idnits 2.17.1 draft-ietf-lpwan-coap-static-context-hc-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 1163 has weird spacing: '...tkn piv kid...' == Line 1180 has weird spacing: '... mid tkn...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (October 20, 2020) is 1256 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '69' on line 1204 -- Looks like a reference, but probably isn't: '132' on line 1204 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan Working Group A. Minaburo 3 Internet-Draft Acklio 4 Intended status: Standards Track L. Toutain 5 Expires: April 23, 2021 Institut MINES TELECOM; IMT Atlantique 6 R. Andreasen 7 Universidad de Buenos Aires 8 October 20, 2020 10 LPWAN Static Context Header Compression (SCHC) for CoAP 11 draft-ietf-lpwan-coap-static-context-hc-16 13 Abstract 15 This draft defines how Static Context Header Compression (SCHC) can 16 be applied to the Constrained Application Protocol (CoAP). SCHC is a 17 header compression mechanism adapted for constrained devices. SCHC 18 uses a static description of the header to reduce the redundancy and 19 size of the header's information. While RFC 8724 describes the SCHC 20 compression and fragmentation framework, and its application for 21 IPv6/UDP headers, this document applies SCHC for CoAP headers. The 22 CoAP header structure differs from IPv6 and UDP since CoAP uses a 23 flexible header with a variable number of options, themselves of 24 variable length. The CoAP protocol messages format is asymmetric: 25 the request messages have a header format different from the one in 26 the response messages. This specification gives guidance on applying 27 SCHC to flexible headers and how to leverage the asymmetry for more 28 efficient compression Rules. 30 Status of This Memo 32 This Internet-Draft is submitted in full conformance with the 33 provisions of BCP 78 and BCP 79. 35 Internet-Drafts are working documents of the Internet Engineering 36 Task Force (IETF). Note that other groups may also distribute 37 working documents as Internet-Drafts. The list of current Internet- 38 Drafts is at https://datatracker.ietf.org/drafts/current/. 40 Internet-Drafts are draft documents valid for a maximum of six months 41 and may be updated, replaced, or obsoleted by other documents at any 42 time. It is inappropriate to use Internet-Drafts as reference 43 material or to cite them other than as "work in progress." 45 This Internet-Draft will expire on April 23, 2021. 47 Copyright Notice 49 Copyright (c) 2020 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (https://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with respect 57 to this document. Code Components extracted from this document must 58 include Simplified BSD License text as described in Section 4.e of 59 the Trust Legal Provisions and are provided without warranty as 60 described in the Simplified BSD License. 62 Table of Contents 64 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 65 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 66 2. SCHC Applicability to CoAP . . . . . . . . . . . . . . . . . 4 67 3. CoAP Headers compressed with SCHC . . . . . . . . . . . . . . 7 68 3.1. Differences between CoAP and UDP/IP Compression . . . . . 8 69 4. Compression of CoAP header fields . . . . . . . . . . . . . . 9 70 4.1. CoAP version field . . . . . . . . . . . . . . . . . . . 9 71 4.2. CoAP type field . . . . . . . . . . . . . . . . . . . . . 9 72 4.3. CoAP code field . . . . . . . . . . . . . . . . . . . . . 9 73 4.4. CoAP Message ID field . . . . . . . . . . . . . . . . . . 10 74 4.5. CoAP Token fields . . . . . . . . . . . . . . . . . . . . 10 75 5. CoAP options . . . . . . . . . . . . . . . . . . . . . . . . 10 76 5.1. CoAP Content and Accept options. . . . . . . . . . . . . 11 77 5.2. CoAP option Max-Age, Uri-Host, and Uri-Port fields . . . 11 78 5.3. CoAP option Uri-Path and Uri-Query fields . . . . . . . . 11 79 5.3.1. Variable-length Uri-Path and Uri-Query . . . . . . . 12 80 5.3.2. Variable number of Path or Query elements . . . . . . 12 81 5.4. CoAP option Size1, Size2, Proxy-URI and Proxy-Scheme 82 fields . . . . . . . . . . . . . . . . . . . . . . . . . 13 83 5.5. CoAP option ETag, If-Match, If-None-Match, Location-Path, 84 and Location-Query fields . . . . . . . . . . . . . . . . 13 85 6. SCHC compression of CoAP extension RFCs . . . . . . . . . . . 13 86 6.1. Block . . . . . . . . . . . . . . . . . . . . . . . . . . 13 87 6.2. Observe . . . . . . . . . . . . . . . . . . . . . . . . . 13 88 6.3. No-Response . . . . . . . . . . . . . . . . . . . . . . . 13 89 6.4. OSCORE . . . . . . . . . . . . . . . . . . . . . . . . . 14 90 7. Examples of CoAP header compression . . . . . . . . . . . . . 15 91 7.1. Mandatory header with CON message . . . . . . . . . . . . 15 92 7.2. OSCORE Compression . . . . . . . . . . . . . . . . . . . 16 93 7.3. Example OSCORE Compression . . . . . . . . . . . . . . . 19 94 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29 95 9. Security considerations . . . . . . . . . . . . . . . . . . . 29 96 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 97 11. Normative References . . . . . . . . . . . . . . . . . . . . 30 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31 100 1. Introduction 102 CoAP [rfc7252] is a command/response protocol designed for micro- 103 controllers with a small amount of RAM and ROM and is optimized for 104 REST-based (Representational state transfer) services. Although CoAP 105 was designed for Low-Power Wireless Personal Area Networks (6LoWPAN), 106 a CoAP header's size is still too large for LPWAN (Low Power Wide 107 Area Networks) and some compression of the CoAP header is required 108 either to increase performances or allow CoAP other some LPWAN 109 technologies. 111 The [rfc8724] defines SCHC, a header compression mechanism for the 112 LPWAN network based on a static context. Section 5 of the [rfc8724] 113 explains the architecture where compression and decompression are 114 done. The SCHC compression scheme assumes as a prerequisite that the 115 static context is known to both endpoints before transmission. The 116 way the context is configured, provisioned or exchanged is out of 117 this document's scope. 119 CoAP is an application protocol, so CoAP compression requires 120 installing common rules between the two SCHC instances. SCHC 121 compression may apply at two different levels: one to compress IP and 122 UDP in the LPWAN network and another at the application level for 123 CoAP. These two compressions may be independent. Both follow the 124 same principle described in RFC8724. SCHC rules driving the 125 compression/decompression are different and may be managed by 126 different entities. The [rfc8724] describes how the IP and UDP 127 headers may be compressed. This document specifies how the SCHC 128 compression rules can be applied to CoAP traffic. 