| draft-ietf-lwig-security-protocol-comparison-04.txt | draft-ietf-lwig-security-protocol-comparison-05.txt | |||
|---|---|---|---|---|
| LWIG Working Group J. Mattsson | LWIG Working Group J. Mattsson | |||
| Internet-Draft F. Palombini | Internet-Draft F. Palombini | |||
| Intended status: Informational Ericsson AB | Intended status: Informational Ericsson AB | |||
| Expires: September 10, 2020 M. Vucinic | Expires: May 6, 2021 M. Vucinic | |||
| INRIA | INRIA | |||
| March 09, 2020 | November 02, 2020 | |||
| Comparison of CoAP Security Protocols | Comparison of CoAP Security Protocols | |||
| draft-ietf-lwig-security-protocol-comparison-04 | draft-ietf-lwig-security-protocol-comparison-05 | |||
| Abstract | Abstract | |||
| This document analyzes and compares the sizes of key exchange flights | This document analyzes and compares the sizes of key exchange flights | |||
| and the per-packet message size overheads when using different | and the per-packet message size overheads when using different | |||
| security protocols to secure CoAP. The analyzed security protocols | security protocols to secure CoAP. The analyzed security protocols | |||
| are DTLS 1.2, DTLS 1.3, TLS 1.2, TLS 1.3, EDHOC, OSCORE, and Group | are DTLS 1.2, DTLS 1.3, TLS 1.2, TLS 1.3, EDHOC, OSCORE, and Group | |||
| OSCORE. The DTLS and TLS record layers are analyzed with and without | OSCORE. The DTLS and TLS record layers are analyzed with and without | |||
| 6LoWPAN-GHC compression. DTLS is analyzed with and without | 6LoWPAN-GHC compression. DTLS is analyzed with and without | |||
| Connection ID. | Connection ID. | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 10, 2020. | This Internet-Draft will expire on May 6, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 28 ¶ | skipping to change at page 2, line 28 ¶ | |||
| 2.2.4. Cached Information . . . . . . . . . . . . . . . . . 12 | 2.2.4. Cached Information . . . . . . . . . . . . . . . . . 12 | |||
| 2.2.5. Resumption . . . . . . . . . . . . . . . . . . . . . 13 | 2.2.5. Resumption . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 2.2.6. Without Connection ID . . . . . . . . . . . . . . . . 14 | 2.2.6. Without Connection ID . . . . . . . . . . . . . . . . 14 | |||
| 2.2.7. DTLS Raw Public Keys . . . . . . . . . . . . . . . . 15 | 2.2.7. DTLS Raw Public Keys . . . . . . . . . . . . . . . . 15 | |||
| 2.3. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 2.3. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 2.3.1. Message Sizes RPK + ECDHE . . . . . . . . . . . . . . 16 | 2.3.1. Message Sizes RPK + ECDHE . . . . . . . . . . . . . . 16 | |||
| 2.3.2. Message Sizes PSK + ECDHE . . . . . . . . . . . . . . 22 | 2.3.2. Message Sizes PSK + ECDHE . . . . . . . . . . . . . . 22 | |||
| 2.3.3. Message Sizes PSK . . . . . . . . . . . . . . . . . . 23 | 2.3.3. Message Sizes PSK . . . . . . . . . . . . . . . . . . 23 | |||
| 2.4. EDHOC . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | 2.4. EDHOC . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 2.4.1. Message Sizes RPK . . . . . . . . . . . . . . . . . . 24 | 2.4.1. Message Sizes RPK . . . . . . . . . . . . . . . . . . 24 | |||
| 2.4.2. Message Sizes PSK . . . . . . . . . . . . . . . . . . 25 | 2.4.2. Summary . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 2.4.3. message_1 . . . . . . . . . . . . . . . . . . . . . . 25 | 2.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 2.4.4. message_2 . . . . . . . . . . . . . . . . . . . . . . 25 | 3. Overhead for Protection of Application Data . . . . . . . . . 26 | |||
| 2.4.5. message_3 . . . . . . . . . . . . . . . . . . . . . . 26 | 3.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 26 | |||
| 2.4.6. Summary . . . . . . . . . . . . . . . . . . . . . . . 26 | 3.2. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . 28 | |||
| 2.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 26 | 3.2.1. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . 28 | |||
