Re: [core] OSCORE: Status Update on the C Implementation of an OSCORE Server
Göran Selander <goran.selander@ericsson.com> Fri, 14 December 2018 10:33 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD076127AC2 for <core@ietfa.amsl.com>; Fri, 14 Dec 2018 02:33:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.781
X-Spam-Level:
X-Spam-Status: No, score=-4.781 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=Z9AHf3F9; dkim=pass (1024-bit key) header.d=ericsson.com header.b=YCGB0IyX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DI3d4vDVAfvs for <core@ietfa.amsl.com>; Fri, 14 Dec 2018 02:33:44 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6819912426E for <core@ietf.org>; Fri, 14 Dec 2018 02:33:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1544783621; x=1547375621; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=DvuALtRLxv2+F/VojcX4XbL5Z34KR6yxa19Q+iGGXFk=; b=Z9AHf3F92noI7DdxS1p14mO2ydwT7syDHSvM3k+JnAkT2f6NKsMa3NRadG55gK6C GmOTDNIRR8ySCZvOKvL4TYYJn2jepHwpvpJOrupDNMM3hOnzMmczeINBAPmU2z21 x3XGxe4BSPmMYibNUSfm1V3ggV337L/OqQHN5L/NUBw=;
X-AuditID: c1b4fb30-41b3a9e00000355c-14-5c1387053634
Received: from ESESSMB501.ericsson.se (Unknown_Domain [153.88.183.119]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 26.ED.13660.507831C5; Fri, 14 Dec 2018 11:33:41 +0100 (CET)
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Fri, 14 Dec 2018 11:33:40 +0100
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Fri, 14 Dec 2018 11:33:40 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DvuALtRLxv2+F/VojcX4XbL5Z34KR6yxa19Q+iGGXFk=; b=YCGB0IyX0t3eysZTLlSwvJiv9Q31uNvE76+zutMBQnD1w/DEW93XBhTN13giXmnZEjQxBvufv7hpi4o4yzHYzM4Xeq1OCtvPbyg/nVtj/muERaONnRMYDWRRTB/0h3X0amJG98G7JM0nlvShTHplBF0yHNwhm3IGBzk8ub5tWp4=
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com (20.177.190.219) by AM6PR07MB5352.eurprd07.prod.outlook.com (20.177.198.218) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1446.11; Fri, 14 Dec 2018 10:33:40 +0000
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::3d6f:cb36:583b:269d]) by AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::3d6f:cb36:583b:269d%5]) with mapi id 15.20.1446.006; Fri, 14 Dec 2018 10:33:39 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Jaro Fietz <jaro.fietz@aisec.fraunhofer.de>, "core@ietf.org" <core@ietf.org>
CC: "'Christian M. Amsüss'" <christian@amsuess.com>, Francesca Palombini <francesca.palombini@ericsson.com>, "martin.striegel@aisec.fraunhofer.de" <martin.striegel@aisec.fraunhofer.de>, Stefan Hristozov <stefan.hristozov@aisec.fraunhofer.de>, "jaro.fietz@gmx.de" <jaro.fietz@gmx.de>
Thread-Topic: OSCORE: Status Update on the C Implementation of an OSCORE Server
Thread-Index: AQHUkvIR/OT3z7quJk6jkgnrIEBquKV+G9CA
Date: Fri, 14 Dec 2018 10:33:39 +0000
Message-ID: <6A66D31F-EC70-438E-8243-94FC5171863D@ericsson.com>
References: <bd95ea38-7425-13d6-a955-1e60a5bd0945@aisec.fraunhofer.de> <20181011110943.GE31858@hephaistos.amsuess.com> <bdb05cc8-7418-a65c-b4a1-6111e1467c13@aisec.fraunhofer.de> <3E80C9C0-E03A-4EAE-8CAD-8063DC93C1A5@ericsson.com> <2608c3f9-907f-6f22-2c9e-bef30f9c0ef3@aisec.fraunhofer.de> <53AFBD47-6D9D-47FA-82E5-F1C8F5DC6F1F@ericsson.com> <3f288e89-ea41-5da5-ddb1-f5eada5a39cc@aisec.fraunhofer.de>
