idnits 2.17.1 draft-ietf-6tisch-enrollment-enhanced-beacon-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (17 February 2020) is 1523 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'BCP14' is defined on line 361, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. 'ieee802154' ** Downref: Normative reference to an Informational RFC: RFC 8137 -- Duplicate reference: RFC8174, mentioned in 'RFC8174', was also mentioned in 'BCP14'. == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-28 Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6tisch Working Group D. Dujovne 3 Internet-Draft Universidad Diego Portales 4 Intended status: Standards Track M. Richardson 5 Expires: 20 August 2020 Sandelman Software Works 6 17 February 2020 8 IEEE 802.15.4 Information Element encapsulation of 6TiSCH Join and 9 Enrollment Information 10 draft-ietf-6tisch-enrollment-enhanced-beacon-13 12 Abstract 14 In TSCH mode of IEEE STD 802.15.4, opportunities for broadcasts are 15 limited to specific times and specific channels. Routers in a Time- 16 Slotted Channel Hopping (TSCH) network transmit Enhanced Beacon (EB) 17 frames to announce the presence of the network. This document 18 provides a mechanism by which additional information critical for new 19 nodes (pledges) and long sleeping nodes may be carried within the 20 Enhanced Beacon in order to conserve use of broadcast opportunities. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on 20 August 2020. 39 Copyright Notice 41 Copyright (c) 2020 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 46 license-info) in effect on the date of publication of this document. 47 Please review these documents carefully, as they describe your rights 48 and restrictions with respect to this document. Code Components 49 extracted from this document must include Simplified BSD License text 50 as described in Section 4.e of the Trust Legal Provisions and are 51 provided without warranty as described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Use of BCP 14 Terminology . . . . . . . . . . . . . . . . 2 57 1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 2 58 1.3. Layer-3 synchronization: IPv6 Router Solicitations and 59 Advertisements . . . . . . . . . . . . . . . . . . . . . 3 60 2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4 61 3. Security Considerations . . . . . . . . . . . . . . . . . . . 7 62 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8 63 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 64 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 65 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 66 7.1. Normative References . . . . . . . . . . . . . . . . . . 8 67 7.2. Informative References . . . . . . . . . . . . . . . . . 9 68 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 70 1. Introduction 72 [RFC7554] describes the use of the Time-Slotted Channel Hopping 73 (TSCH) mode of [ieee802154]. As further detailed in [RFC8180], an 74 Enhanced Beacon (EB) is transmitted during a slot designated as a 75 broadcast slot. 77 1.1. Use of BCP 14 Terminology 79 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 80 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 81 "OPTIONAL" in this document are to be interpreted as described in 82 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 83 capitals, as shown here. 85 Other terminology can be found in [I-D.ietf-6tisch-architecture] in 86 section 2.1. 88 1.2. Layer-2 Synchronization 90 As explained in section 6 of [RFC8180], the Enhanced Beacon (EB) has 91 a number of purposes: synchronization of Absolute Slot Number (ASN) 92 and Join Metric, carrying timeslot template identifier, carrying the 93 channel hopping sequence identifier, and indicating the TSCH 94 SlotFrame. 96 An EB announces the existence of a TSCH network, and of the nodes 97 already joined to that network. Receiving an EB allows a Joining 98 Node (pledge) to learn about the network and synchronize to it. 100 The EB may also be used as a means for a node already part of the 101 network to re-synchronize [RFC7554]. 103 There are a limited number of timeslots designated as broadcast slots 104 by each router in the network. Considering 10ms slots and a slot- 105 frame length of 100, these slots are rare and could result in only 1 106 slot per second for broadcasts, which needs to be used for the 107 beacon. Additional broadcasts for Router Advertisements (RS), or 108 Neighbor Discovery (ND) could even more scarce. 