< draft-ietf-drip-auth-06.txt   draft-ietf-drip-auth-07.txt >
DRIP Working Group A. Wiethuechter (Editor) DRIP Working Group A. Wiethuechter (Editor)
Internet-Draft S. Card Internet-Draft S. Card
Intended status: Standards Track AX Enterprize, LLC Intended status: Standards Track AX Enterprize, LLC
Expires: 16 October 2022 R. Moskowitz Expires: 21 October 2022 R. Moskowitz
HTT Consulting HTT Consulting
14 April 2022 19 April 2022
DRIP Authentication Formats & Protocols for Broadcast Remote ID DRIP Authentication Formats & Protocols for Broadcast Remote ID
draft-ietf-drip-auth-06 draft-ietf-drip-auth-07
Abstract Abstract
This document describes how to include trust into the ASTM Remote ID This document describes how to include trust into the ASTM Remote ID
specification defined in ASTM F3411 under Broadcast Remote ID (RID). specification defined in ASTM F3411 under Broadcast Remote ID (RID).
It defines a few message schemes (sent within the Authentication It defines a few message schemes (sent within the Authentication
Message) that can be used to authenticate past messages sent by a Message) that can be used to authenticate past messages sent by a
unmanned aircraft (UA) and provide proof of UA trustworthiness even unmanned aircraft (UA) and provide proof of UA trustworthiness even
in the absence of Internet connectivity at the receiving node. in the absence of Internet connectivity at the receiving node.
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 16 October 2022. This Internet-Draft will expire on 21 October 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 23 skipping to change at page 2, line 23
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. DRIP Requirements Addressed . . . . . . . . . . . . . . . 3 1.1. DRIP Requirements Addressed . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. Required Terminology . . . . . . . . . . . . . . . . . . 4 2.1. Required Terminology . . . . . . . . . . . . . . . . . . 4
2.2. Definitions . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Definitions . . . . . . . . . . . . . . . . . . . . . . . 4
3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Problem Space and Focus . . . . . . . . . . . . . . . . . 4 3.1. Problem Space and Focus . . . . . . . . . . . . . . . . . 4
3.2. Reasoning for IETF DRIP Authentication . . . . . . . . . 5 3.2. Reasoning for IETF DRIP Authentication . . . . . . . . . 4
3.3. ASTM Authentication Message . . . . . . . . . . . . . . . 5 3.3. ASTM Authentication Message . . . . . . . . . . . . . . . 5
3.3.1. Authentication Page . . . . . . . . . . . . . . . . . 5 3.3.1. Authentication Page . . . . . . . . . . . . . . . . . 5
3.3.2. DRIP Constraints . . . . . . . . . . . . . . . . . . 8 3.3.2. DRIP Constraints . . . . . . . . . . . . . . . . . . 8
4. Forward Error Correction . . . . . . . . . . . . . . . . . . 8 4. Forward Error Correction . . . . . . . . . . . . . . . . . . 8
4.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . . 8 4.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1.1. Single Page FEC . . . . . . . . . . . . . . . . . . . 8 4.1.1. Single Page FEC . . . . . . . . . . . . . . . . . . . 8
4.1.2. Multiple Page FEC . . . . . . . . . . . . . . . . . . 9 4.1.2. Multiple Page FEC . . . . . . . . . . . . . . . . . . 9
4.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . . 12 4.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . . 12
4.2.1. Single Page FEC . . . . . . . . . . . . . . . . . . . 12 4.2.1. Single Page FEC . . . . . . . . . . . . . . . . . . . 12
4.2.2. Multiple Page FEC . . . . . . . . . . . . . . . . . . 12 4.2.2. Multiple Page FEC . . . . . . . . . . . . . . . . . . 12
skipping to change at page 3, line 21 skipping to change at page 3, line 21
12.2. Informative References . . . . . . . . . . . . . . . . . 32 12.2. Informative References . . . . . . . . . . . . . . . . . 32
Appendix A. Authentication State Diagrams & Color Scheme . . . . 33 Appendix A. Authentication State Diagrams & Color Scheme . . . . 33
A.1. State Table . . . . . . . . . . . . . . . . . . . . . . . 33 A.1. State Table . . . . . . . . . . . . . . . . . . . . . . . 33