| 3. Overhead for Protection of Application Data . . . . . . . . . 27 | 3.2.2. DTLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 28 | |||
| 3.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 27 | 3.2.3. DTLS 1.2 with Connection ID . . . . . . . . . . . . . 29 | |||
| 3.2. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . 29 | 3.2.4. DTLS 1.2 with Connection ID and 6LoWPAN-GHC . . . . . 30 | |||
| 3.2.1. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . 29 | 3.3. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . 30 | |||
| 3.2.2. DTLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 29 | 3.3.1. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . 30 | |||
| 3.2.3. DTLS 1.2 with Connection ID . . . . . . . . . . . . . 30 | 3.3.2. DTLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 31 | |||
| 3.2.4. DTLS 1.2 with Connection ID and 6LoWPAN-GHC . . . . . 31 | 3.3.3. DTLS 1.3 with Connection ID . . . . . . . . . . . . . 31 | |||
| 3.3. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . 31 | 3.3.4. DTLS 1.3 with Connection ID and 6LoWPAN-GHC . . . . . 32 | |||
| 3.3.1. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . 31 | 3.4. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| 3.3.2. DTLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 32 | 3.4.1. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| 3.3.3. DTLS 1.3 with Connection ID . . . . . . . . . . . . . 32 | 3.4.2. TLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 33 | |||
| 3.3.4. DTLS 1.3 with Connection ID and 6LoWPAN-GHC . . . . . 33 | 3.5. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 3.4. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . 33 | 3.5.1. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 3.4.1. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . 33 | 3.5.2. TLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 34 | |||
| 3.4.2. TLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 34 | 3.6. OSCORE . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 3.5. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 34 | 3.7. Group OSCORE . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| 3.5.1. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . 34 | 3.8. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| 3.5.2. TLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 35 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 37 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37 | ||||
| 3.6. OSCORE . . . . . . . . . . . . . . . . . . . . . . . . . 35 | 6. Informative References . . . . . . . . . . . . . . . . . . . 37 | |||
| 3.7. Group OSCORE . . . . . . . . . . . . . . . . . . . . . . 37 | Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 39 | |||
| 3.8. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 37 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 38 | ||||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38 | ||||
| 6. Informative References . . . . . . . . . . . . . . . . . . . 38 | ||||
| Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 40 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40 | ||||
| 1. Introduction | 1. Introduction | |||
| This document analyzes and compares the sizes of key exchange flights | This document analyzes and compares the sizes of key exchange flights | |||
| and the per-packet message size overheads when using different | and the per-packet message size overheads when using different | |||
| security protocols to secure CoAP over UPD [RFC7252] and TCP | security protocols to secure CoAP over UPD [RFC7252] and TCP | |||
| [RFC8323]. The analyzed security protocols are DTLS 1.2 [RFC6347], | [RFC8323]. The analyzed security protocols are DTLS 1.2 [RFC6347], | |||
| DTLS 1.3 [I-D.ietf-tls-dtls13], TLS 1.2 [RFC5246], TLS 1.3 [RFC8446], | DTLS 1.3 [I-D.ietf-tls-dtls13], TLS 1.2 [RFC5246], TLS 1.3 [RFC8446], | |||
| EDHOC [I-D.selander-lake-edhoc], OSCORE [RFC8613], and Group OSCORE | EDHOC [I-D.ietf-lake-edhoc], OSCORE [RFC8613], and Group OSCORE | |||