110 1.3. Layer-3 synchronization: IPv6 Router Solicitations and 111 Advertisements 113 At layer 3, [RFC4861] defines a mechanism by which nodes learn about 114 routers by receiving multicast Router Advertisements (RA). If no RA 115 is received within a set time, then a Router Solicitation (RS) may be 116 transmitted as a multicast, to which an RA will be received, usually 117 unicast. 119 Although However, even in this case, a unicast RS may be transmitted 120 in response[RFC6775] reduces the amount of multicast necessary to do 121 address resolution via Neighbor Solicitation (NS) messages, it still 122 requires multicast of either RAs or RS. This is an expensive 123 operation for two reasons: there are few multicast timeslots for 124 unsolicited RAs; and if a pledge node does not receive an RA, and 125 decides to transmit an RS, a broadcast aloha slot (see {?RFC7554} 126 section A.5) is consumed with unencrypted traffic. 128 This is a particularly acute issue for the join process for the 129 following reasons: 131 1. Use of a multicast slot by even a non-malicious unauthenticated 132 node for a Router Solicitation (RS) may overwhelm that time slot. 134 2. It may require many seconds of on-time before a new pledge 135 receives a Router Advertisement (RA) that it can use. 137 3. A new pledge may have to receive many Enhanced Beacons (EB) 138 before it can pick an appropriate network and/or closest Join 139 Assistant to attach to. If it must remain in the receive state 140 for an RA as well as find the Enhanced Beacon (EB), then the 141 process may take a very long time. 143 This document defines a new IETF Information Element (IE) subtype to 144 place into the Enhanced Beacon (EB) to provide join and enrollment 145 information to prospective pledges in a more efficient way. 147 2. Protocol Definition 149 [RFC8137] creates a registry for new IETF IE subtypes. This document 150 allocates a new subtype. 152 The new IE subtype structure is as follows. As explained in 153 [RFC8137] the length of the Sub-Type Content can be calculated from 154 the container, so no length information is necessary. 156 1 2 3 157 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 158 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 159 | TBD-XXX |R|P| res | proxy prio | rank priority | 160 +-+-+-+-+-+-+-+-+-+-------------+-------------+-----------------+ 161 | pan priority | | 162 +---------------+ + 163 | Join Proxy Interface-ID | 164 + (present if P=1) + 165 | | 166 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 167 | | | 168 +-+-+-+-+-+-+-+-+ + 169 | network ID | 170 + variable length, up to 16 bytes + 171 ~ ~ 172 + + 173 | | 174 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 175 | | 176 +-+-+-+-+-+-+-+-+ 178 Figure 1: IE subtype structure 180 R: The Router Advertisement R-flag is set if the sending node will 181 act as a Router for host-only nodes that need addressing via 182 unicast Router Solicitation messages. 184 In most cases, every node sending a beacon will set this flag, and 185 in a typical mesh, this will be every single node. When this bit 186 is not set, it indicates that this node may be under provisioned, 187 or may have no additional slots for additional nodes. This could 188 make this node more interesting to an attacker. 190 P: If the Proxy Address P-flag is set, then the Join Proxy Interface 191 ID bit field is present. Otherwise, it is not provided. 193 This bit only indicates if another part of the structure is 194 present, and has little security or privacy impact. 196 proxy priority (proxy prio): This field indicates the willingness of 197 the sender to act as join proxy. Lower value indicates greater 198 willingness to act as a Join Proxy as described in 199 [I-D.ietf-6tisch-minimal-security]. Values range 0x00 (most 200 willing) to 0x7e (least willing). A priority of 0x7f indicates 201 that the announcer should never be considered as a viable 202 enrollment proxy. 204 Only unenrolled pledges look at this value. 206 Lower values in this field indicate that the transmitter may have 207 more capacity to handle unencrypted traffic. 209 A higher value may indicate that the transmitter is low on 210 neighbor cache entries, or other resources. 212 rank priority: The rank "priority" is set by the 6LR which sent the 213 beacon and is an indication of how willing this 6LR is to serve as 214 an RPL {?RFC6550} parent within a particular network ID. 216 Lower values indicate more willing, and higher values indicate 217 less willing. This value is calculated by each 6LR according to 218 algorithms specific to the routing metrics used by the RPL 219 ({?RFC6550}). 