In-Reply-To: <3f288e89-ea41-5da5-ddb1-f5eada5a39cc@aisec.fraunhofer.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.13.0.181109
x-originating-ip: [192.176.1.89]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM6PR07MB5352; 6:mgW0VXxhZ97ogRnmThGuRKahyCRv4dS73n4o6RK+JqJv/n/FbNi+4vH1uU+S4ZxmjPQvTV3OJu0YQsbI0yoT9j9wGDyva3lDAAsl3sGHavAEffDRGaCzQLZf15dF5LlXJpewKqv8rJ9EikyS3Nlg+62XDV1YYUYF7s8dQn0VhU/E9mF342Q6stggsLYrRSDo4HEoR06uHQXi/HFPKN6j5ykMVn9yVYBHpm2INBMMY1J0leenmxOpypBATVsV8PgMHPX813sbaxOYv2w2rDO3XAiPc2FKswB1i92+pn1Sk8HqFbauk5VCw0lPTlG/VWIeMIpg8pMXAFxdTG6K+tEWRaY+jJlhJgTrV08MitOznKQAcHE88nskw24skAxw7fWXYjZIzudUiBuW6OLkZjVWNAyWrWpPfe3cuFblRpeJMYsO5Ub2j8BQwSF4N/4CDKKUWzQG+sJVpZYYK68cviO9Ug==; 5:J9peV9ZPosQZPTdMAUx8tP6e3+6rU1BTNRlPE8z/jfBfmdsZS2A23qVxM7fXdKcu9x97B82EcQIoQh1xwC1uFzIWAv4qMAYFdRjr2KJVMfY1pcVk8TSQNnTnHrgwpZDY+2FWai7ubZ86P2vWQjr6SRwUJcyCUBWTYM2kTvdiYyw=; 7:6XaSdF2uMCHc6e60kZu8o3++N2j9wHrm8jNVV+zoyiSytn/IW6o2ssg2jfv/9SyhDWswnJ83cQeRxvOhxKAiucqZ7HexTj0pxS0ZgBy1DJn6YfkW5xkiKcuxmgrRBdtbJIFgLYtZticFIvRW86umTQ==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(136003)(346002)(376002)(366004)(39860400002)(396003)(189003)(199004)(51914003)(53754006)(7736002)(6486002)(476003)(305945005)(966005)(15650500001)(2616005)(76176011)(68736007)(229853002)(3846002)(6116002)(4001150100001)(6246003)(6436002)(33656002)(58126008)(25786009)(93886005)(486006)(85182001)(6512007)(316002)(8676002)(83716004)(53546011)(6306002)(71190400001)(71200400001)(5660300001)(66066001)(14454004)(81166006)(81156014)(66574011)(97736004)(26005)(82746002)(186003)(54906003)(8936002)(110136005)(102836004)(14444005)(256004)(36756003)(446003)(11346002)(2906002)(85202003)(106356001)(86362001)(99286004)(2501003)(105586002)(4326008)(6506007)(53936002)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR07MB5352; H:AM6PR07MB4822.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1;
x-ms-office365-filtering-correlation-id: 412a9c0a-913e-4448-c949-08d661af9ca3
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:AM6PR07MB5352;
x-ms-traffictypediagnostic: AM6PR07MB5352:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-microsoft-antispam-prvs: <AM6PR07MB5352184A104AAF3D9E3028CCF4A10@AM6PR07MB5352.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(999002)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(3231475)(944501520)(52105112)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(201708071742011)(7699051); SRVR:AM6PR07MB5352; BCL:0; PCL:0; RULEID:; SRVR:AM6PR07MB5352;
x-forefront-prvs: 08864C38AC
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: zNAplV+grF4ZHv5LPEK81ZyVrbVudTPp/CHNDr4PQ/oO/mRK2BRArU/sSietpUW2wNMsbC7fx8Wl2y854ZTD5z5qIfHOddI5Rv43OD81VGEDRZepvY4YMy9AvO4afulo9ZzPEU8osgh4jGY8irsCOiaHQFLjpugR5TN3dtnSOY33EuXlwt6H/cci2hLzIbDkTjPUa5knaNv7oIWHOKKeKyXFL3rkJpHCCEJWYTSabIV0pjIgiDRRglymW592u23iMOiWvYZ+BU4F4BzxKGOLCNrl2DCE2xYZpCMQptQN5zOWbBqJFKjSAU4xt/UFiZqY
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <6BA871C05BC5D740A53725D8DB0ABC72@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 412a9c0a-913e-4448-c949-08d661af9ca3
