idnits 2.17.1 draft-ietf-6tisch-enrollment-enhanced-beacon-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (13 February 2020) is 1505 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'BCP14' is defined on line 326, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. 'ieee802154' ** Downref: Normative reference to an Informational RFC: RFC 8137 -- Duplicate reference: RFC8174, mentioned in 'RFC8174', was also mentioned in 'BCP14'. == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-28 Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6tisch Working Group D. Dujovne 3 Internet-Draft Universidad Diego Portales 4 Intended status: Standards Track M. Richardson 5 Expires: 16 August 2020 Sandelman Software Works 6 13 February 2020 8 IEEE 802.15.4 Information Element encapsulation of 6TiSCH Join and 9 Enrollment Information 10 draft-ietf-6tisch-enrollment-enhanced-beacon-10 12 Abstract 14 In TSCH mode of IEEE STD 802.15.4, opportunities for broadcasts are 15 limited to specific times and specific channels. Nodes in a TSCH 16 network typically frequently send Enhanced Beacon (EB) frames to 17 announce the presence of the network. This document provides a 18 mechanism by which small details critical for new nodes (pledges) and 19 long sleeping nodes may be carried within the Enhanced Beacon. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on 16 August 2020. 38 Copyright Notice 40 Copyright (c) 2020 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 45 license-info) in effect on the date of publication of this document. 46 Please review these documents carefully, as they describe your rights 47 and restrictions with respect to this document. Code Components 48 extracted from this document must include Simplified BSD License text 49 as described in Section 4.e of the Trust Legal Provisions and are 50 provided without warranty as described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.1. Use of BCP 14 Terminology . . . . . . . . . . . . . . . . 2 56 1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 2 57 1.3. Layer-3 synchronization: IPv6 Router Solicitations and 58 Advertisements . . . . . . . . . . . . . . . . . . . . . 3 59 2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4 60 3. Security Considerations . . . . . . . . . . . . . . . . . . . 6 61 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 7 62 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 63 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 64 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 65 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 66 7.2. Informative References . . . . . . . . . . . . . . . . . 8 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 69 1. Introduction 71 [RFC7554] describes the use of the time-slotted channel hopping 72 (TSCH) mode of [ieee802154]. As further detailed in [RFC8180], an 73 Enhanced Beacon (EB) is transmitted during a slot designated as a 74 broadcast slot. 76 1.1. Use of BCP 14 Terminology 78 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 79 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 80 "OPTIONAL" in this document are to be interpreted as described in 81 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 82 capitals, as shown here. 84 Other terminology can be found in [I-D.ietf-6tisch-architecture] in 85 section 2.1. 87 1.2. Layer-2 Synchronization 89 As explained in section 6 of [RFC8180], the Enhanced Beacon (EB) has 90 a number of purposes: synchronization of ASN and Join Metric, 91 carrying timeslot template identifier, carrying the channel hopping 92 sequence identifier, and indicating the TSCH SlotFrame. 94 The EB is used by nodes already part of a TSCH network to announce 95 its existence. Receiving an EB allows a Joining Node (pledge) to 96 learn about the network and synchronize to it. The EB may also be 97 used as a means for a node already part of the network to re- 98 synchronize [RFC7554]. 100 There is a limited number of timeslots designated as a broadcast slot 101 by each router in the network. Considering 10ms slots and a slot- 102 frame length of 100, these slots are rare and could result in only 1 103 slot/s for a broadcast, which needs to be used for the beacon. 104 Additional broadcasts for Router Advertisements, or Neighbor 105 Discovery could even more scarce. 107 1.3. Layer-3 synchronization: IPv6 Router Solicitations and 108 Advertisements 110 At layer 3, [RFC4861] defines a mechanism by which nodes learn about 111 routers by receiving multicast Router Advertisements (RA). If no RA 112 is heard within a set time, then a Router Solicitation (RS) may be 113 sent as multicast, to which an RA will be received, usually unicast. 115 Although [RFC6775] reduces the amount of multicast necessary to do 116 address resolution via Neighbor Solicitation (NS) messages, it still 117 requires multicast of either RAs or RS. This is an expensive 118 operation for two reasons: First, there are few multicast timeslots 119 for unsolicited RAs; and second, if a pledge node does not hear an 120 RA, and decides to send a RS, a broadcast aloha slot is consumed with 121 unencrypted traffic. In this case, a unicast RS may be sent in 122 response. 124 This is a particularly acute issue for the join process for the 125 following reasons: 127 1. use of a multicast slot by even a non-malicious unauthenticated 128 node for a Router Solicitation (RS) may overwhelm that time slot. 130 2. it may require many seconds of on-time before a new pledge hears 131 a Router Advertisement (RA) that it can use. 133 3. a new pledge may listen to many Enhanced Beacons (EB) before it 134 can pick an appropriate network and/or closest Join Assistant to 135 attach to. If it must listen for a RA as well as find the 136 Enhanced Beacon (EB), then the process may take a very long time. 138 This document defines a new IETF IE subtype to provide join and 139 enrollment information to prospective pledges in a more efficient 140 way. 142 2. Protocol Definition 144 [RFC8137] creates a registry for new IETF IE subtypes. This document 145 allocates a new subtype. 