130 SCHC compresses and decompresses headers based on shared contexts 131 between devices. 132 Each context consists of multiple Rules. Each Rule can match header 133 fields and specific values or ranges of values. 134 If a Rule matches, the matched header fields are replaced by the 135 RuleID and some residual bits. Thus, different Rules may correspond 136 to divers protocols packets that a device expects to send or receive. 138 A Rule describes the packets's entire header with an ordered list of 139 fields descriptions; see section 7 of [rfc8724]. Thereby 140 each description contains the field ID (FID), its length (FL), and 141 its position (FP), a direction indicator (DI) (upstream, downstream, 142 and bidirectional), and some associated Target Values (TV). The 143 direction indicator is used for compression to give the best TV to 144 the FID when these values differ in the transmission direction. So a 145 field may be described several times depending on the asymmetry of 146 its possible TVs. 148 A Matching Operator (MO) is associated with each header field 149 description. 150 The Rule is selected if all the MOs fit the TVs for all fields of the 151 incoming header. A rule cannot be selected if the message contains a 152 field unknown to the SCHC compressor. 154 In that case, a Compression/Decompression Action (CDA) associated 155 with each field give the method to compress and decompress each 156 field. Compression mainly results in one of 4 actions: 158 o send the field value, 160 o send nothing, 162 o send some least significant bits of the field or 164 o send an index. 166 After applying the compression, there may be some bits to be sent. 167 These values are called Compression Residues. 169 SCHC is a general mechanism applied to different protocols, the exact 170 Rules to be used depending on the protocol and the application. 171 Section 10 of the [rfc8724] describes the compression scheme for IPv6 172 and UDP headers. 173 This document targets the CoAP header compression using SCHC. 175 1.1. Terminology 177 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 178 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 179 "OPTIONAL" in this document are to be interpreted as described in BCP 180 14 [RFC2119][rfc8174] when, and only when, they appear in all 181 capitals, as shown here. 183 2. SCHC Applicability to CoAP 185 The SCHC Compression Rules can be applied to CoAP headers. SCHC 186 Compression of the CoAP header MAY be done in conjunction with the 187 lower layers (IPv6/UDP) or independently. The SCHC adaptation 188 layers, described in Section 5 of [rfc8724], may be used, as shown in 189 Figure 1,Figure 2 and Figure 3 190 In the first example, Figure 1, a Rule compresses the complete header 191 stack from IPv6 to CoAP. In this case, SCHC C/D (Static Context 192 Header Compression Compressor/Decompressor) is performed at the 193 device and the application. The host communicating with the device 194 does not implement SCHC C/D. 196 (device) (NGW) (App) 198 +--------+ +--------+ 199 | CoAP | | CoAP | 200 +--------+ +--------+ 201 | UDP | | UDP | 202 +--------+ +----------------+ +--------+ 203 | IPv6 | | IPv6 | | IPv6 | 204 +--------+ +--------+-------+ +--------+ 205 | SCHC | | SCHC | | | | 206 +--------+ +--------+ + + + 207 | LPWAN | | LPWAN | | | | 208 +--------+ +--------+-------+ +--------+ 209 ((((LPWAN)))) ------ Internet ------ 211 Figure 1: Compression/decompression at the LPWAN boundary 213 The SCHC can be viewed as a layer above layer 2. This layer received 214 non-encrypted packets and can apply compression rule to all the 215 headers. On the other end, the NGW receives the SCHC packet and 216 reconstructs the headers from the rule, identified by its ID and the 217 header residues. The result is a regular IPv6 packet that can be 218 forwarded toward the destination. The same process applies in the 219 other direction. A not encrypted packet arrived at the NGW, thanks 220 to IP forwarding based on the IPv6 prefix. The NGW identifies the 221 device and compresses headers using the device's rules. 223 In the second example, Figure 2, the SCHC compression is applied in 224 the CoAP layer, compressing the CoAP header independently of the 225 other layers. The RuleID, the Compression Residue, and CoAP payload 226 are encrypted using a mechanism such as DTLS. Only the other end 227 (App) can decipher the information. If needed, layers below use SCHC 228 to compress the header as defined in [rfc8724] document (represented 229 in dotted lines). 231 This use case needs an end-to-end context initialization between the 232 device and the application and is out-of-scope of this document. 234 (device) (NGW) (App) 236 +--------+ +--------+ 237 | CoAP | | CoAP | 238 +--------+ +--------+ 239 | SCHC | | SCHC | 240 +--------+ +--------+ 241 | DTLS | | DTLS | 242 +--------+ +--------+ 243 . udp . . udp . 244 .......... .................. .......... 245 . ipv6 . . ipv6 . . ipv6 . 246 .......... .................. .......... 247 . schc . . schc . . . . 248 .......... .......... . . . 249 . lpwan . . lpwan . . . . 250 .......... .................. .......... 251 ((((LPWAN)))) ------ Internet ------ 253 Figure 2: Standalone CoAP end-to-end compression/decompression 255 In the third example, Figure 3, the Object Security for Constrained 256 RESTful Environments (OSCORE) [rfc8613] is used. In this case, two 257 rulesets are used to compress the CoAP message. A first ruleset 258 focused on the inner header compresses it. The result is encrypted 259 using the OSCORE mechanism. A second ruleset compresses the outer 260 header, including the OSCORE Options. 262 (device) (NGW) (App) 264 +--------+ +--------+ 265 | CoAP | | CoAP | 266 | inner | | inner | 267 +--------+ +--------+ 268 | SCHC | | SCHC | 269 | inner | | inner | 270 +--------+ +--------+ 271 | CoAP | | CoAP | 272 | outer | | outer | 273 +--------+ +--------+ 274 | SCHC | | SCHC | 275 | outer | | outer | 276 +--------+ +--------+ 277 . udp . . udp . 278 .......... .................. .......... 279 . ipv6 . . ipv6 . . ipv6 . 280 .......... .................. .......... 281 . schc . . schc . . . . 282 .......... .......... . . . 283 . lpwan . . lpwan . . . . 284 .......... .................. .......... 285 ((((LPWAN)))) ------ Internet ------ 287 Figure 3: OSCORE compression/decompression. 289 In the case of several SCHC instances, as shown in Figure 3 and 290 Figure 3, the rulesets may come from different provisioning domains. 