A.2. State Diagrams . . . . . . . . . . . . . . . . . . . . . 34 A.2. State Diagrams . . . . . . . . . . . . . . . . . . . . . 34
A.2.1. Notations . . . . . . . . . . . . . . . . . . . . . . 34 A.2.1. Notations . . . . . . . . . . . . . . . . . . . . . . 34
A.2.2. General . . . . . . . . . . . . . . . . . . . . . . . 35 A.2.2. General . . . . . . . . . . . . . . . . . . . . . . . 35
A.2.3. DRIP SAM . . . . . . . . . . . . . . . . . . . . . . 36 A.2.3. DRIP SAM . . . . . . . . . . . . . . . . . . . . . . 36
A.2.4. DRIP Link . . . . . . . . . . . . . . . . . . . . . . 37 A.2.4. DRIP Link . . . . . . . . . . . . . . . . . . . . . . 37
A.2.5. DRIP Wrapper/Manifest/Frame . . . . . . . . . . . . . 38 A.2.5. DRIP Wrapper/Manifest/Frame . . . . . . . . . . . . . 38
Appendix B. HDA-UA Broadcast Attestation . . . . . . . . . . . . 40 Appendix B. HDA-UA Broadcast Attestation . . . . . . . . . . . . 40
Appendix C. Example Authentication Messages . . . . . . . . . . 42 Appendix C. Example TX/RX Flow . . . . . . . . . . . . . . . . . 42
C.1. Authentication Data Only . . . . . . . . . . . . . . . . 42 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
C.2. Authentication Data & Additional Data . . . . . . . . . . 43
C.3. DRIP Link Example . . . . . . . . . . . . . . . . . . . . 45
Appendix D. Example TX/RX Flow . . . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 48
1. Introduction 1. Introduction
Unmanned Aircraft Systems (UAS) are usually in a volatile environment Unmanned Aircraft Systems (UAS) are usually in a volatile environment
when it comes to communication. UA are generally small with little when it comes to communication. UA are generally small with little
computational (or flying) horsepower to carry standard communication computational (or flying) horsepower to carry standard communication
equipment. This limits the mediums of communication to few viable equipment. This limits the mediums of communication to few viable
options. options.
Observer systems (e.g. smartphones and tablets) place further Observer systems (e.g. smartphones and tablets) place further
skipping to change at page 7, line 51 skipping to change at page 8, line 5
Figure 2 is the abstract view of the data fields found in the Figure 2 is the abstract view of the data fields found in the
Authentication Message as defined by [F3411]. This data is placed Authentication Message as defined by [F3411]. This data is placed
into Figure 1's Authentication Payload, spanning multiple pages. into Figure 1's Authentication Payload, spanning multiple pages.
When Additional Data is being sent, a single unsigned byte When Additional Data is being sent, a single unsigned byte
(Additional Data Length) directly follows the Authentication Data / (Additional Data Length) directly follows the Authentication Data /
Signature and has the length, in bytes, of the following Additional Signature and has the length, in bytes, of the following Additional
Data. For DRIP, this field is used to carry Forward Error Correction Data. For DRIP, this field is used to carry Forward Error Correction
as defined in Section 4. as defined in Section 4.
Full examples of Authentication Messages (fully paginated; both with
and without Additional Data) can be found in Appendix C.
3.3.2. DRIP Constraints 3.3.2. DRIP Constraints
To keep consistent formatting across the different transports (Legacy To keep consistent formatting across the different transports (Legacy
and Extended) and their independent restrictions the authentication and Extended) and their independent restrictions the authentication
data being sent is REQUIRED to fit within the page limit of the most data being sent is REQUIRED to fit within the page limit of the most
constrained existing transport can support. Under Broadcast RID the constrained existing transport can support. Under Broadcast RID the
transport that can hold the least amount of authentication data is transport that can hold the least amount of authentication data is
Bluetooth 5 and Wi-Fi BEACON at 9-pages. Bluetooth 5 and Wi-Fi BEACON at 9-pages.
