draft-ietf-6tisch-enrollment-enhanced-beacon-08.txt   draft-ietf-6tisch-enrollment-enhanced-beacon-09.txt 
6tisch Working Group D. Dujovne 6tisch Working Group D. Dujovne
Internet-Draft Universidad Diego Portales Internet-Draft Universidad Diego Portales
Intended status: Standards Track M. Richardson Intended status: Standards Track M. Richardson
Expires: 21 July 2020 Sandelman Software Works Expires: 25 July 2020 Sandelman Software Works
18 January 2020 22 January 2020
IEEE 802.15.4 Information Element encapsulation of 6TiSCH Join and IEEE 802.15.4 Information Element encapsulation of 6TiSCH Join and
Enrollment Information Enrollment Information
draft-ietf-6tisch-enrollment-enhanced-beacon-08 draft-ietf-6tisch-enrollment-enhanced-beacon-09
Abstract Abstract
In TSCH mode of IEEE STD 802.15.4, opportunities for broadcasts are In TSCH mode of IEEE STD 802.15.4, opportunities for broadcasts are
limited to specific times and specific channels. Nodes in a TSCH limited to specific times and specific channels. Nodes in a TSCH
network typically frequently send Enhanced Beacon (EB) frames to network typically frequently send Enhanced Beacon (EB) frames to
announce the presence of the network. This document provides a announce the presence of the network. This document provides a
mechanism by which small details critical for new nodes (pledges) and mechanism by which small details critical for new nodes (pledges) and
long sleeping nodes may be carried within the Enhanced Beacon. long sleeping nodes may be carried within the Enhanced Beacon.
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 21 July 2020. This Internet-Draft will expire on 25 July 2020.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 16 skipping to change at page 2, line 16
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Use of BCP 14 Terminology . . . . . . . . . . . . . . . . 2 1.1. Use of BCP 14 Terminology . . . . . . . . . . . . . . . . 2
1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 2 1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 2
1.3. Layer-3 synchronization: IPv6 Router Solicitations and 1.3. Layer-3 synchronization: IPv6 Router Solicitations and
Advertisements . . . . . . . . . . . . . . . . . . . . . 3 Advertisements . . . . . . . . . . . . . . . . . . . . . 3
2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4 2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4
3. Security Considerations . . . . . . . . . . . . . . . . . . . 6 3. Security Considerations . . . . . . . . . . . . . . . . . . . 6
4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 6 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
7.1. Normative References . . . . . . . . . . . . . . . . . . 7 7.1. Normative References . . . . . . . . . . . . . . . . . . 7
7.2. Informative References . . . . . . . . . . . . . . . . . 8 7.2. Informative References . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction 1. Introduction
[RFC7554] describes the use of the time-slotted channel hopping [RFC7554] describes the use of the time-slotted channel hopping
(TSCH) mode of [ieee802154]. As further detailed in [RFC8180], an (TSCH) mode of [ieee802154]. As further detailed in [RFC8180], an
Enhanced Beacon (EB) is transmitted during a slot designated a Enhanced Beacon (EB) is transmitted during a slot designated a
broadcast slot. broadcast slot.
1.1. Use of BCP 14 Terminology 1.1. Use of BCP 14 Terminology
skipping to change at page 4, line 42 skipping to change at page 4, line 42
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Figure 1: IE subtype structure Figure 1: IE subtype structure
R the Router Advertisement R-flag is set if the sending node will R the Router Advertisement R-flag is set if the sending node will
act as a Router for host-only nodes that need addressing via act as a Router for host-only nodes that need addressing via
unicast Router Solicitation messages. unicast Router Solicitation messages.
in most cases, every node sending a beacon will set this flag, and
in a typical mesh, this will be every single node. When this bit
is not set, it indicates that this node may be under provisioned,
or may have no additional slots for additional nodes. This could
make this node more interesting to an attacker.