292 This document focuses on CoAP compression represented in the dashed 293 boxes in the previous figures. 295 3. CoAP Headers compressed with SCHC 297 The use of SCHC over the CoAP header uses the same description and 298 compression/decompression techniques like the one for IP and UDP 299 explained in the [rfc8724]. For CoAP, SCHC Rules description uses 300 the direction information to optimize the compression by reducing the 301 number of Rules needed to compress headers. The field description 302 MAY define both request/response headers and target values in the 303 same Rule, using the DI (direction indicator) to make the difference. 305 As for other header compression protocols, when the compressor does 306 not find a correct Rule to compress the header, the packet MUST be 307 sent uncompressed using the RuleID dedicated to this purpose. Where 308 the Compression Residue is the complete header of the packet. See 309 section 6 of [rfc8724]. 311 3.1. Differences between CoAP and UDP/IP Compression 313 CoAP compression differs from IPv6 and UDP compression on the 314 following aspects: 316 o The CoAP protocol is asymmetric; the headers are different for a 317 request or a response. For example, the URI-Path option is 318 mandatory in the request, and it may not be present in the 319 response. A request may contain an Accept option, and the 320 response may include a Content-Format option. In comparison, IPv6 321 and UDP returning path swap the value of some fields in the 322 header. But all the directions have the same fields (e.g., source 323 and destination address fields). 325 The [rfc8724] defines the use of a Direction Indicator (DI) in the 326 Field Descriptor, which allows a single Rule to process a message 327 headers differently depending on the direction. 329 o Even when a field is "symmetric" (i.e., found in both directions), 330 the values carried in each direction are different. 331 The compression may use a matching list in the TV to limit the 332 range of expected values in a particular direction and therefore 333 reduce the Compression Residue's size. Through the Direction 334 Indicator (DI), a field description in the Rules splits the 335 possible field value into two parts, one for each direction. For 336 instance, if a client sends only CON requests, the type can be 337 elided by compression, and the answer may use one single bit to 338 carry either the ACK or RST type. The field Code has the same 339 behavior, the 0.0X code format value in the request, and Y.ZZ code 340 format in the response. 342 o Headers in IPv6 and UDP have a fixed size. The size is not sent 343 as part of the Compression Residue but is defined in the Rule. 344 Some CoAP header fields have variable lengths, so the length is 345 also specified in the Field Description. For example, the Token 346 size may vary from 0 to 8 bytes. And the CoAP options have a 347 variable length since they use the Type-Length-Value encoding 348 format, as URI-path or URI-query. 350 Section 7.5.2 from [rfc8724] offers the possibility to define a 351 function for the Field length in the Field Description to know the 352 length before compression. When doing SCHC compression of a 353 variable-length field, 354 if the field size is unknown, the Field Length in the Rule is set 355 as variable, and the size is sent with the Compression Residue. 357 o A field can appear several times in the CoAP headers. This is 358 typical for elements of a URI (path or queries). The SCHC 359 specification [rfc8724] allows a Field ID to appear several times 360 in the Rule and uses the Field Position (FP) to identify the 361 correct instance, and thereby removing the ambiguity of the 362 matching operation. 364 o Field sizes defined in the CoAP protocol can be too 365 large regarding LPWAN traffic constraints. This is particularly 366 true for the Message-ID field and the Token field. SCHC uses 367 different Matching operators (MO) to perform the compression. See 368 section 7.4 of [rfc8724]. In this case, the Most Significant Bits 369 (MSB) MO can be applied to reduce the information carried on 370 LPWANs. 372 4. Compression of CoAP header fields 374 This section discusses the compression of the different CoAP header 375 fields. The CoAP compression with SCHC follows the Section 7.1 of 376 [rfc8724]. 378 4.1. CoAP version field 380 CoAP version is bidirectional and MUST be elided during the SCHC 381 compression since it always contains the same value. In the future, 382 if new versions of CoAP are defined, new Rules will be needed to 383 avoid ambiguities between versions. 385 4.2. CoAP type field 387 The CoAP Protocol [rfc7252] has four types of messages: two requests 388 (CON, NON), one response (ACK), and one empty message (RST). 390 The field SHOULD be elided if, for instance, a client is sending only 391 NON or only CON messages. For the RST message, a dedicated Rule may 392 be needed. For other usages, a mapping list can be used. 394 4.3. CoAP code field 396 The code field indicates the Request Method used in CoAP, an IANA 397 registry [rfc7252]. The compression of the CoAP code field follows 398 the same principle as that of the CoAP type field. If the device 399 plays a specific role, the set of code values can be split into two 400 parts, the request codes with the 0 class and the response values. 402 If the device only implements a CoAP client, the request code can be 403 reduced to the set of requests the client can to process. 405 A mapping list can be used for known values. The field cannot be 406 compressed for other values, and the value needs to be sent in the 407 Compression Residue. 409 4.4. CoAP Message ID field 411 The Message ID field can be compressed with the MSB(x) MO and the 412 Least Significant Bits (LSB) CDA. See section 7.4 of [rfc8724]. 414 4.5. CoAP Token fields 416 A Token is defined through two CoAP fields, Token Length in the 417 mandatory header and Token Value directly following the mandatory 418 CoAP header. 420 Token Length is processed as any protocol field. If the value does 421 not change, the size can be stored in the TV and elided during the 422 transmission. Otherwise, it will have to be sent in the Compression 423 Residue. 425 Token Value MUST NOT be sent as a variable-length residue to avoid 426 ambiguity with Token Length. Therefore, the Token Length value MUST 427 be used to define the size of the Compression Residue. A specific 428 function designated as "TKL" MUST be used in the Rule. During the 429 decompression, this function returns the value contained in the Token 430 Length field. 