
R1 ::= <--- Pn, PKr
I2 ::= Pn, Sn, PKi, ECR(DHk,x|n), MAC(x,(Pn, Sn, PKi, ECR(DHk,x|n))) ------>
I or MI R
R2 ::= <--- ECR(DHk,y|n), MAC(x, (ECR(DHk,y|n)))
I R
<--- Data, MAC(EX(x,y), Data) ------>
Note be end of exchange, parties can ONLY be R and I.
Submission
15-11-0364-00-0hip
Diet HIP
<Sept 2010>
Slide 11
• The HIP DEX, rather than a BEX, exchange is identified by a DEX HIT
– I & R HITs included in exchange headers
I R
D-HIP (Start of Exchange )
D-HIP (Pn, PKr)
Pn, Sn, PKi, ECR(DHk,x|n), MAC(x,(Pn, Sn, PKi, ECR(DHk,x|n)))
ECR(DHk,y|n), MAC(x, (ECR(DHk,y|n)))
Submission
15-11-0364-00-0hip
Extreame Diet HIP
• Simple Challenge-Response Protocol– Using one-way hash numbers
<Sept 2010>
Slide 12
I R
Start of Bootstrapping - Rn
Challenge Random Number -k
Response with Rn-k
Indication of Success of Failure
R0
R1
Rn
……
Hash k(Rn-k)=Rn ?
Submission
15-11-0364-00-0hip
Potential Changes to 802.15.4-2006
• Associate primitive– MLME-ASSOCIATE.request
• Encode I1 packet
– MLME-ASSOCIATE.indication• Encode R1 packet
– MLME-ASSOCIATE.response• Encode I2 packet
– MLME-ASSOCIATE.confirm• Encode R2 packet
<Sept 2010>
Slide 13
Submission
15-11-0364-00-0hip
Slide 14
Summary
• Security bootstrapping using HIP
• D-HIP is a direct choice for this bootstrapping – Get the keys for MAC encryption– Authenticate the Coordinator and acquire
the address
• ED-HIP is more lightweight than D-HIP
<Sept 2010>
Submission
15-11-0364-00-0hip
Reference
• RFC4423
• RFC5201
• draft-sarikaya-core-sbootstrapping-01
• 15-10-0412-06-wng0-key-negotiation-using-diet-hi
<Sept 2010>
Slide 15