147 The new IE subtype structure is as follows. As explained in 148 [RFC8137] the length of the Sub-Type Content can be calculated from 149 the container, so no length information is necessary. 151 1 2 3 152 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 154 | TBD-XXX |R|P| res | proxy prio | rank priority | 155 +-+-+-+-+-+-+-+-+-+-------------+-------------+-----------------+ 156 | pan priority | | 157 +---------------+ + 158 | Join Proxy lower-64 | 159 + (present if P=1) + 160 | | 161 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 162 | | | 163 +-+-+-+-+-+-+-+-+ + 164 | network ID | 165 + variable length, up to 16 bytes + 166 ~ ~ 167 + + 168 | | 169 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 170 | | 171 +-+-+-+-+-+-+-+-+ 173 Figure 1: IE subtype structure 175 R: the Router Advertisement R-flag is set if the sending node will 176 act as a Router for host-only nodes that need addressing via 177 unicast Router Solicitation messages. 179 in most cases, every node sending a beacon will set this flag, and 180 in a typical mesh, this will be every single node. When this bit 181 is not set, it indicates that this node may be under provisioned, 182 or may have no additional slots for additional nodes. This could 183 make this node more interesting to an attacker. 185 P: if the Proxy Address P-flag is set, then the lower 64-bits of the 186 Join Proxy's link-local address follows the network ID. If the 187 Proxy Address bit is not set, then the Link Layer address of the 188 Join Proxy is identical to the Layer-2 8-byte address used to 189 originate this enhanced beacon. In either case, the destination 190 layer-2 address of this beacon may use the layer-2 address which 191 was used to originate the beacon. 193 this bit only indicates if another part of the structure is 194 present, and has little security or privacy impact. 196 proxy priority (proxy prio): this field indicates the willingness of 197 the sender to act as join proxy. Lower value indicates greater 198 willingness to act as a Join Proxy as described in 199 [I-D.ietf-6tisch-minimal-security]. Values range 0x00 (most 200 willing) to 0x7e (least willing). A priority of 0x7f indicates 201 that the announcer should never be considered as a viable 202 enrollment proxy. Only unenrolled pledges look at this value. 204 lower values in this field indicate that the transmitter may have 205 more capacity to handle unencrypted traffic. A higher value may 206 indicate that the transmitter is low on neighbor cache entries, or 207 other resources. 209 rank priority: the rank "priority" is set by the 6LR which sent the 210 beacon and is an indication of how willing this 6LR is to serve as 211 an RPL parent within a particular network ID. This is a local 212 value to be determined in other work. It might be calculated from 213 RPL rank, and it may include some modifications based upon current 214 number of children, or number of neighbor cache entries available. 215 This value MUST be ignored by pledges, it is for enrolled devices 216 only. Lower values are better. 218 an attacker can use this value to determine which nodes are 219 potentially more interesting. Nodes which are less willing to be 220 parents likely have more traffic, and an attacker could use this 221 information to determine which nodes would be more interesting to 222 attack or disrupt. 224 pan priority: the pan priority is a value set by the DODAG root to 225 indicate the relative priority of this LLN compared to those with 226 different PANIDs. This value may be used as part of the 227 enrollment priority, but typically is used by devices which have 228 already enrolled, and need to determine which PAN to pick. 229 Unenrolled pledges MAY consider this value when selecting a PAN to 230 join. Enrolled devices MAY consider this value when looking for 231 an eligible parent device. 233 an attacker can use this value, along with the observed PANID in 234 the Beacon to determine which PANIDs have more network resources, 235 and may have more interesting traffic. 237 Join Proxy lower-64: if the P bit is set, then 64 bits (8 bytes) of 238 address are present. This field provides the suffix of the Link- 239 Local address of the Join Proxy. The associated prefix is well- 240 known as fe80::/64. 242 this field communicates a lower-64 bits that should be used for 243 this nodes' layer-3 address, if it should not be derived from the 244 layer-2 address. Communication with the Join Proxy occurs in the 245 clear, this field avoids the need for an additional service 246 discovery process for the case where the L3 address is not derived 247 from the L2 address. An attacker will see both L2 and L3 248 addresses, so this field provides no new information. 250 network ID: this is a variable length field, up to 16-bytes in size 251 that uniquely identifies this network, potentially among many 252 networks that are operating in the same frequencies in overlapping 253 physical space. The length of this field can be calculated as 254 being whatever is left in the Information Element. 256 In a 6tisch network, where RPL [RFC6550] is used as the mesh 257 routing protocol, the network ID can be constructed from a SHA256 258 hash of the prefix (/64) of the network. That is just a 259 suggestion for a default value. In some LLNs where multiple 260 PANIDs may lead to the same management device (the JRC), then a 261 common value that is the same across all PANs MUST be configured. 