432 5. CoAP options 434 CoAP defines options that are placed after the based header in Option 435 Numbers order, see [rfc7252]. Each Option instance in a message uses 436 the format Delta-Type (D-T), Length (L), Value (V). When applying 437 SCHC compression to the Option, the D-T, L, and V format serve to 438 make the Rule description of the Option. The SCHC compression builds 439 the description of the Option by using in the Field ID the Option 440 Number built from D-T; in TV, the Option Value; and the Option Length 441 uses section 7.4 of [rfc8724]. When the Option Length has a 442 wellknown size, it can be stored in the Rule. Therefore, SCHC 443 compression does not send it. Otherwise, SCHC Compression carries 444 the length of the Compression Residue, in addition to the Compression 445 Residue value. 447 CoAP requests and responses do not include the same options. So 448 Compression Rules may reflect this asymmetry by tagging the direction 449 indicator. 451 Note that length coding differs between CoAP options and SCHC 452 variable size Compression Residue. 454 The following sections present how SCHC compresses some specific CoAP 455 options. 457 If a new option is introduced in CoAP, a new Field ID has to be 458 assigned in the Rules to allow its compression. Otherwise, if no 459 Rule describes this Option, the SCHC compression is not possible, and 460 the CoAP header is sent without compression. 462 5.1. CoAP Content and Accept options. 464 If the client expects a single value, it can be stored in the TV and 465 elided during the transmission. Otherwise, if the client expects 466 several possible values, a matching-list SHOULD be used to limit the 467 Compression Residue's size. Otherwise, the value has to be sent as a 468 Compression Residue (fixed or variable length). 470 5.2. CoAP option Max-Age, Uri-Host, and Uri-Port fields 472 If both ends know the value, the value can be elided. 474 A matching list can be used if some well-known values are defined. 476 Otherwise, these options can be sent as a Compression Residue. 478 5.3. CoAP option Uri-Path and Uri-Query fields 480 Uri-Path and Uri-Query elements are repeatable options. The Field 481 Position (FP) gives the position in the path. 483 A Mapping list can be used to reduce the size of variable Paths or 484 Queries. In that case, to optimize the compression, several elements 485 can be regrouped into a single entry. The Numbering of elements do 486 not change; MO comparison is set with the first element of the 487 matching. 489 +-------------+---+--+--+--------+---------+-------------+ 490 | Field |FL |FP|DI| Target | Match | CDA | 491 | | | | | Value | Opera. | | 492 +-------------+---+--+--+--------+---------+-------------+ 493 |Uri-Path | | 1|up|["/a/b",|equal |not-sent | 494 | | | | |"/c/d"] | | | 495 |Uri-Path |var| 3|up| |ignore |value-sent | 496 +-------------+---+--+--+--------+---------+-------------+ 498 Figure 4: complex path example 500 In Figure 4, a single bit residue can be used to code one of the 2 501 paths. If regrouping were not allowed, a 2 bits residue would be 502 needed. The third path element is sent as a variable size residue. 504 5.3.1. Variable-length Uri-Path and Uri-Query 506 When the length is not known at the Rule creation, the Field Length 507 MUST be set to variable, and the unit is set to bytes. 509 The MSB MO can be applied to a Uri-Path or Uri-Query element. Since 510 MSB value is given in bit, the size MUST always be a multiple of 8 511 bits. 513 The length sent at the beginning of a variable-length residue 514 indicates the size of the LSB in bytes. 516 For instance, for a CORECONF path /c/X6?k="eth0" the Rule can be set 517 to: 519 +-------------+---+--+--+--------+---------+-------------+ 520 | Field |FL |FP|DI| Target | Match | CDA | 521 | | | | | Value | Opera. | | 522 +-------------+---+--+--+--------+---------+-------------+ 523 |Uri-Path | 8| 1|up|"c" |equal |not-sent | 524 |Uri-Path |var| 2|up| |ignore |value-sent | 525 |Uri-Query |var| 1|up|"k=" |MSB(16) |LSB | 526 +-------------+---+--+--+--------+---------+-------------+ 528 Figure 5: CORECONF URI compression 530 Figure 5 shows the parsing and the compression of the URI, where c is 531 not sent. The second element is sent with the length (i.e., 0x2 X 6) 532 followed by the query option (i.e. 0x05 "eth0"). 534 5.3.2. Variable number of Path or Query elements 536 The number of Uri-Path or Uri-Query elements in a Rule is fixed at 537 the Rule creation time. If the number varies, several Rules SHOULD 538 be created to cover all the possibilities. Another possibility is to 539 define the length of Uri-Path to variable and send a Compression 540 Residue with a length of 0 to indicate that this Uri-Path is empty. 541 This adds 4 bits to the variable Residue size. See section 7.5.2 542 [rfc8724] 544 5.4. CoAP option Size1, Size2, Proxy-URI and Proxy-Scheme fields 546 If the field value has to be sent, TV is not set, MO is set to 547 "ignore", and CDA is set to "value-sent." A mapping MAY also be 548 used. 550 Otherwise, the TV is set to the value, MO is set to "equal", and CDA 551 is set to "not-sent". 553 5.5. CoAP option ETag, If-Match, If-None-Match, Location-Path, and 554 Location-Query fields 556 These fields' values cannot be stored in a Rule entry. They MUST 557 always be sent with the Compression Residues. 559 6. SCHC compression of CoAP extension RFCs 561 6.1. Block 563 Block [rfc7959] allows a fragmentation at the CoAP level. SCHC also 564 includes a fragmentation protocol. They can be both used. If a 565 block option is used, its content MUST be sent as a Compression 566 Residue. 568 6.2. Observe 570 The [rfc7641] defines the Observe option. The TV is not set, MO is 571 set to "ignore", and the CDA is set to "value-sent". SCHC does not 572 limit the maximum size for this option (3 bytes). To reduce the 573 transmission size, either the device implementation MAY limit the 574 delta between two consecutive values, or a proxy can modify the 575 increment. 577 Since an RST message may be sent to inform a server that the client 578 does not require Observe response; a Rule SHOULD exist to allow the 579 message's compression with the RST type. 581 6.3. No-Response 583 The [rfc7967] defines a No-Response option limiting the responses 584 made by a server to a request. If both ends know the value, then TV 585 is set to this value, MO is set to "equal", and CDA is set to "not- 586 sent". 588 Otherwise, if the value is changing over time, TV is not set, MO is 589 set to "ignore", and CDA to "value-sent". A matching list can also 590 be used to reduce the size. 592 6.4. OSCORE 594 OSCORE [rfc8613] defines end-to-end protection for CoAP messages. 