| [I-D.ietf-core-oscore-groupcomm]. | [I-D.ietf-core-oscore-groupcomm]. | |||
| The DTLS and TLS record layers are analyzed with and without 6LoWPAN- | The DTLS and TLS record layers are analyzed with and without 6LoWPAN- | |||
| GHC compression. DTLS is anlyzed with and without Connection ID | GHC compression. DTLS is anlyzed with and without Connection ID | |||
| [I-D.ietf-tls-dtls-connection-id]. Readers are expected to be | [I-D.ietf-tls-dtls-connection-id]. Readers are expected to be | |||
| familiar with some of the terms described in RFC 7925 [RFC7925], such | familiar with some of the terms described in RFC 7925 [RFC7925], such | |||
| as ICV. Section 2 compares the overhead of key exchange, while | as ICV. Section 2 compares the overhead of key exchange, while | |||
| Section 3 covers the overhead for protection of application data. | Section 3 covers the overhead for protection of application data. | |||
| 2. Overhead of Key Exchange Protocols | 2. Overhead of Key Exchange Protocols | |||
| skipping to change at page 4, line 24 ¶ | skipping to change at page 4, line 21 ¶ | |||
| The DTLS overhead is dependent on the parameter Connection ID. The | The DTLS overhead is dependent on the parameter Connection ID. The | |||
| following overheads apply for all Connection IDs of the same length, | following overheads apply for all Connection IDs of the same length, | |||
| when Connection ID is used. | when Connection ID is used. | |||
| The EDHOC overhead is dependent on the key identifiers included. The | The EDHOC overhead is dependent on the key identifiers included. The | |||
| following overheads apply for Sender IDs of the same length. | following overheads apply for Sender IDs of the same length. | |||
| All the overhead are dependent on the tag length. The following | All the overhead are dependent on the tag length. The following | |||
| overheads apply for tags of the same length. | overheads apply for tags of the same length. | |||
| Figure 1 compares the message sizes of EDHOC | Figure 1 compares the message sizes of EDHOC [I-D.ietf-lake-edhoc] | |||
| [I-D.selander-lake-edhoc] with the DTLS 1.3 [I-D.ietf-tls-dtls13] and | with the DTLS 1.3 [I-D.ietf-tls-dtls13] and TLS 1.3 [RFC8446] | |||
| TLS 1.3 [RFC8446] handshakes with connection ID. | handshakes with connection ID. | |||
| ===================================================================== | ===================================================================== | |||
| Flight #1 #2 #3 Total | Flight #1 #2 #3 Total | |||
| --------------------------------------------------------------------- | --------------------------------------------------------------------- | |||
| DTLS 1.3 RPK + ECDHE 150 373 213 736 | DTLS 1.3 RPK + ECDHE 150 373 213 736 | |||
| DTLS 1.3 Cached X.509/RPK + ECDHE 182 347 213 742 | DTLS 1.3 Cached X.509/RPK + ECDHE 182 347 213 742 | |||
| DTLS 1.3 PSK + ECDHE 184 190 57 431 | DTLS 1.3 PSK + ECDHE 184 190 57 431 | |||
| DTLS 1.3 PSK 134 150 57 341 | DTLS 1.3 PSK 134 150 57 341 | |||
| --------------------------------------------------------------------- | --------------------------------------------------------------------- | |||
| EDHOC RPK + ECDHE 37 46 20 103 | EDHOC RPK + ECDHE 37 46 20 103 | |||
| EDHOC PSK + ECDHE 38 44 10 92 | EDHOC X.509 + ECDHE 37 117 91 245 | |||
| ===================================================================== | ===================================================================== | |||
| Figure 1: Comparison of message sizes in bytes with Connection ID | Figure 1: Comparison of message sizes in bytes with Connection ID | |||
| Figure 2 compares of message sizes of DTLS 1.3 [I-D.ietf-tls-dtls13] | Figure 2 compares of message sizes of DTLS 1.3 [I-D.ietf-tls-dtls13] | |||
| and TLS 1.3 [RFC8446] handshakes without connection ID. | and TLS 1.3 [RFC8446] handshakes without connection ID. | |||
| ===================================================================== | ===================================================================== | |||