263 If the the network ID is derived as suggested, then it will an 264 opaque, seemingly random value, and will reveal nothing in of 265 itself. An attacker can match this value across many 266 transmissions to map the extent of a network beyond what the PANID 267 might already provide. 269 3. Security Considerations 271 All of the contents of this Information Element are sent in the 272 clear. The containing Enhanced Beacon is not encrypted. This is a 273 restriction in the cryptographic architecture of the TSCH mechanism. 274 In order to decrypt or do integrity checking of layer-2 frames in 275 TSCH, the TSCH Absolute Slot Number (ASN) is needed. The Enhanced 276 Beacon provides the ASN to new (and long-sleeping) nodes. 278 The Enhanced Beacon is authenticated at the layer-2 level using 279 802.15.4 mechanisms using the network-wide keying material. Nodes 280 which are enrolled will have the network-wide keying material and can 281 validate the beacon, providing them with a trusted 283 Pledges which have not yet enrolled are unable to authenticate the 284 beacons, and will be forced to temporarily take the contents on 285 faith. After enrollment, a newly enrolled node will be able to 286 return to the beacon and validate it. 288 In addition to the enrollment and join information described in this 289 document, the Enhanced Beacon contains a description of the TSCH 290 schedule to be used by the transmitter of this packet. The schedule 291 can provide an attacker with a list of channels and frequencies on 292 which communication will occur. Knowledge of this can help an 293 attacker to more efficiently jam communications, although there is 294 future work being considered to make some of the schedule less 295 visible. Encrypting the schedule does not prevent an attacker from 296 jamming, but rather increases the energy cost of doing that jamming. 298 4. Privacy Considerations 300 The use of a network ID may reveal information about the network. 301 The use of a SHA256 hash of the DODAGID, rather than using the 302 DODAGID (which is usually derived from the LLN prefix) directly 303 provides some privacy for the the addresses used within the network. 304 The DODAGID is usually the IPv6 address of the root of the RPL mesh. 306 An interloper with a radio sniffer would be able to use the network 307 ID to map out the extent of the mesh network. 309 5. IANA Considerations 311 Allocate a new number TBD-XXX from Registry IETF IE Sub-type ID, as 312 defined by [RFC8137]. This entry should be called 6tisch-Join-Info, 313 and should refer to this document. 315 6. Acknowledgements 317 Thomas Watteyne provided extensive editorial comments on the 318 document. Carles Gomez Montenegro generated a detailed review of the 319 document at WGLC. Tim Evens provided a number of useful editorial 320 suggestions. 322 7. References 324 7.1. Normative References 326 [BCP14] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 327 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 328 May 2017, . 330 [I-D.ietf-6tisch-minimal-security] 331 Vucinic, M., Simon, J., Pister, K., and M. Richardson, 332 "Constrained Join Protocol (CoJP) for 6TiSCH", Work in 333 Progress, Internet-Draft, draft-ietf-6tisch-minimal- 334 security-15, 10 December 2019, . 338 [ieee802154] 339 IEEE standard for Information Technology, ., "IEEE Std. 340 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) 341 and Physical Layer (PHY) Specifications for Low-Rate 342 Wireless Personal Area Networks", 2015, 343 . 346 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 347 Requirement Levels", BCP 14, RFC 2119, 348 DOI 10.17487/RFC2119, March 1997, 349 . 351 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 352 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 353 DOI 10.17487/RFC4861, September 2007, 354 . 356 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 357 Bormann, "Neighbor Discovery Optimization for IPv6 over 358 Low-Power Wireless Personal Area Networks (6LoWPANs)", 359 RFC 6775, DOI 10.17487/RFC6775, November 2012, 360 . 362 [RFC8137] Kivinen, T. and P. Kinney, "IEEE 802.15.4 Information 363 Element for the IETF", RFC 8137, DOI 10.17487/RFC8137, May 364 2017, . 366 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 367 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 368 May 2017, . 370 7.2. Informative References 372 [I-D.ietf-6tisch-architecture] 373 Thubert, P., "An Architecture for IPv6 over the TSCH mode 374 of IEEE 802.15.4", Work in Progress, Internet-Draft, 375 draft-ietf-6tisch-architecture-28, 29 October 2019, 376 . 379 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 380 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 381 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 382 Low-Power and Lossy Networks", RFC 6550, 383 DOI 10.17487/RFC6550, March 2012, 384 . 386 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using 387 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the 388 Internet of Things (IoT): Problem Statement", RFC 7554, 389 DOI 10.17487/RFC7554, May 2015, 390 . 392 [RFC8180] Vilajosana, X., Ed., Pister, K., and T. Watteyne, "Minimal 393 IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) 394 Configuration", BCP 210, RFC 8180, DOI 10.17487/RFC8180, 395 May 2017, . 397 Authors' Addresses 399 Diego Dujovne (editor) 400 Universidad Diego Portales 401 Escuela de Informatica y Telecomunicaciones, Av. Ejercito 441 402 Santiago, Region Metropolitana 403 Chile 405 Phone: +56 (2) 676-8121 406 Email: diego.dujovne@mail.udp.cl 408 Michael Richardson 409 Sandelman Software Works 411 Email: mcr+ietf@sandelman.ca