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Dec 2018 10:33:39.3883 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB5352
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SeUiTcRjH+e09fJVWP6fmoyLUwD8SPMkaYWUYNTok+6OkxFz6ost5sJnl EUzNjqmlppRzXmRmas55pKYpWiSK4lFKWanpwIO0ovKmcnsX9N/neb7f54KHIQS1lD0jjYpl 5VESmZC2IPMDmq64UDetAt1Lyh1E7c13SFH7gpYQzU4k06KUah0SNS/1kKJ366VmPrS4Qv2R Fqs61yjxt+9B4rKyVd4p8pyFdygrk8axcrcDwRbhtS+rqJhR0dWq0mVaiTR7VcicAbwbhnRp hApZMAL8CoFmrMAULCG4PdZmZnAJcBkPtIuxBoHEWQQMD28gzpXHA934Q1MwhaByJZdnKKHx YZhUThnZGp+GhuwRymAicBMPFt+MGPtaYT/omF8mOZM/tG80II49IW9o2sgkdgJdim7TzzB8 fBCeFcq4YQUENGcVGfuY46Mwk6mnDYzwdljurTYOJrAtjOmLedylGMraBgiObWBu+jdlYBvs Bmm9d824/A7orligOXaE4eJ042WAR2nQD42aTB7Q/aSD4IQJGopTxylOOAl9ddkUJwwiaO3P MVU4w+LsCI9bLwhSapSmERGgmcxEWchT/d+26s1LCbwLtM/duLQYapQDZhzvhNz0z0bmY0vo ydeTJYiqRDYKVnExMszT05WVS0MUiugo1yg2tg5t/lFnw7p7M5qbOdSFMIOEW/hVyVaBAkoS p4iP7ELAEEJr/pm0zRQ/VBKfwMqjL8gvy1hFF3JgSKEtf0NgGSjAYZJYNoJlY1j5P5XHmNsr ke9Z/77HdvWdg97ahsTFBM38+dBtfrBn9FriUsGjCZf+xv0tf177fpA+/VS4ctz1fpKXX731 JVXQvox7asuVAN9VVVu19r1z5/Ufc7Llxhde5aJ44sTs263HmlBGy5dxp1/R3qkz0Q8kdWrp kVC71hDHJGERzffRl+asfU39eSv4hpBUhEs8nAm5QvIX6mRZrkMDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/QI0us6zUdYwMbLjbaOfcZVgFS5c>
Subject: Re: [core] OSCORE: Status Update on the C Implementation of an OSCORE Server
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Dec 2018 10:33:47 -0000
Hello Jaro, Great news, thanks for sharing this! Please keep us updated on the progress. Best regards, Göran On 2018-12-13, 15:42, "Jaro Fietz" <jaro.fietz@aisec.fraunhofer.de> wrote: Hey everyone, after I've received several follow-up mails about my minimal C implementation of an OSCORE server on top of the embedded OS Zephyr, I've decided to give everyone an update on my progress. I've implemented a subset of the OSCORE Draft Version 14 in C, leaving out most optional features. My implementation provides a minimal working OSCORE server for an embedded board (in my case the 96 Boards BLE Nitrogen). It is based on Zephyr as the underlying embedded operating system but should be easily adaptable to other needs. The implementation is now finished feature wise. Key derivation was tested against the Appendix C.1.2 testcase from the specification [1]. Additionally, the server successfully responds to the OSCORE Test_1a [1] (executed with aiocoap's plugtest script). I haven't performed other tests, but this should be good enough to exchange simple encrypted messages. I'm currently in the works of open sourcing the project. I expect the source code to be published on github mid to late January. I hope that this will be quick enough for RIOT. I'll write to the ML once the source code is available (or only to individual people in case this information isn't relevant to the ML). BR, Jaro [1]: https://tools.ietf.org/html/draft-ietf-core-object-security-14#appendix-C.1.2 [2]: https://ericssonresearch.github.io/OSCOAP/test-spec5.html#test-1a On 11/26/18 3:18 PM, Göran Selander wrote: > Hi Jaro, > > Thanks for the update! > > I understand you can't promise