P if the Proxy Address P-flag is set, then the lower 64-bits of the P if the Proxy Address P-flag is set, then the lower 64-bits of the
Join Proxy's link-local address follows the network ID. If the Join Proxy's link-local address follows the network ID. If the
Proxy Address bit is not set, then the Link Layer address of the Proxy Address bit is not set, then the Link Layer address of the
Join Proxy is identical to the Layer-2 8-byte address used to Join Proxy is identical to the Layer-2 8-byte address used to
originate this enhanced beacon. In either case, the destination originate this enhanced beacon. In either case, the destination
layer-2 address of this beacon may use the layer-2 address which layer-2 address of this beacon may use the layer-2 address which
was used to originate the beacon. was used to originate the beacon.
this bit only indicates if another part of the structure is
present.
proxy priority (proxy prio) this field indicates the willingness of proxy priority (proxy prio) this field indicates the willingness of
the sender to act as join proxy. Lower value indicates greater the sender to act as join proxy. Lower value indicates greater
willingness to act as a Join Proxy as described in willingness to act as a Join Proxy as described in
[I-D.ietf-6tisch-minimal-security]. Values range 0x00 (most [I-D.ietf-6tisch-minimal-security]. Values range 0x00 (most
willing) to 0x7e (least willing). A priority of 0x7f indicates willing) to 0x7e (least willing). A priority of 0x7f indicates
that the announcer should never be considered as a viable that the announcer should never be considered as a viable
enrollment proxy. Only unenrolled pledges look at this value. enrollment proxy. Only unenrolled pledges look at this value.
lower values in this field indicate that the transmitter may have
more capacity to handle unencrypted traffic. A higher value may
indicate that the transmitter is low on neighbor cache entries, or
other resources.
rank priority the rank "priority" is set by the 6LR which sent the rank priority the rank "priority" is set by the 6LR which sent the
beacon and is an indication of how willing this 6LR is to serve as beacon and is an indication of how willing this 6LR is to serve as
an RPL parent within a particular network ID. This is a local an RPL parent within a particular network ID. This is a local
value to be determined in other work. It might be calculated from value to be determined in other work. It might be calculated from
RPL rank, and it may include some modifications based upon current RPL rank, and it may include some modifications based upon current
number of children, or number of neighbor cache entries available. number of children, or number of neighbor cache entries available.
This value MUST be ignored by pledges, it is for enrolled devices This value MUST be ignored by pledges, it is for enrolled devices
only. only. Lower values are better.
an attacker can use this value to determine which nodes are
potentially more interesting.
Nodes which are less willing to be parents likely have more
traffic, and an attacker could use this information to determine
which nodes would be more interesting to attack or disrupt.
pan priority the pan priority is a value set by the DODAG root to pan priority the pan priority is a value set by the DODAG root to
indicate the relative priority of this LLN compared to those with indicate the relative priority of this LLN compared to those with
different PANIDs. This value may be used as part of the different PANIDs. This value may be used as part of the
enrollment priority, but typically is used by devices which have enrollment priority, but typically is used by devices which have
already enrolled, and need to determine which PAN to pick. already enrolled, and need to determine which PAN to pick.
Unenrolled pledges MAY consider this value when selecting a PAN to Unenrolled pledges MAY consider this value when selecting a PAN to
join. Enrolled devices MAY consider this value when looking for join. Enrolled devices MAY consider this value when looking for
an eligible parent device. an eligible parent device.
an attacker can use this value, along with the observed PANID in
the Beacon to determine which PANIDs have more network resources,
and may have more interesting traffic.