595 This section describes how SCHC Rules can be applied to compress 596 OSCORE-protected messages. 598 0 1 2 3 4 5 6 7 <--------- n bytes -------------> 599 +-+-+-+-+-+-+-+-+--------------------------------- 600 |0 0 0|h|k| n | Partial IV (if any) ... 601 +-+-+-+-+-+-+-+-+--------------------------------- 602 | | | 603 |<-- CoAP -->|<------ CoAP OSCORE_piv ------> | 604 OSCORE_flags 606 <- 1 byte -> <------ s bytes -----> 607 +------------+----------------------+-----------------------+ 608 | s (if any) | kid context (if any) | kid (if any) ... | 609 +------------+----------------------+-----------------------+ 610 | | | 611 | <------ CoAP OSCORE_kidctx ------>|<-- CoAP OSCORE_kid -->| 613 Figure 6: OSCORE Option 615 The encoding of the OSCORE Option Value defined in Section 6.1 of 616 [rfc8613] is repeated in Figure 6. 618 The first byte specifies the content of the OSCORE options using 619 flags. The three most significant bits of this byte are reserved and 620 always set to 0. Bit h, when set, indicates the presence of the kid 621 context field in the option. Bit k, when set, indicates the presence 622 of a kid field. The three least significant bits n indicate the 623 length of the piv (Partial Initialization Vector) field in bytes. 624 When n = 0, no piv is present. 626 The flag byte is followed by the piv field, kid context field, and 627 kid field in this order, and if present, the length of the kid 628 context field is encoded in the first byte denoting by s the length 629 of the kid context in bytes. 631 This specification recommends identifying the OSCORE Option and the 632 fields it contains. Conceptually, it discerns up to 4 distinct 633 pieces of information within the OSCORE option: the flag bits, the 634 piv, the kid context, and the kid. The SCHC Rule splits into four 635 field descriptions the OSCORE option to compress them: 637 o CoAP OSCORE_flags, 638 o CoAP OSCORE_piv, 640 o CoAP OSCORE_kidctx, 642 o CoAP OSCORE_kid. 644 Figure 6 shows the OSCORE Option format with those four fields 645 superimposed on it. Note that the CoAP OSCORE_kidctx field includes 646 directly the size octet s. 648 7. Examples of CoAP header compression 650 7.1. Mandatory header with CON message 652 In this first scenario, the LPWAN Compressor at the Network Gateway 653 side receives from an Internet client a POST message, which is 654 immediately acknowledged by the Device. For this simple scenario, 655 the Rules are described in Figure 7. 657 RuleID 1 658 +-------------+--+--+--+------+---------+-------------++------------+ 659 | Field |FL|FP|DI|Target| Match | CDA || Sent | 660 | | | | |Value | Opera. | || [bits] | 661 +-------------+--+--+--+------+---------+-------------++------------+ 662 |CoAP version | 2| 1|bi| 01 |equal |not-sent || | 663 |CoAP Type | 2| 1|dw| CON |equal |not-sent || | 664 |CoAP Type | 2| 1|up|[ACK, | | || | 665 | | | | | RST] |match-map|matching-sent|| T | 666 |CoAP TKL | 4| 1|bi| 0 |equal |not-sent || | 667 |CoAP Code | 8| 1|bi|[0.00,| | || | 668 | | | | | ... | | || | 669 | | | | | 5.05]|match-map|matching-sent|| CC CCC | 670 |CoAP MID |16| 1|bi| 0000 |MSB(7 ) |LSB || M-ID| 671 |CoAP Uri-Path|var 1|dw| path |equal 1 |not-sent || | 672 +-------------+--+--+--+------+---------+-------------++------------+ 674 Figure 7: CoAP Context to compress header without token 676 The version and Token Length fields are elided. The 26 method and 677 response codes defined in [rfc7252] has been shrunk to 5 bits using a 678 matching list. Uri-Path contains a single element indicated in the 679 matching operator. 681 SCHC Compression reduces the header sending only the Type, a mapped 682 code and the least significant bits of Message ID (9 bits in the 683 example above). 685 Note that a request sent by a client located in an Application Server 686 to a server located in the device, may not be compressed through this 687 Rule since the MID will not start with 7 bits equal to 0. A CoAP 688 proxy, before the core SCHC C/D can rewrite the message ID to a value 689 matched by the Rule. 691 7.2. OSCORE Compression 693 OSCORE aims to solve the problem of end-to-end encryption for CoAP 694 messages. The goal, therefore, is to hide as much of the message as 695 possible while still enabling proxy operation. 697 Conceptually this is achieved by splitting the CoAP message into an 698 Inner Plaintext and Outer OSCORE Message. The Inner Plaintext 699 contains sensitive information that is not necessary for proxy 700 operation. This, in turn, is the part of the message which can be 701 encrypted until it reaches its end destination. The Outer Message 702 acts as a shell matching the regular CoAP message format and includes 703 all Options and information needed for proxy operation and caching. 704 This decomposition is illustrated in Figure 8. 706 CoAP options are sorted into one of 3 classes, each granted a 707 specific type of protection by the protocol: 709 o Class E: Encrypted options moved to the Inner Plaintext, 711 o Class I: Integrity-protected options included in the AAD for the 712 encryption of the Plaintext but otherwise left untouched in the 713 Outer Message, 715 o Class U: Unprotected options left untouched in the Outer Message. 717 Additionally, the OSCORE Option is added as an Outer option, 718 signaling that the message is OSCORE protected. This option carries 719 the information necessary to retrieve the Security Context with which 720 the message was encrypted to be correctly decrypted at the other end- 721 point. 723 Original CoAP Message 724 +-+-+---+-------+---------------+ 725 |v|t|tkl| code | Msg Id. | 726 +-+-+---+-------+---------------+....+ 727 | Token | 728 +-------------------------------.....+ 729 | Options (IEU) | 730 . . 731 . . 732 +------+-------------------+ 733 | 0xFF | 734 +------+------------------------+ 735 | | 736 | Payload | 737 | | 738 +-------------------------------+ 739 / \ 740 / \ 741 / \ 742 / \ 743 Outer Header v v Plaintext 744 +-+-+---+--------+---------------+ +-------+ 745 |v|t|tkl|new code| Msg Id. | | code | 746 +-+-+---+--------+---------------+....+ +-------+-----......+ 747 | Token | | Options (E) | 748 +--------------------------------.....+ +-------+------.....+ 749 | Options (IU) | | OxFF | 750 . . +-------+-----------+ 751 . OSCORE Option . | | 752 +------+-------------------+ | Payload | 753 | 0xFF | | | 754 +------+ +-------------------+ 756 Figure 8: A CoAP message is split into an OSCORE outer and plaintext 758 Figure 8 shows the message format for the OSCORE Message and 759 Plaintext. 