| Flight #1 #2 #3 Total | Flight #1 #2 #3 Total | |||
| --------------------------------------------------------------------- | --------------------------------------------------------------------- | |||
| skipping to change at page 17, line 32 ¶ | skipping to change at page 17, line 32 ¶ | |||
| Compression Methods (null) (2 bytes): | Compression Methods (null) (2 bytes): | |||
| 01 00 | 01 00 | |||
| Extensions Length (2 bytes): | Extensions Length (2 bytes): | |||
| LL LL | LL LL | |||
| Extension - Supported Groups (x25519) (8 bytes): | Extension - Supported Groups (x25519) (8 bytes): | |||
| 00 0a 00 04 00 02 00 1d | 00 0a 00 04 00 02 00 1d | |||
| Extension - Signature Algorithms (ecdsa_secp256r1_sha256) (8 bytes): | Extension - Signature Algorithms(ecdsa_secp256r1_sha256)(8 bytes): | |||
| 00 0d 00 04 00 02 08 07 | 00 0d 00 04 00 02 08 07 | |||
| Extension - Key Share (42 bytes): | Extension - Key Share (42 bytes): | |||
| 00 33 00 26 00 24 00 1d 00 20 | 00 33 00 26 00 24 00 1d 00 20 | |||
| 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 | |||
| 16 17 18 19 1a 1b 1c 1d 1e 1f | 16 17 18 19 1a 1b 1c 1d 1e 1f | |||
| Extension - Supported Versions (1.3) (7 bytes): | Extension - Supported Versions (1.3) (7 bytes): | |||
| 00 2b 00 03 02 03 04 | 00 2b 00 03 02 03 04 | |||
| skipping to change at page 19, line 16 ¶ | skipping to change at page 19, line 16 ¶ | |||
| Handshake Header - Certificate Request (4 bytes): | Handshake Header - Certificate Request (4 bytes): | |||
| 0d LL LL LL | 0d LL LL LL | |||
| Request Context (1 bytes): | Request Context (1 bytes): | |||
| 00 | 00 | |||
| Extensions Length (2 bytes): | Extensions Length (2 bytes): | |||
| LL LL | LL LL | |||
| Extension - Signature Algorithms (ecdsa_secp256r1_sha256) (8 bytes): | Extension - Signature Algorithms(ecdsa_secp256r1_sha256)(8 bytes): | |||
| 00 0d 00 04 00 02 08 07 | 00 0d 00 04 00 02 08 07 | |||
| Handshake Header - Certificate (4 bytes): | Handshake Header - Certificate (4 bytes): | |||
| 0b LL LL LL | 0b LL LL LL | |||
| Request Context (1 bytes): | Request Context (1 bytes): | |||
| 00 | 00 | |||
| Certificate List Length (3 bytes): | Certificate List Length (3 bytes): | |||
| LL LL LL | LL LL LL | |||
| skipping to change at page 24, line 29 ¶ | skipping to change at page 24, line 29 ¶ | |||
| 2.3.3.3. flight_3 | 2.3.3.3. flight_3 | |||
| There are no differences in overhead compared to Section 2.3.2.3. | There are no differences in overhead compared to Section 2.3.2.3. | |||
| TLS 1.3 PSK flight_3 gives 57 bytes of overhead. | TLS 1.3 PSK flight_3 gives 57 bytes of overhead. | |||
| 2.4. EDHOC | 2.4. EDHOC | |||
| This section gives an estimate of the message sizes of EDHOC with | This section gives an estimate of the message sizes of EDHOC with | |||
| different authentication methods. All examples are given in CBOR | authenticated with static Diffie-Hellman keys. All examples are | |||
| diagnostic notation and hexadecimal. | given in CBOR diagnostic notation and hexadecimal, and are based on | |||
| the test vectors in Appendix B.2 of [I-D.ietf-lake-edhoc]. | ||||
| 2.4.1. Message Sizes RPK | 2.4.1. Message Sizes RPK | |||
| 2.4.1.1. message_1 | 2.4.1.1. message_1 | |||
| message_1 = ( | message_1 = ( | |||
| 13, | 13, | |||
| 0, | 0, | |||
| h'8D3EF56D1B750A4351D68AC250A0E883790EFC80A538A444EE9E2B57E244 | h'8D3EF56D1B750A4351D68AC250A0E883790EFC80A538A444EE9E2B57E244 | |||
| 1A7C', | 1A7C', | |||
| skipping to change at page 25, line 29 ¶ | skipping to change at page 25, line 29 ¶ | |||
| 2.4.1.3. message_3 | 2.4.1.3. message_3 | |||
| message_3 = ( | message_3 = ( | |||
| 8, | 8, | |||
| h'53C3991999A5FFB86921E99B607C067770E0' | h'53C3991999A5FFB86921E99B607C067770E0' | |||
| ) | ) | |||
| message_3 (20 bytes): | message_3 (20 bytes): | |||
| 08 52 53 c3 99 19 99 a5 ff b8 69 21 e9 9b 60 7c 06 77 70 e0 | 08 52 53 c3 99 19 99 a5 ff b8 69 21 e9 9b 60 7c 06 77 70 e0 | |||
| 2.4.2. Message Sizes PSK | 2.4.2. Summary | |||