Join Proxy lower-64 if the P bit is set, then 64 bits (8 bytes) of Join Proxy lower-64 if the P bit is set, then 64 bits (8 bytes) of
address are present. This field provides the suffix of the Link- address are present. This field provides the suffix of the Link-
Local address of the Join Proxy. The associated prefix is well- Local address of the Join Proxy. The associated prefix is well-
known as fe80::/64. known as fe80::/64.
this field communicates a lower-64 bits that should be used for
this nodes' layer-3 address, if it should not be derived from the
layer-2 address. Communication with the Join Proxy occurs in the
clear, this field avoids the need for an additional service
discovery process for the case where the L3 address is not derived
from the L2 address. An attacker will see both L2 and L3
addresses, so this field provides no new information.
network ID this is a variable length field, up to 16-bytes in size network ID this is a variable length field, up to 16-bytes in size
that uniquely identifies this network, potentially among many that uniquely identifies this network, potentially among many
networks that are operating in the same frequencies in overlapping networks that are operating in the same frequencies in overlapping
physical space. The length of this field can be calculated as physical space. The length of this field can be calculated as
being whatever is left in the Information Element. being whatever is left in the Information Element.
In a 6tisch network, where RPL [RFC6550] is used as the mesh routing In a 6tisch network, where RPL [RFC6550] is used as the mesh
protocol, the network ID can be constructed from a SHA256 hash of the routing protocol, the network ID can be constructed from a SHA256
prefix (/64) of the network. That is just a suggestion for a default hash of the prefix (/64) of the network. That is just a
value. In some LLNs where multiple PANIDs may lead to the same suggestion for a default value. In some LLNs where multiple
management device (the JRC), then a common value that is the same PANIDs may lead to the same management device (the JRC), then a
across all PANs MUST be configured. common value that is the same across all PANs MUST be configured.
If the the network ID is derived as suggested, then it will an
opaque, seemingly random value, and will reveal nothing in of
itself. An attacker can match this value across many
transmissions to map the extent of a network beyond what the PANID
might already provide.
3. Security Considerations 3. Security Considerations
All of the contents of this Information Element are sent in the All of the contents of this Information Element are sent in the
clear. The containing Enhanced Beacon is not encrypted. This is a clear. The containing Enhanced Beacon is not encrypted. This is a
restriction in the cryptographic architecture of the TSCH mechanism. restriction in the cryptographic architecture of the TSCH mechanism.
In order to decrypt or do integrity checking of layer-2 frames in In order to decrypt or do integrity checking of layer-2 frames in
TSCH, the TSCH Absolute Slot Number (ASN) is needed. The Enhanced TSCH, the TSCH Absolute Slot Number (ASN) is needed. The Enhanced
Beacon provides the ASN to new (and long-sleeping) nodes. Beacon provides the ASN to new (and long-sleeping) nodes.
skipping to change at page 6, line 31 skipping to change at page 7, line 14
faith. After enrollment, a newly enrolled node will be able to faith. After enrollment, a newly enrolled node will be able to
return to the beacon and validate it. return to the beacon and validate it.
In addition to the enrollment and join information described in this In addition to the enrollment and join information described in this
document, the Enhanced Beacon contains a description of the TSCH document, the Enhanced Beacon contains a description of the TSCH
schedule to be used by the transmitter of this packet. The schedule schedule to be used by the transmitter of this packet. The schedule
can provide an attacker with a list of channels and frequencies on can provide an attacker with a list of channels and frequencies on
which communication will occur. Knowledge of this can help an which communication will occur. Knowledge of this can help an
attacker to more efficiently jam communications, although there is attacker to more efficiently jam communications, although there is
future work being considered to make some of the schedule less future work being considered to make some of the schedule less
visible. visible. Encrypting the schedule does not prevent an attacker from
jamming, but rather increases the energy cost of doing that jamming.
4. Privacy Considerations 4. Privacy Considerations
The use of a network ID may reveal information about the network. The use of a network ID may reveal information about the network.
The use of a SHA256 hash of the DODAGID, rather than using the The use of a SHA256 hash of the DODAGID, rather than using the
DODAGID directly provides some cover the addresses used within the DODAGID directly provides some cover the addresses used within the
network. The DODAGID is usually the IPv6 address of the root of the network. The DODAGID is usually the IPv6 address of the root of the
RPL mesh. RPL mesh.
An interloper with a radio sniffer would be able to use the network An interloper with a radio sniffer would be able to use the network
 End of changes. 14 change blocks. 
16 lines changed or deleted 55 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/