[Ndn-interest] Adding HMAC to available NDN signature types

Marc.Mosko at parc.com Marc.Mosko at parc.com
Sat Sep 20 11:20:06 PDT 2014


In CCNx 1.0, we have HMAC-SHA256 running along side RSA-SHA256/512.

We require a keyid field in the signature algorithm section.  This could be a SHA256 of the key, or we do allow it to be any identifier agreed upon by the two parties as part of a key exchange protocol.  For example, two nodes could begin using integers 0, 1, 2, … for some given namespace.  They would only need to remember 2 identifiers at a time (the current and the last one to handle packets in flight during change over).  The keyid does not need to be globally significant like for RSA, as MACs should really be pair-wise authentications.

Obviously, the key itself is never communicated outside a key exchange protocol.

A previous poster was correct.  The HMAC key can be any length up to and including the hash block length (which may be greater than the output length).   Section 2 of the the RFC also states that if the key is longer than the block length, one should hash the key with the hash function, then use that as the key.  The keyid would be the hash of that hash (obviously not wanting to put the key in the keyid).  For HMAC, section 2 recommends keys the same length as the hash function output.

We have a specific identifier for each validation algorithm, whether it is CRC-32c, HMAC-SHA256, RSA-256,etc.  See http://www.ccnx.org/pubs/ccnx-mosko-tlvmessages-01.txt, sec. 3.6.  Thus, if we wanted to use HMAC-BLAKE2s-32, for example, that would end up as a new crypto-suite identifier for us.  We do not identifier the signing algorithm apart from the hashing algorithm.

Marc



On Sep 20, 2014, at 10:24 AM, GTS <gts at ics.uci.EDU> wrote:

> Hi,
> 
> adding an HMAC-based authenticator option to secure NDN content is a good idea. 
> It certainly makes sense for intranets and other intra-AS settings. 
> 
> I believe that CCNx has introduced an HMAC option quite some time ago.
> It might be worthwhile to check with PARC and not to reinvent the wheel.
> 
> Cheers,
> Gene
> 
> 
> 
> 
> 
> 
> 
> On 9/19/14, 11:12 AM, Adeola Bannis wrote:
>> Hello all,
>> 
>> I am proposing to add an HMAC type, using SHA256 as the hash function, to the signature types defined at http://named-data.net/doc/NDN-TLV/current/signature.html. This will enable communication with symmetric keys, which reduces the signing and verification load on resource-constrained devices.
>> 
>> The proposal is attached. Please review it and reply with any comments or suggestions.
>> 
>> Thanks,
>> Adeola
>> 
>> 
>> _______________________________________________
>> Ndn-interest mailing list
>> Ndn-interest at lists.cs.ucla.edu
>> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
> 
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20140920/b4bb893f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2595 bytes
Desc: not available
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20140920/b4bb893f/attachment.bin>


More information about the Ndn-interest mailing list