120 likes | 181 Views
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: HIP over TG9 Date Submitted: May 15, 2012 Source: Robert Moskowitz, Verizon Address 1000 Bent Creek Blvd, MechanicsBurg, PA, USA Voice:+1 (248) 968-9809, e-mail: rgm@labs.htt-consult.com
E N D
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: HIP over TG9 Date Submitted: May 15, 2012 Source: Robert Moskowitz, Verizon Address 1000 Bent Creek Blvd, MechanicsBurg, PA, USA Voice:+1 (248) 968-9809, e-mail: rgm@labs.htt-consult.com Re: HIP KMP over TG9 Abstract: HIP KMP over TG9 Purpose: To add Key Management capabilities to 15.4 and 15.7 Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15. Robert Moskowitz, Verizon
Robert Moskowitz Atlanta, GA May 15, 2012 HIP KMP over TG9 Robert Moskowitz, Verizon
Robert Moskowitz, Verizon Abstract • Present the HIP protocol • Both BEX and DEX • Use cases for HIP for 802.15 • Deployment recommendations • Specifics for use over TG9 • Pairwise and Group keys for BEX • Authentication methods • ACLs and RADIUS
Robert Moskowitz, Verizon The HIP protocol • Defined in RFCs • In revision • Plus draft for DEX (Diet Exchange) • Key Management between peers • Exchange of secure identities • 4 packet session key establishment • BEX is SIGMA compliant • Mobility features not needed for TG9
Robert Moskowitz, Verizon The HIP protocol • Secure Identities • HIP is based on the principle that each device has a secure identity which is the public key of an asymmetric key pair. This is called the HI – Host Identity • BEX supports most algorithms • DEX only supports ECDH
Robert Moskowitz, Verizon The HIP protocol • Secure Identities • HIT (Host Identity Tag) is a hash of the HI • Used as an index for SAs • Including authentication • As an IPv6 address for applications • HIT is an ORCHID and a valid IPv6 address • Some work on hierarchical HITs that include domain information
Robert Moskowitz, Verizon The HIP protocol • HIP BEX – Base EXchange Initiator Responder I1: Trigger exchange R1: {Puzzle, D-H(R) HI(R), ESP Transform, HIP Transform }SIG HIP SA I2: {Solution, LSI(I), SPI(I), D-H(I), ESP Transform, HIP Transform, {H(I)}SK }SIG HIP SA R2: {LSI(R), SPI(R), HMAC}SIG IMAC SA IMAC SA
Robert Moskowitz, Verizon The HIP protocol • HIP DEX – Diet EXchange Initiator Responder I1: Trigger exchange R1: {Puzzle, HI(R)} HIP SA I2: {Solution, HI(I),{SKx}DHk }MAC HIP SA R2: {HI(R), {Sky}DHk, {PTK, GTK}SKy}MAC IMAC SA IMAC SA
Robert Moskowitz, Verizon Use Cases for HIP • Use cases • Constrained Sensors • Code space, CPU • DEX uses static ECDH, no ephemeral • Light switches, Temp sensors, door locks • Single KMP for all layers • MAC, IP, DTLS-PSK
Robert Moskowitz, Verizon HIP Deployment Recommendations • Opportunistic • Initial exchange assumed to be in a trusted environment and HITs accepted and populate auth table • HIT displayed on device or packaging • QR code scanned with phone app that loads auth table
Robert Moskowitz, Verizon HIP specifics for TG9 • BEX items • No ESP transform • BEX currently only creates session key • Need to add PTK and GTK support as in DEX • DEX items • No ESP transform
Robert Moskowitz, Verizon HIP specifics for TG9 • Authentication of devices to PAN • ACL • Used in single controller PAN (star) • RADIUS back end • For any PAN architecture • Device HIT and MAC in RADIUS Request • Existing RADIUS function, no change to existing RADIUS servers • MAC MAY be 'null' • X.509 certs supported for BEX only • More for controller auth