761 In the Outer Header, the original message code is hidden and replaced 762 by a default dummy value. As seen in Sections 4.1.3.5 and 4.2 of 763 [rfc8613], the message code is replaced by POST for requests and 764 Changed for responses when Observe is not used. If Observe is used, 765 the message code is replaced by FETCH for requests and Content for 766 responses. 768 The original message code is put into the first byte of the 769 Plaintext. Following the message code, the class E options come, 770 and, if present, the original message Payload is preceded by its 771 payload marker. 773 The Plaintext is now encrypted by an AEAD algorithm which integrity 774 protects Security Context parameters and, eventually, any class I 775 options from the Outer Header. Currently, no CoAP options are marked 776 class I. The resulting Ciphertext becomes the new Payload of the 777 OSCORE message, as illustrated in Figure 9. 779 As defined in [rfc5116], this Ciphertext is the concatenation of the 780 encrypted Plaintext and its authentication tag. Note that Inner 781 Compression only affects the Plaintext before encryption. Thus only 782 the first variable-length of the Ciphertext can be reduced. The 783 authentication tag is fixed in length and is considered part of the 784 cost of protection. 786 Outer Header 787 +-+-+---+--------+---------------+ 788 |v|t|tkl|new code| Msg Id. | 789 +-+-+---+--------+---------------+....+ 790 | Token | 791 +--------------------------------.....+ 792 | Options (IU) | 793 . . 794 . OSCORE Option . 795 +------+-------------------+ 796 | 0xFF | 797 +------+---------------------------+ 798 | | 799 | Ciphertext: Encrypted Inner | 800 | Header and Payload | 801 | + Authentication Tag | 802 | | 803 +----------------------------------+ 805 Figure 9: OSCORE message 807 The SCHC Compression scheme consists of compressing both the 808 Plaintext before encryption and the resulting OSCORE message after 809 encryption, see Figure 10. 811 This translates into a segmented process where SCHC compression is 812 applied independently in 2 stages, each with its corresponding set of 813 Rules, with the Inner SCHC Rules and the Outer SCHC Rules. This way, 814 compression is applied to all fields of the original CoAP message. 816 Note that since the corresponding end-point can only decrypt the 817 Inner part of the message, this end-point will also have to implement 818 Inner SCHC Compression/Decompression. 820 Outer Message OSCORE Plaintext 821 +-+-+---+--------+---------------+ +-------+ 822 |v|t|tkl|new code| Msg Id. | | code | 823 +-+-+---+--------+---------------+....+ +-------+-----......+ 824 | Token | | Options (E) | 825 +--------------------------------.....+ +-------+------.....+ 826 | Options (IU) | | OxFF | 827 . . +-------+-----------+ 828 . OSCORE Option . | | 829 +------+-------------------+ | Payload | 830 | 0xFF | | | 831 +------+------------+ +-------------------+ 832 | Ciphertext |<---------\ | 833 | | | v 834 +-------------------+ | +-----------------+ 835 | | | Inner SCHC | 836 v | | Compression | 837 +-----------------+ | +-----------------+ 838 | Outer SCHC | | | 839 | Compression | | v 840 +-----------------+ | +-------+ 841 | | |RuleID | 842 v | +-------+--+ 843 +--------+ +------------+ | Residue | 844 |RuleID' | | Encryption | <--- +----------+--------+ 845 +--------+--+ +------------+ | | 846 | Residue' | | Payload | 847 +-----------+-------+ | | 848 | Ciphertext | +-------------------+ 849 | | 850 +-------------------+ 852 Figure 10: OSCORE Compression Diagram 854 7.3. Example OSCORE Compression 856 An example is given with a GET Request and its consequent Content 857 Response from a device-based CoAP client to a cloud-based CoAP 858 server. A possible set of Rules for the Inner and Outer SCHC 859 Compression is shown. A dump of the results and a contrast between 860 SCHC + OSCORE performance with SCHC + COAP performance is also 861 listed. This gives an approximation to the cost of security with 862 SCHC-OSCORE. 864 Our first example CoAP message is the GET Request in Figure 11 866 Original message: 867 ================= 868 0x4101000182bb74656d7065726174757265 870 Header: 871 0x4101 872 01 Ver 873 00 CON 874 0001 tkl 875 00000001 Request Code 1 "GET" 877 0x0001 = mid 878 0x82 = token 880 Options: 881 0xbb74656d7065726174757265 882 Option 11: URI_PATH 883 Value = temperature 885 Original msg length: 17 bytes. 887 Figure 11: CoAP GET Request 889 Its corresponding response is the CONTENT Response in Figure 12. 891 Original message: 892 ================= 893 0x6145000182ff32332043 895 Header: 896 0x6145 897 01 Ver 898 10 ACK 899 0001 tkl 900 01000101 Successful Response Code 69 "2.05 Content" 902 0x0001 = mid 903 0x82 = token 905 0xFF Payload marker 906 Payload: 907 0x32332043 909 Original msg length: 10 911 Figure 12: CoAP CONTENT Response 913 The SCHC Rules for the Inner Compression include all fields already 914 present in a regular CoAP message. The methods described in 915 Section 4 apply to these fields. As an example, see Figure 13. 917 RuleID 0 918 +--------------+--+--+--+-----------+----------+----------++------+ 919 | Field |FL|FP|DI| Target | MO | CDA || Sent | 920 | | | | | Value | | ||[bits]| 921 +--------------+--+--+--+-----------+----------+----------++------+ 922 |CoAP Code | 8| 1|up| 1 | equal |not-sent || | 923 |CoAP Code | 8| 1|dw|[69,132] | match-map|match-sent|| c | 924 |CoAP Uri-Path |88| 1|up|temperature| equal |not-sent || | 925 +--------------+--+--+--+-----------+----------+----------++------+ 927 Figure 13: Inner SCHC Rules 929 Figure 14 shows the Plaintext obtained for the example GET Request 930 and follows the process of Inner Compression and Encryption until the 931 end up with the Payload to be added in the outer OSCORE Message. 933 In this case, the original message has no payload, and its resulting 934 Plaintext can be compressed up to only 1 byte (size of the RuleID). 935 The AEAD algorithm preserves this length in its first output and 936 yields a fixed-size tag that cannot be compressed and has to be 937 included in the OSCORE message. This translates into an overhead in 938 total message length, limiting the amount of compression that can be 939 achieved and plays into the cost of adding security to the exchange. 