| 2.4.3. message_1 | ||||
| message_1 = ( | ||||
| 17, | ||||
| 0, | ||||
| h'3662C4A71D624E8A4D9DFF879ABC6E2A0E745F82F497F7AFBEBFF3B01A8F | ||||
| AB57', | ||||
| 14, | ||||
| -17 | ||||
| ) | ||||
| message_1 (38 bytes): | ||||
| 11 00 58 20 36 62 c4 a7 1d 62 4e 8a 4d 9d ff 87 9a bc 6e 2a | ||||
| 0e 74 5f 82 f4 97 f7 af be bf f3 b0 1a 8f ab 57 0e 30 | ||||
| 2.4.4. message_2 | ||||
| message_2 = ( | ||||
| h'A3967F6CF99B6DDC7E7C219D0D119A383F754001DF33515971EC6C842553 | ||||
| B776', | ||||
| -24, | ||||
| h'4F355451E069226F' | ||||
| ) | ||||
| message_2 (44 bytes): | ||||
| 58 20 a3 96 7f 6c f9 9b 6d dc 7e 7c 21 9d 0d 11 9a 38 3f 75 | ||||
| 40 01 df 33 51 59 71 ec 6c 84 25 53 b7 76 37 48 4f 35 54 51 | ||||
| e0 69 22 6f | ||||
| 2.4.5. message_3 | ||||
| message_3 = ( | ||||
| -24, | ||||
| h'763BD2F3C10F0D45' | ||||
| ) | ||||
| message_3 (10 bytes): | ||||
| 37 48 76 3b d2 f3 c1 0f 0d 45 | ||||
| 2.4.6. Summary | ||||
| The previous examples of typical message sizes are summarized in | The typical message sizes for the previous example and for an example | |||
| of EDHOC authenticated with signature keys and X.509 certificates | ||||
| based on Appendix B.1 of [I-D.ietf-lake-edhoc] are summarized in | ||||
| Figure 5. | Figure 5. | |||
| ===================================================================== | =============================== | |||
| PSK RPK x5t x5chain | RPK x5t | |||
| --------------------------------------------------------------------- | ------------------------------- | |||
| message_1 38 37 37 37 | message_1 37 37 | |||
| message_2 44 46 117 110 + Certificate chain | message_2 46 117 | |||
| message_3 10 20 91 84 + Certificate chain | message_3 20 91 | |||
| --------------------------------------------------------------------- | ------------------------------- | |||
| Total 92 103 245 231 + Certificate chains | Total 103 245 | |||
| ===================================================================== | =============================== | |||
| Figure 5: Typical message sizes in bytes | Figure 5: Typical message sizes in bytes | |||
| 2.5. Conclusion | 2.5. Conclusion | |||
| To do a fair comparison, one has to choose a specific deployment and | To do a fair comparison, one has to choose a specific deployment and | |||
| look at the topology, the whole protocol stack, frame sizes (e.g. 51 | look at the topology, the whole protocol stack, frame sizes (e.g. 51 | |||
| or 128 bytes), how and where in the protocol stack fragmentation is | or 128 bytes), how and where in the protocol stack fragmentation is | |||
| done, and the expected packet loss. Note that the number of byte in | done, and the expected packet loss. Note that the number of bytes in | |||
| each frame that is available for the key exchange protocol may depend | each frame that is available for the key exchange protocol may depend | |||
| on the underlying protocol layers as well as the number of hops in | on the underlying protocol layers as well as on the number of hops in | |||
| multi-hop networks. The packet loss depends may depend on how many | multi-hop networks. The packet loss may depend on how many other | |||
| other devices that are transmitting at the same time, and may | devices are transmitting at the same time, and may increase during | |||
| increase during network formation. The total overhead will be larger | network formation. The total overhead will be larger due to | |||
| due to mechanisms for fragmentation, retransmission, and packet | mechanisms for fragmentation, retransmission, and packet ordering. | |||
| ordering. The overhead of fragmentation is roughly proportional to | The overhead of fragmentation is roughly proportional to the number | |||
| the number of fragments, while the expected overhead due to | of fragments, while the expected overhead due to retransmission in | |||
| retransmission in noisy environments is a superlinear function of the | noisy environments is a superlinear function of the flight sizes. | |||