As such DRIP transmitters are REQUIRED to adhere to the following As such DRIP transmitters are REQUIRED to adhere to the following
skipping to change at page 42, line 7 skipping to change at page 42, line 7
Signing Timestamp by HDA (4 bytes): Signing Timestamp by HDA (4 bytes):
Current time at signing. Current time at signing.
HDA Signature (64 bytes): HDA Signature (64 bytes):
Signature over preceding fields using the keypair of Signature over preceding fields using the keypair of
the HDA. the HDA.
Figure 17: Example DRIP HDA-UA Broadcast Attestation Figure 17: Example DRIP HDA-UA Broadcast Attestation
Appendix C. Example Authentication Messages Appendix C. Example TX/RX Flow
C.1. Authentication Data Only
This is an example of an Authentication Message with 52-bytes of
Authentication Data.
Page 0:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ Authentication Headers +---------------+
| | |
+---------------+---------------+---------------+ |
| |
| Authentication Data / Signature |
| |
| |
+---------------+---------------+---------------+---------------+
Page 1:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| Authentication Data / Signature |
| |
| |
| |
+---------------+---------------+---------------+---------------+
Page 2:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| Authentication Data / Signature |
| |
| +---------------+---------------+---------------+
| | |
+---------------+ |
| Null Padding |
| |
+---------------+---------------+---------------+---------------+
C.2. Authentication Data & Additional Data
This example has 52-bytes of Authentication Data and 20-bytes of
Additional Data.
Page 0:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ Authentication Headers +---------------+
| | |
+---------------+---------------+---------------+ |
| |
| Authentication Data / Signature |
| |
| |
+---------------+---------------+---------------+---------------+
Page 1:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Authentication Data / Signature |
| |
| |
+---------------+---------------+---------------+---------------+
Page 2:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| Authentication Data / Signature |
| |
| +---------------+---------------+---------------+
| | ADL=20 | |
+---------------+---------------+ |
| Additional Data |
| |
+---------------+---------------+---------------+---------------+
Page 3:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| Additional Data |
| +---------------+
| | |
+---------------+---------------+---------------+ |
| |
| Null Padding |
| |
+---------------+---------------+---------------+---------------+
C.3. DRIP Link Example
This DRIP Link example includes FEC for a single page.
Page 0:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ Authentication Headers +---------------+
| | SAM Type |
+---------------+---------------+---------------+---------------+
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 500789d9c08c05042001001000a00145aac6b00abba268b7
Page 1:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 512001001000a0014579d8a404d48f2ef9bb9a4470ada5b4
Page 2:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 52ff1352c7402af9d9ebd20034e8d7a12920f4d7e91c1a73
Page 3:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 53dca7d04e776150825863c512c6eb075a206a95c59b297e
Page 4:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 54f2935fd416f27b1b42fd5d9dfaa0dec79f32287f41b454
Page 5:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| |
| Broadcast Attestation |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 557101415def153a770d3e6c0b17ae560809bc634a822c1f
Page 6:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | Broadcast Attestation /
+---------------+---------------+---------------+---------------+
/ | ADL | |
+---------------+---------------+ |
| |
| Null Padding |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 563b1064b80a290000000000000000000000000000000000
Page 7:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+
| Page Header | |
+---------------+ |
| |
| Forward Error Correction |
| |
| |
| |
+---------------+---------------+---------------+---------------+
Hex: 57bcbe21684809ed5284aa40b4b7bc45efeb3a47d24b6645
Appendix D. Example TX/RX Flow
In this example the UA is sending all DRIP Authentication Message In this example the UA is sending all DRIP Authentication Message
formats (DRIP Link, DRIP Wrapper and DRIP Manifest) during flight, formats (DRIP Link, DRIP Wrapper and DRIP Manifest) during flight,
along with standard ASTM Messages. The objective is to show the along with standard ASTM Messages. The objective is to show the
combinations of messages that must be received to properly validate a combinations of messages that must be received to properly validate a
DRIP equipped UA and examples of their various states (Appendix A). DRIP equipped UA and examples of their various states (Appendix A).
+-------------------+ +-------------------+
.-----| Unmanned Aircraft |-----. .-----| Unmanned Aircraft |-----.
| +-------------------+ | | +-------------------+ |
 End of changes. 8 change blocks. 
252 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/