221 The exact process is a subject of significant research work. 223 It will typically be calculated from the RPL rank, and it may 224 include some modifications based upon current number of children, 225 or number of neighbor cache entries available. 227 This value MUST be ignored by pledges, it is to help enrolled 228 devices only to compare different connection points. 230 An attacker can use this value to determine which nodes are 231 potentially more interesting. Nodes which are less willing to be 232 parents likely have more traffic, and an attacker could use this 233 information to determine which nodes would be more interesting to 234 attack or disrupt. 236 pan priority: The pan priority is a value set by the Destination- 237 Oriented Directed Acycling Graph (DODAG) root (see {?RFC6550}, 238 typically, the 6LBR) to indicate the relative priority of this LLN 239 compared to those with different PANIDs that the operator might 240 control. 242 This value may be used as part of the enrollment priority, but 243 typically is used by devices which have already enrolled, and need 244 to determine which PAN to pick when resuming from a long sleep. 245 Unenrolled pledges MAY consider this value when selecting a PAN to 246 join. Enrolled devices MAY consider this value when looking for 247 an eligible parent device. Lower values indicate a higher 248 willingness to accept new nodes. 250 An attacker can use this value, along with the observed PANID in 251 the Beacon to determine which PANIDs have more network resources, 252 and may have more interesting traffic. 254 Join Proxy Interface ID: If the P bit is set, then 64 bits (8 bytes) 255 of address are present. This field provides the Interface ID 256 (IID) of the Link-Local address of the Join Proxy. The associated 257 prefix is well-known as fe80::/64. If this field is not present, 258 then IID is derived from the layer-2 address of the sender as per 259 SLAAC ({?RFC4662}). 261 This field communicates an Interface ID bits that should be used 262 for this nodes' layer-3 address, if it should not be derived from 263 the layer-2 address. Communication with the Join Proxy occurs in 264 the clear, this field avoids the need for an additional service 265 discovery process for the case where the L3 address is not derived 266 from the L2 address. An attacker will see both L2 and L3 267 addresses, so this field provides no new information. 269 network ID: This is a variable length field, up to 16-bytes in size 270 that uniquely identifies this network, potentially among many 271 networks that are operating in the same frequencies in overlapping 272 physical space. The length of this field can be calculated as 273 being whatever is left in the Information Element. 275 In a 6tisch network, where RPL [RFC6550] is used as the mesh 276 routing protocol, the network ID can be constructed from a 277 truncated SHA256 hash of the prefix (/64) of the network. This 278 will be done by the RPL DODAG root and communicated by the RPL 279 Configuration Option payloads, so it is not calculated more than 280 once. That is just a suggestion for a default algorithm: it may 281 be set in any convenience way that results in a non-identifing 282 value. In some LLNs where multiple PANIDs may lead to the same 283 management device (the JRC), then a common value that is the same 284 across all PANs MUST be configured so that pledges that attempt to 285 enroll do not waste time attempting multiple times with the same 286 network that has multiple attachment points. 288 If the network ID is derived as suggested, then it will an opaque, 289 seemingly random value, and will reveal nothing in of itself. An 290 attacker can match this value across many transmissions to map the 291 extent of a network beyond what the PANID might already provide. 293 3. Security Considerations 295 All of the contents of this Information Element are transmitted in 296 the clear. The content of the Enhanced Beacon is not encrypted. 297 This is a restriction in the cryptographic architecture of the 298 802.15.4 mechanism. In order to decrypt or do integrity checking of 299 layer-2 frames in TSCH, the TSCH Absolute Slot Number (ASN) is 300 needed. The Enhanced Beacon provides the ASN to new (and long- 301 sleeping) nodes. 303 The sensitivity of each field is describe within the description of 304 each field. 306 The Enhanced Beacon is authenticated at the layer-2 level using 307 802.15.4 mechanisms using the network-wide keying material. Nodes 308 which are enrolled will have the network-wide keying material and can 309 validate the beacon. 