-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integration of Link Layer Security #557
Conversation
Very cool! This is definitely an area that needs fixing, and this looks like it does a very thorough job of doing so! A couple of random questions/comments: I'm not sure exactly what the Is the paper available somewhere outside the ACM digital library? ACM allows having copies on personal websites and similar. Maybe Also, travis seems to fail hard on the sky platform. |
The The paper can be obtained from here. The paper is actually a short version of my master's thesis. Admitedly, Regarding the failed build, I will try to figure out what is wrong. |
Another use case of the After all, the |
Changes:
|
It should be fine by now. |
We also require link layer security, and I'm really glad to find this patchset. It does all of the things we need and then some, most of them even like I would have done them :) I do see some issues, though:
|
Great job! |
There seems to be a problem in the following constellation:
If I deactivate This problem is reproducible in cooja (tested with |
I am currently looking at the endianness problem. I could solve this by simply calling UIP_HTONL. However, I noticed that by default little endianness is used:
Shouldn't it be:
|
I will see if I can reproduce your problem jdede. At least the border router + broadcast example work properly with this configuration:
|
Okay, I am using the
Disabling the check for already secured frame numbers would destroy the timing: No packets are transmitted. I just tested the behavior using the I use the following configuration:
sky-platform, cooja-example: |
Hope that does the trick. Let me know. |
Unfortunately not. It seems as every packet is encrypted: The |
The frame pending flag was causing trouble. This flag was sometimes set in frames that were previously created without this flag. Due to my check that skips securing frames that have already been secured, those frames were sent with old nonauthentic MICs and therefore dropped by the recipient(s). However, I found that I can skip the check altogether. |
To summarize the latest changes:
|
I tested the latest checkout again in cooja. I think the problem is the following:
Again, I tested in cooja with sky nodes and the the rpl-udp example. I extended the contiki-conf.h by the following lines:
The problem is the ContikiMAC: The encryption takes about 23 ms using As the phase optimization is disabled by default in The solution of this problem could become complex. Perhaps the delay caused by the encryption have to be concerned by the phase optimization. But at the moment I am unsure how to do this in a generic way. I think that the point with the phase optimization should be kept in mind as a TODO. The phase optimization is a good way to reduce the power consumption and increase the lifetime of battery powered nodes. |
I figured out that Other changes:
|
Hope 2a76636 eventually overcomes the ContikiMAC incompatibility. Here is what I did:
P.S.: An added benefit of creating the ContikiMAC header in the NETSTACK_FRAMER relates to #193. |
I have just tested the current version of your branch. For me, it looks good. 👍
Furthermore I removed the part with the hardware AES to check if the timing issue I reported earlier is fixed. I tested again with Afterwards, I increased the payload by 90 bytes (leading to 113 - 115 bytes total UDP payload) to test the fragmentation. In this case, 3 of 419 packets got lost. This leads to a PRR of ~0.99. For a network consisting of 31 nodes, fragmentation, duty cycling and a send interval of 60 seconds this sounds okay for me. Great work! A big 👍 from me ! |
glad to hear that |
|
I have some problems using the llsec with the rime stack. The 2 byte short addresses seem to be problematic as llsec uses 8 byte extended addresses. If I disable the llsec for rime or set the There are at least three ways to solve this problem:
Are there any known caveats using rime with 8 byte extended addresses? |
This is indeed an issue. The In the A straightforward solution for the |
Thanks for the nice contribution and for the subsequent effort in addressing the community's comments. I stumbled upon a license issue while doing an initial browsing through the source code. core/lib/aes-128.c says this in a comment: "Wrapped AES-128 implementation from Texas Instruments." Can you clarify the license status of that implementation? |
…anded framer interface to allow for creating and securing frames in advance; Create and secure frames in advance when sending bursts; Do neither recreate nor resecure frames that come from phase
Time is nigh to finally merge this fantastic pull request! It brings some very important functionality and there has already been a lot of testing done and if things break because of it, we'll just have to fix it down the line. Great work on this one everybody, particularly @kkrentz of course! 👍 |
Integration of Link Layer Security
I wrote a short blog post about this pull request here: http://contiki-os.blogspot.se/2014/10/a-big-step-for-contiki-built-in.html |
Two small annoying issues : now there is two 18-… non-regression tests (18-compile-arm-ports and 18-llsec), also ccm.* files clash with ccm.* files from tinydtls (and most probably with other sec implementation). Wouldn't be better to prefix them with llsec- ? |
@adamdunkels, @kkrentz Wow, while the llsec stuff might be nice, f513ef9 should be reverted. It breaks everything working with RSSI values on the CC2420. This includes the rssi-scanner in the examples directory and any other research project working with rssi values. I was lucky to spot this while rebasing. |
This pull request addresses #526.
I added a new NETSTACK layer, called LLSEC, in between the MAC and the NETWORK layer for implementing link layer security. This change is in line with the current architecture and the handling of the LLSEC layer is similar to that of other NETSTACK layers. For example, link layer security can be disabled by configuring the nullsec driver.
The interface of LLSEC drivers comprises four functions
bootstrap
,send
,on_frame_created
, andinput
. I have successfully used this abstraction for implementing two LLSEC drivers, which provide authentication, confidentiality, as well as replay protection. One of them uses a network-wide key (Noncoresec) and the other one uses pairwise keys (Coresec). This pull request only contains Noncoresec, which is an 802.15.4-compliant LLSEC driver.The employed AES driver is encapsulated as a preprocessor variable. I included a software-based, as well as a hardware-accelerated AES driver. Implementing other such drivers should be straightforward using these examples.
To make all this work, I extended the framer to support frames with security headers. Furthermore, I adapted
contiki-sky-main.c
to support link layer security. I also refactored the CC2420 driver.What is left is to adapt the main files of other platform's main files to support link layer security. However, this task can be deferred since everything continues to work when leaving link layer security disabled.
Further information is here.