anything here. The question I got was for a C-implementation which was not tailored for a particular constrained platform OS, like what exists for Contiki NG and Open WSN. For your information, the people I talked to at RIOT wants to start after the new year holidays, so anything available around that time would be very welcome. > > Thanks, > Göran > > > On 2018-11-26, 14:39, "Jaro Fietz" <jaro.fietz@aisec.fraunhofer.de> wrote: > > Hello Göran, > > we are planning on open-sourcing the C implementation, I'm in the works > of filling in the paperwork. Currently I'm in the bugfixing stage, so > the code isn't functional quite yet. Once I have a minimal working > example and we have the go-ahead for open-sourcing it, I'll let you > know. I hope that it'll happen within the next month, but can't > guarantee anything. > > BR, > Jaro > > On 11/23/18 4:04 PM, Göran Selander wrote: > > Hello Jaro, > > > > I'm curious about the continued story of one of the questions from Christian, below. > > > > On 2018-10-11, 14:42, "core on behalf of Jaro Fietz" <core-bounces@ietf.org on behalf of jaro.fietz@aisec.fraunhofer.de> wrote: > > > > Hello Christian, > > > > thanks for your quick answer, it clarified the second of my questions. > > > > On 10/11/18 1:09 PM, Christian Amsüss wrote: > > > The expectation is that the shortest (zero-length) ID would be used in > > > cases wherever that's beneficial, eg. when a constrained device > > > primarily utilizes one context in which it is addressed as a server. > > This is an interesting optimization. I'm not too sure about the actual > > benefits though. To me this would only result in the constrained nodes > > being able to shave off a few bytes of allocation when constructing the > > response and saving their sender_id to persistent storage. > > > You briefly had me worried I got it wrong myself -- but the > > > left-trimming that's happenign is on the sequence numbers, not on the > > > sender IDs. > > Sorry, I must have skipped incorrectly over the tuple construction. > > Reading through it again, your code is, of course, correct :) > > > Slightly off topic: Would that happen to be a freely licensed > > > implementation? If so, I know of an embedded operating system project > > > that would love to hear about this. > > I'm implementing OSCORE on top of zephyr (not integrated into it) for an > > embedded board. Currently it isn't open source, but I asked my advisor, > > who'll forward the request to the supervisor. > > Judging from your github history I expect you ask for RIOT-OS? :) > > > > Have you decided about open source? I also got question from people working RIOT-OS __ > > > > BR > > Göran > > > > > > > > > > >
- [core] OSCORE: Questions about Section 5.2 Jaro Fietz
- Re: [core] OSCORE: Questions about Section 5.2 Christian Amsüss
- Re: [core] OSCORE: Questions about Section 5.2 Jaro Fietz
- Re: [core] OSCORE: Questions about Section 5.2 Christian Amsüss
- Re: [core] OSCORE: Questions about Section 5.2 Francesca Palombini
- [core] OSCORE: Status Update on the C Implementat… Jaro Fietz
- Re: [core] OSCORE: Status Update on the C Impleme… Göran Selander