Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarifications mentioned in the implementer feedback session #23

Closed
wants to merge 4 commits into from
Closed

Clarifications mentioned in the implementer feedback session #23

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
119ab72
Clarify that external_aad is wrapped in an enc_structure
geonnave Oct 11, 2023
9e12aad
add consideration about credentials by value
geonnave Nov 30, 2023
83d55ce
clarify about length and info's length
geonnave Nov 30, 2023
757b6d1
clarify that K_1 corresponds to OKM
geonnave Nov 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 9 additions & 3 deletions draft-selander-lake-authz.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ informative:
RFC8995:
RFC9031:
I-D.ietf-core-oscore-edhoc:
I-D.ietf-lake-traces:
I-D.ietf-lake-reqs:
IEEE802.15.4:
title: "IEEE Std 802.15.4 Standard for Low-Rate Wireless Networks"
Expand Down Expand Up @@ -122,6 +123,9 @@ The (domain) authenticator may represent the service provider or some other part

The protocol assumes that authentication between device and authenticator is performed with EDHOC {{I-D.ietf-lake-edhoc}}, and defines the integration of a lightweight authorization procedure using the External Authorization Data (EAD) fields defined in EDHOC.

Implementations wishing to leverage the zero-touch capabilities of this protocol are expected to support transmission of credentials by value during the EDHOC exchange.
Impacts on message size will depend on the type of credential used, e.g., the credentials in {{I-D.ietf-lake-traces}} are CWT Claim Sets of 95 bytes long.

The protocol enables a low message count by performing authorization and enrollment in parallel with authentication, instead of in sequence which is common for network access.
It further reuses protocol elements from EDHOC leading to reduced message sizes on constrained links.

Expand Down Expand Up @@ -391,7 +395,7 @@ where

ENC_ID is 'ciphertext' of COSE_Encrypt0 ({{Section 5.2 of RFC9052}}) computed from the following:

* The encryption key K_1 and nonce IV_1 are derived as specified below.
* The encryption key K_1 and nonce IV_1 are derived as specified below (see OKM in {{reuse}}).
* 'protected' is a byte string of size 0
* 'plaintext' and 'external_aad' as below:

Expand All @@ -412,19 +416,21 @@ where

* SS is the selected cipher suite in SUITES_I of EDHOC message_1, see {{U-V}}.

The external_aad is wrapped in an enc_structure as defined in {{Section 5.3 of RFC8152}}.

Editor's note: Add more context to external_aad.

The derivation of K_1 = EDHOC-Expand(PRK, info, length) uses the following input to the info struct (see {{reuse}}):

* info_label = 0
* context = h'' (the empty CBOR string)
* length is length of key of the EDHOC AEAD algorithm in bytes
* length is length of key of the EDHOC AEAD algorithm in bytes (which is the length of K_1)

The derivation of IV_1 = EDHOC-Expand(PRK, info, length) uses the following input to the info struct (see {{reuse}}):

* info_label = 1
* context = h'' (the empty CBOR string)
* length is length of nonce of the EDHOC AEAD algorithm in bytes
* length is length of nonce of the EDHOC AEAD algorithm in bytes (which is the length of IV_1)

### Voucher {#voucher}

Expand Down
Loading