311 Pledges which have not yet enrolled are unable to authenticate the 312 beacons, and will be forced to temporarily take the contents on 313 faith. After enrollment, a newly enrolled node will be able to 314 return to the beacon and validate it. 316 In addition to the enrollment and join information described in this 317 document, the Enhanced Beacon contains a description of the TSCH 318 schedule to be used by the transmitter of this packet. The schedule 319 can provide an attacker with a list of channels and frequencies on 320 which communication will occur. Knowledge of this can help an 321 attacker to more efficiently jam communications, although there is 322 future work being considered to make some of the schedule less 323 visible. Encrypting the schedule does not prevent an attacker from 324 jamming, but rather increases the energy cost of doing that jamming. 326 4. Privacy Considerations 328 The use of a network ID may reveal information about the network. 329 The use of a SHA256 hash of the DODAGID, rather than using the 330 DODAGID (which is usually derived from the LLN prefix) directly 331 provides some privacy for the the addresses used within the network, 332 as the DODAGID is usually the IPv6 address of the root of the RPL 333 mesh. 335 An interloper with a radio sniffer would be able to use the network 336 ID to map out the extent of the mesh network. 338 5. IANA Considerations 340 IANA is asked to assign a new number TBD-XXX from Registry "IEEE Std 341 802.15.4 IETF IE Subtype IDs" as defined by [RFC8137]. 343 This entry should be called 6tisch-Join-Info, and should refer to 344 this document. 346 Value Subtype-ID Reference 347 ---- ---------- ----------- 348 TBD-XXX 6tisch-Join-Inbfo [this document] 350 6. Acknowledgements 352 Thomas Watteyne provided extensive editorial comments on the 353 document. Carles Gomez Montenegro generated a detailed review of the 354 document at WGLC. Tim Evens provided a number of useful editorial 355 suggestions. 357 7. References 359 7.1. Normative References 361 [BCP14] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 362 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 363 May 2017, . 365 [I-D.ietf-6tisch-minimal-security] 366 Vucinic, M., Simon, J., Pister, K., and M. Richardson, 367 "Constrained Join Protocol (CoJP) for 6TiSCH", Work in 368 Progress, Internet-Draft, draft-ietf-6tisch-minimal- 369 security-15, 10 December 2019, . 373 [ieee802154] 374 IEEE standard for Information Technology, ., "IEEE Std. 375 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) 376 and Physical Layer (PHY) Specifications for Low-Rate 377 Wireless Personal Area Networks", 2015, 378 . 381 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 382 Requirement Levels", BCP 14, RFC 2119, 383 DOI 10.17487/RFC2119, March 1997, 384 . 386 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 387 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 388 DOI 10.17487/RFC4861, September 2007, 389 . 391 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 392 Bormann, "Neighbor Discovery Optimization for IPv6 over 393 Low-Power Wireless Personal Area Networks (6LoWPANs)", 394 RFC 6775, DOI 10.17487/RFC6775, November 2012, 395 . 397 [RFC8137] Kivinen, T. and P. Kinney, "IEEE 802.15.4 Information 398 Element for the IETF", RFC 8137, DOI 10.17487/RFC8137, May 399 2017, . 401 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 402 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 403 May 2017, . 405 7.2. Informative References 407 [I-D.ietf-6tisch-architecture] 408 Thubert, P., "An Architecture for IPv6 over the TSCH mode 409 of IEEE 802.15.4", Work in Progress, Internet-Draft, 410 draft-ietf-6tisch-architecture-28, 29 October 2019, 411 . 414 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 415 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 416 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 417 Low-Power and Lossy Networks", RFC 6550, 418 DOI 10.17487/RFC6550, March 2012, 419 . 421 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using 422 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the 423 Internet of Things (IoT): Problem Statement", RFC 7554, 424 DOI 10.17487/RFC7554, May 2015, 425 . 427 [RFC8180] Vilajosana, X., Ed., Pister, K., and T. Watteyne, "Minimal 428 IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) 429 Configuration", BCP 210, RFC 8180, DOI 10.17487/RFC8180, 430 May 2017, . 432 Authors' Addresses 434 Diego Dujovne (editor) 435 Universidad Diego Portales 436 Escuela de Informatica y Telecomunicaciones, Av. Ejercito 441 437 Santiago, Region Metropolitana 438 Chile 440 Phone: +56 (2) 676-8121 441 Email: diego.dujovne@mail.udp.cl 443 Michael Richardson 444 Sandelman Software Works 446 Email: mcr+ietf@sandelman.ca