941 ________________________________________________________ 942 | | 943 | OSCORE Plaintext | 944 | | 945 | 0x01bb74656d7065726174757265 (13 bytes) | 946 | | 947 | 0x01 Request Code GET | 948 | | 949 | bb74656d7065726174757265 Option 11: URI_PATH | 950 | Value = temperature | 951 |________________________________________________________| 953 | 954 | 955 | Inner SCHC Compression 956 | 957 v 958 _________________________________ 959 | | 960 | Compressed Plaintext | 961 | | 962 | 0x00 | 963 | | 964 | RuleID = 0x00 (1 byte) | 965 | (No residue) | 966 |_________________________________| 968 | 969 | AEAD Encryption 970 | (piv = 0x04) 971 v 972 _________________________________________________ 973 | | 974 | encrypted_plaintext = 0xa2 (1 byte) | 975 | tag = 0xc54fe1b434297b62 (8 bytes) | 976 | | 977 | ciphertext = 0xa2c54fe1b434297b62 (9 bytes) | 978 |_________________________________________________| 980 Figure 14: Plaintext compression and encryption for GET Request 982 In Figure 15, the process is repeated for the example CONTENT 983 Response. The residue is 1 bit long. Note that since SCHC adds 984 padding after the payload, this misalignment causes the hexadecimal 985 code from the payload to differ from the original, even though it has 986 not been compressed. 988 On top of this, the overhead from the tag bytes is incurred as 989 before. 991 ________________________________________________________ 992 | | 993 | OSCORE Plaintext | 994 | | 995 | 0x45ff32332043 (6 bytes) | 996 | | 997 | 0x45 Successful Response Code 69 "2.05 Content" | 998 | | 999 | ff Payload marker | 1000 | | 1001 | 32332043 Payload | 1002 |________________________________________________________| 1004 | 1005 | 1006 | Inner SCHC Compression 1007 | 1008 v 1009 __________________________________________ 1010 | | 1011 | Compressed Plaintext | 1012 | | 1013 | 0x001919902180 (6 bytes) | 1014 | | 1015 | 00 RuleID | 1016 | | 1017 | 0b0 (1 bit match-map residue) | 1018 | 0x32332043 >> 1 (shifted payload) | 1019 | 0b0000000 Padding | 1020 |__________________________________________| 1022 | 1023 | AEAD Encryption 1024 | (piv = 0x04) 1025 v 1026 _________________________________________________________ 1027 | | 1028 | encrypted_plaintext = 0x10c6d7c26cc1 (6 bytes) | 1029 | tag = 0xe9aef3f2461e0c29 (8 bytes) | 1030 | | 1031 | ciphertext = 0x10c6d7c26cc1e9aef3f2461e0c29 (14 bytes) | 1032 |_________________________________________________________| 1034 Figure 15: Plaintext compression and encryption for CONTENT Response 1035 The Outer SCHC Rules (Figure 18) must process the OSCORE Options 1036 fields. The Figure 16 and Figure 17 show a dump of the OSCORE 1037 Messages generated from the example messages once they have been 1038 provided with the Inner Compressed Ciphertext in the payload. These 1039 are the messages that have to be compressed by the Outer SCHC 1040 Compression. 1042 Protected message: 1043 ================== 1044 0x4102000182d8080904636c69656e74ffa2c54fe1b434297b62 1045 (25 bytes) 1047 Header: 1048 0x4102 1049 01 Ver 1050 00 CON 1051 0001 tkl 1052 00000010 Request Code 2 "POST" 1054 0x0001 = mid 1055 0x82 = token 1057 Options: 1058 0xd8080904636c69656e74 (10 bytes) 1059 Option 21: OBJECT_SECURITY 1060 Value = 0x0904636c69656e74 1061 09 = 000 0 1 001 Flag byte 1062 h k n 1063 04 piv 1064 636c69656e74 kid 1066 0xFF Payload marker 1067 Payload: 1068 0xa2c54fe1b434297b62 (9 bytes) 1070 Figure 16: Protected and Inner SCHC Compressed GET Request 1072 Protected message: 1073 ================== 1074 0x6144000182d008ff10c6d7c26cc1e9aef3f2461e0c29 1075 (22 bytes) 1077 Header: 1078 0x6144 1079 01 Ver 1080 10 ACK 1081 0001 tkl 1082 01000100 Successful Response Code 68 "2.04 Changed" 1084 0x0001 = mid 1085 0x82 = token 1087 Options: 1088 0xd008 (2 bytes) 1089 Option 21: OBJECT_SECURITY 1090 Value = b'' 1092 0xFF Payload marker 1093 Payload: 1094 0x10c6d7c26cc1e9aef3f2461e0c29 (14 bytes) 1096 Figure 17: Protected and Inner SCHC Compressed CONTENT Response 1098 For the flag bits, some SCHC compression methods are useful, 1099 depending on the application. The simplest alternative is to provide 1100 a fixed value for the flags, combining MO equal and CDA not- sent. 1101 This saves most bits but could prevent flexibility. Otherwise, 1102 match-mapping could be used to choose from an interesting number of 1103 configurations for the exchange. 1104 Otherwise, MSB could be used to mask off the 3 hard-coded most 1105 significant bits. 1107 Note that fixing a flag bit will limit CoAP Options choice that can 1108 be used in the exchange since their values are dependent on certain 1109 options. 1111 The piv field lends itself to having some bits masked off with MO MSB 1112 and CDA LSB. This could be useful in applications where the message 1113 frequency is low such as LPWAN technologies. Note that compressing 1114 the sequence numbers effectively reduces the maximum number of 1115 sequence numbers used in an exchange. Once this amount is exceeded, 1116 the OSCORE keys need to be re-established. 1118 The size s included in the kid context field MAY be masked off with 1119 CDA MSB. The rest of the field could have additional bits masked off 1120 or have the whole field be fixed with MO equal and CDA not-sent. The 1121 same holds for the kid field. 1123 Figure 18 shows a possible set of Outer Rules to compress the Outer 1124 Header. 1126 RuleID 0 1127 +------------------+--+--+--+--------------+-------+--------++------+ 1128 | Field |FL|FP|DI| Target | MO | CDA || Sent | 1129 | | | | | Value | | ||[bits]| 1130 +------------------+--+--+--+--------------+-------+--------++------+ 1131 |CoAP version | 2| 1|bi| 01 |equal |not-sent|| | 1132 |CoAP Type | 2| 1|up| 0 |equal |not-sent|| | 1133 |CoAP Type | 2| 1|dw| 2 |equal |not-sent|| | 1134 |CoAP TKL | 4| 1|bi| 1 |equal |not-sent|| | 1135 |CoAP Code | 8| 1|up| 2 |equal |not-sent|| | 1136 |CoAP Code | 8| 1|dw| 68 |equal |not-sent|| | 1137 |CoAP MID |16| 1|bi| 0000 |MSB(12)|LSB ||MMMM | 1138 |CoAP Token |tkl 1|bi| 0x80 |MSB(5) |LSB ||TTT | 1139 |CoAP OSCORE_flags | 8| 1|up| 0x09 |equal |not-sent|| | 1140 |CoAP OSCORE_piv |var 1|up| 0x00 |MSB(4) |LSB ||PPPP | 1141 |COAP OSCORE_kid |var 1|up|0x636c69656e70|MSB(52)|LSB ||KKKK | 1142 |COAP OSCORE_kidctx|var 1|bi| b'' |equal |not-sent|| | 1143 |CoAP OSCORE_flags | 8| 1|dw| b'' |equal |not-sent|| | 1144 |CoAP OSCORE_piv |var 1|dw| b'' |equal |not-sent|| | 1145 |CoAP OSCORE_kid |var 1|dw| b'' |equal |not-sent|| | 1146 +------------------+--+--+--+--------------+-------+--------++------+ 1148 Figure 18: Outer SCHC Rules 1150 These Outer Rules are applied to the example GET Request and CONTENT 1151 Response. The resulting messages are shown in Figure 19 and 1152 Figure 20. 