[Ndn-interest] Adding HMAC to available NDN signature types

Sat Sep 20 11:36:00 PDT 2014

It sounds like the current proposal for NDN is in line with what's defined
in CCNx.

On Sat, Sep 20, 2014 at 11:20 AM, <Marc.Mosko at parc.com> wrote:

> In CCNx 1.0, we have HMAC-SHA256 running along side RSA-SHA256/512.
>
> We require a keyid field in the signature algorithm section.  This could
> be a SHA256 of the key, or we do allow it to be any identifier agreed upon
> by the two parties as part of a key exchange protocol.  For example, two
> nodes could begin using integers 0, 1, 2, … for some given namespace.  They
> would only need to remember 2 identifiers at a time (the current and the
> last one to handle packets in flight during change over).  The keyid does
> not need to be globally significant like for RSA, as MACs should really be
> pair-wise authentications.
>
> Obviously, the key itself is never communicated outside a key exchange
> protocol.
>
> A previous poster was correct.  The HMAC key can be any length up to and
> including the hash block length (which may be greater than the output
> length).   Section 2 of the the RFC also states that if the key is longer
> than the block length, one should hash the key with the hash function, then
> use that as the key.  The keyid would be the hash of that hash (obviously
> not wanting to put the key in the keyid).  For HMAC, section 2 recommends
> keys the same length as the hash function output.
>
> We have a specific identifier for each validation algorithm, whether it is
> CRC-32c, HMAC-SHA256, RSA-256,etc.  See
> http://www.ccnx.org/pubs/ccnx-mosko-tlvmessages-01.txt, sec. 3.6.  Thus,
> if we wanted to use HMAC-BLAKE2s-32, for example, that would end up as a
> new crypto-suite identifier for us.  We do not identifier the signing
> algorithm apart from the hashing algorithm.
>
> Marc
>
>
>
> On Sep 20, 2014, at 10:24 AM, GTS <gts at ics.uci.EDU> wrote:
>
>  Hi,
>
> adding an HMAC-based authenticator option to secure NDN content is a good
> idea.
> It certainly makes sense for intranets and other intra-AS settings.
>
> I believe that CCNx has introduced an HMAC option quite some time ago.
> It might be worthwhile to check with PARC and not to reinvent the wheel.
>
> Cheers,
> Gene
>
>
>
>
>
>
>
> On 9/19/14, 11:12 AM, Adeola Bannis wrote:
>
> Hello all,
>
>  I am proposing to add an HMAC type, using SHA256 as the hash function,
> to the signature types defined at
> http://named-data.net/doc/NDN-TLV/current/signature.html. This will
> enable communication with symmetric keys, which reduces the signing and
> verification load on resource-constrained devices.
>
>  The proposal is attached. Please review it and reply with any comments
> or suggestions.
>
>  Thanks,
> Adeola
>
>
> _______________________________________________
> Ndn-interest mailing listNdn-interest at lists.cs.ucla.eduhttp://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
>
>  _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
>
>
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20140920/cdf79bd3/attachment.html>