| flight sizes. | ||||
| 3. Overhead for Protection of Application Data | 3. Overhead for Protection of Application Data | |||
| To enable comparison, all the overhead calculations in this section | To enable comparison, all the overhead calculations in this section | |||
| use AES-CCM with a tag length of 8 bytes (e.g. AES_128_CCM_8 or AES- | use AES-CCM with a tag length of 8 bytes (e.g. AES_128_CCM_8 or AES- | |||
| CCM-16-64), a plaintext of 6 bytes, and the sequence number '05'. | CCM-16-64), a plaintext of 6 bytes, and the sequence number '05'. | |||
| This follows the example in [RFC7400], Figure 16. | This follows the example in [RFC7400], Figure 16. | |||
| Note that the compressed overhead calculations for DLTS 1.2, DTLS | Note that the compressed overhead calculations for DLTS 1.2, DTLS | |||
| 1.3, TLS 1.2 and TLS 1.3 are dependent on the parameters epoch, | 1.3, TLS 1.2 and TLS 1.3 are dependent on the parameters epoch, | |||
| skipping to change at page 38, line 34 ¶ | skipping to change at page 37, line 34 ¶ | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 6. Informative References | 6. Informative References | |||
| [I-D.ietf-core-oscore-groupcomm] | [I-D.ietf-core-oscore-groupcomm] | |||
| Tiloca, M., Selander, G., Palombini, F., and J. Park, | Tiloca, M., Selander, G., Palombini, F., and J. Park, | |||
| "Group OSCORE - Secure Group Communication for CoAP", | "Group OSCORE - Secure Group Communication for CoAP", | |||
| draft-ietf-core-oscore-groupcomm-06 (work in progress), | draft-ietf-core-oscore-groupcomm-09 (work in progress), | |||
| November 2019. | June 2020. | |||
| [I-D.ietf-lake-edhoc] | ||||
| Selander, G., Mattsson, J., and F. Palombini, "Ephemeral | ||||
| Diffie-Hellman Over COSE (EDHOC)", draft-ietf-lake- | ||||
| edhoc-01 (work in progress), August 2020. | ||||
| [I-D.ietf-tls-dtls-connection-id] | [I-D.ietf-tls-dtls-connection-id] | |||
| Rescorla, E., Tschofenig, H., and T. Fossati, "Connection | Rescorla, E., Tschofenig, H., and T. Fossati, "Connection | |||
| Identifiers for DTLS 1.2", draft-ietf-tls-dtls-connection- | Identifiers for DTLS 1.2", draft-ietf-tls-dtls-connection- | |||
| id-07 (work in progress), October 2019. | id-07 (work in progress), October 2019. | |||
| [I-D.ietf-tls-dtls13] | [I-D.ietf-tls-dtls13] | |||
| Rescorla, E., Tschofenig, H., and N. Modadugu, "The | Rescorla, E., Tschofenig, H., and N. Modadugu, "The | |||
| Datagram Transport Layer Security (DTLS) Protocol Version | Datagram Transport Layer Security (DTLS) Protocol Version | |||
| 1.3", draft-ietf-tls-dtls13-34 (work in progress), | 1.3", draft-ietf-tls-dtls13-38 (work in progress), May | |||
| November 2019. | 2020. | |||
| [I-D.rescorla-tls-ctls] | [I-D.rescorla-tls-ctls] | |||
| Rescorla, E., Barnes, R., and H. Tschofenig, "Compact TLS | Rescorla, E., Barnes, R., and H. Tschofenig, "Compact TLS | |||
| 1.3", draft-rescorla-tls-ctls-03 (work in progress), | 1.3", draft-rescorla-tls-ctls-04 (work in progress), March | |||
| November 2019. | 2020. | |||
| [I-D.selander-lake-edhoc] | ||||
| Selander, G., Mattsson, J., and F. Palombini, "Ephemeral | ||||
| Diffie-Hellman Over COSE (EDHOC)", draft-selander-lake- | ||||
| edhoc-00 (work in progress), November 2019. | ||||
| [IoT-Cert] | [IoT-Cert] | |||
| Forsby, F., "Digital Certificates for the Internet of | Forsby, F., "Digital Certificates for the Internet of | |||
| Things", June 2017, <https://kth.diva- | Things", June 2017, <https://kth.diva- | |||
| portal.org/smash/get/diva2:1153958/FULLTEXT01.pdf>. | portal.org/smash/get/diva2:1153958/FULLTEXT01.pdf>. | |||
| [OlegHahm-ghc] | [OlegHahm-ghc] | |||
| Hahm, O., "Generic Header Compression", July 2016, | Hahm, O., "Generic Header Compression", July 2016, | |||
| <https://github.com/OlegHahm/ghc>. | <https://github.com/OlegHahm/ghc>. | |||
| End of changes. 19 change blocks. | ||||
| 118 lines changed or deleted | 75 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||