1154 Compressed message: 1155 ================== 1156 0x001489458a9fc3686852f6c4 (12 bytes) 1157 0x00 RuleID 1158 1489 Compression Residue 1159 458a9fc3686852f6c4 Padded payload 1161 Compression Residue: 1162 0b 0001 010 0100 0100 (15 bits -> 2 bytes with padding) 1163 mid tkn piv kid 1165 Payload 1166 0xa2c54fe1b434297b62 (9 bytes) 1168 Compressed message length: 12 bytes 1170 Figure 19: SCHC-OSCORE Compressed GET Request 1172 Compressed message: 1173 ================== 1174 0x0014218daf84d983d35de7e48c3c1852 (16 bytes) 1175 0x00 RuleID 1176 14 Compression Residue 1177 218daf84d983d35de7e48c3c1852 Padded payload 1178 Compression Residue: 1179 0b0001 010 (7 bits -> 1 byte with padding) 1180 mid tkn 1182 Payload 1183 0x10c6d7c26cc1e9aef3f2461e0c29 (14 bytes) 1185 Compressed msg length: 16 bytes 1187 Figure 20: SCHC-OSCORE Compressed CONTENT Response 1189 In contrast, comparing these results with what would be obtained by 1190 SCHC compressing the original CoAP messages without protecting them 1191 with OSCORE is done by compressing the CoAP messages according to the 1192 SCHC Rules in Figure 21. 1194 RuleID 1 1195 +---------------+--+--+--+-----------+---------+-----------++-------+ 1196 | Field |FL|FP|DI| Target | MO | CDA || Sent | 1197 | | | | | Value | | || [bits]| 1198 +---------------+--+--+--+-----------+---------+-----------++-------+ 1199 |CoAP version | 2| 1|bi| 01 |equal |not-sent || | 1200 |CoAP Type | 2| 1|up| 0 |equal |not-sent || | 1201 |CoAP Type | 2| 1|dw| 2 |equal |not-sent || | 1202 |CoAP TKL | 4| 1|bi| 1 |equal |not-sent || | 1203 |CoAP Code | 8| 1|up| 2 |equal |not-sent || | 1204 |CoAP Code | 8| 1|dw| [69,132] |match-map|map-sent ||C | 1205 |CoAP MID |16| 1|bi| 0000 |MSB(12) |LSB ||MMMM | 1206 |CoAP Token |tkl 1|bi| 0x80 |MSB(5) |LSB ||TTT | 1207 |CoAP Uri-Path |88| 1|up|temperature|equal |not-sent || | 1208 +---------------+--+--+--+-----------+---------+-----------++-------+ 1210 Figure 21: SCHC-CoAP Rules (No OSCORE) 1212 This yields the results in Figure 22 for the Request, and Figure 23 1213 for the Response. 1215 Compressed message: 1216 ================== 1217 0x0114 1218 0x01 = RuleID 1220 Compression Residue: 1221 0b00010100 (1 byte) 1223 Compressed msg length: 2 1225 Figure 22: CoAP GET Compressed without OSCORE 1227 Compressed message: 1228 ================== 1229 0x010a32332043 1230 0x01 = RuleID 1232 Compression Residue: 1233 0b00001010 (1 byte) 1235 Payload 1236 0x32332043 1238 Compressed msg length: 6 1240 Figure 23: CoAP CONTENT Compressed without OSCORE 1242 As can be seen, the difference between applying SCHC + OSCORE as 1243 compared to regular SCHC + COAP is about 10 bytes. 1245 8. IANA Considerations 1247 This document has no request to IANA. 1249 9. Security considerations 1251 When applied to LPWAN, the Security Considerations of SCHC header 1252 compression [rfc8724] are valid for SCHC CoAP header compression. 1253 When CoAP uses OSCORE, the security considerations defined in 1254 [rfc8613] does not change when SCHC header compression is applied. 1256 The definition of SCHC over CoAP header fields permits the 1257 compression of header information only. The SCHC header compression 1258 itself does not increase or reduce the level of security in the 1259 communication. When the connection does not use any security 1260 protocol as OSCORE, DTLS, or other, it is highly necessary to use a 1261 layer two security. 1263 DoS attacks are possible if an intruder can introduce a compressed 1264 SCHC corrupted packet onto the link and cause a compression 1265 efficiency reduction. However, an intruder having the ability to add 1266 corrupted packets at the link layer raises additional security issues 1267 than those related to the use of header compression. 1269 SCHC compression returns variable-length Residues for some CoAP 1270 fields. In the compressed header, the length sent is not the 1271 original header field length but the length of the Residue. So if a 1272 corrupted packet comes to the decompressor with a longer or shorter 1273 length than the one in the original header, SCHC decompression will 1274 detect an error and drops the packet. 1276 OSCORE compression is also based on the same compression method 1277 described in [rfc8724]. The size of the Initialisation Vector (IV) 1278 residue must be considered carefully. A residue size obtained with 1279 LSB CDA over the IV impacts on the compression efficiency and the 1280 frequency the device will renew its key. This operation requires 1281 several exchanges and is energy-consuming. 1283 SCHC header and compression Rules MUST remain tightly coupled. 1284 Otherwise, an encrypted residue may be decompressed differently by 1285 the receiver. To avoid this situation, if the Rule is modified in 1286 one location, the OSCORE keys MUST be re-established. 1288 10. Acknowledgements 1290 The authors would like to thank (in alphabetic order): Christian 1291 Amsuss, Dominique Barthel, Carsten Bormann, Theresa Enghardt, Thomas 1292 Fossati, Klaus Hartke, Francesca Palombini, Alexander Pelov and Goran 1293 Selander. 1295 11. Normative References 1297 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1298 Requirement Levels", BCP 14, RFC 2119, 1299 DOI 10.17487/RFC2119, March 1997, 1300 . 1302 [rfc5116] McGrew, D., "An Interface and Algorithms for Authenticated 1303 Encryption", RFC 5116, DOI 10.17487/RFC5116, January 2008, 1304 . 1306 [rfc7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 1307 Application Protocol (CoAP)", RFC 7252, 1308 DOI 10.17487/RFC7252, June 2014, 1309 . 1311 [rfc7641] Hartke, K., "Observing Resources in the Constrained 1312 Application Protocol (CoAP)", RFC 7641, 1313 DOI 10.17487/RFC7641, September 2015, 1314 . 1316 [rfc7959] Bormann, C. and Z. Shelby, Ed., "Block-Wise Transfers in 1317 the Constrained Application Protocol (CoAP)", RFC 7959, 1318 DOI 10.17487/RFC7959, August 2016, 1319 . 1321 [rfc7967] Bhattacharyya, A., Bandyopadhyay, S., Pal, A., and T. 1322 Bose, "Constrained Application Protocol (CoAP) Option for 1323 No Server Response", RFC 7967, DOI 10.17487/RFC7967, 1324 August 2016, . 1326 [rfc8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1327 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1328 May 2017, . 1330 [rfc8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, 1331 "Object Security for Constrained RESTful Environments 1332 (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, 1333 . 1335 [rfc8724] Minaburo, A., Toutain, L., Gomez, C., Barthel, D., and JC. 1336 Zuniga, "SCHC: Generic Framework for Static Context Header 1337 Compression and Fragmentation", RFC 8724, 1338 DOI 10.17487/RFC8724, April 2020, 1339 . 1341 Authors' Addresses 1343 Ana Minaburo 1344 Acklio 1345 1137A avenue des Champs Blancs 1346 35510 Cesson-Sevigne Cedex 1347 France 1349 Email: ana@ackl.io 1351 Laurent Toutain 1352 Institut MINES TELECOM; IMT Atlantique 1353 2 rue de la Chataigneraie 1354 CS 17607 1355 35576 Cesson-Sevigne Cedex 1356 France 1358 Email: Laurent.Toutain@imt-atlantique.fr 1360 Ricardo Andreasen 1361 Universidad de Buenos Aires 1362 Av. Paseo Colon 850 1363 C1063ACV Ciudad Autonoma de Buenos Aires 1364 Argentina 1366 Email: randreasen@fi.uba.ar