[Ndn-interest] Signed interest

Yingdi Yu yingdi at CS.UCLA.EDU
Sat Sep 20 11:07:01 PDT 2014

Changed the topic since it is no longer about the original topic of the discussion.

On Sep 20, 2014, at 10:10 AM, Junxiao Shi <shijunxiao at email.arizona.edu> wrote:

> Hi Tai-Lin
> In signed Interest,
> timestamp is to prevent replay attack: the timestamp in a new command must be greater than any existing timestamps
> nonce is to guarantee uniqueness; this is useful when producer is not checking the timestamp
> Each consumer is expected to have its own unique keypair. Under this assumption, the system can tolerate a clock skew of 60 seconds between consumer and producer.
> Millisecond granularity is sufficient for the intended usage of signed Interest - infrequent command execution.
> Also note that the timestamp is never compared to wallclock after the initial command. Therefore, the consumer can operate as follows to send frequent commands:
> the initial command must carry a timestamp equal to wallclock
> in each subsequent command, increment timestamp by 1
> in case a command is rejected due to invalid timestamp, it means latest timestamp state is lost on the producer, therefore consumer should resend the command as an initial command (step 1)
This is similar to current KeyChain sign Interest operation. The difference is that we only increase the timestamp by 1 when the timestamp of an interest is the same as the previous one. In the other cases, we simply use the current timestamp. Unless there is an app that needs to generate more than 1000 signed interests using the same key, this solution should work.

> But this doesn't solve all problems with high-frequency signed Interests. See bug 1990.

As I replied on redmine, if order really matters, the interest sender should wait for the confirmation from the interest recipient. And this should be enforced by the app.

> Yours, Junxiao
> On Sat, Sep 20, 2014 at 1:06 AM, Tai-Lin Chu <tailinchu at gmail.com> wrote:
> > I hope you could read the spec of signed interest carefully and think a little bit more before making the claim above.
> sorry, I was making an extreme example of unsynced clock (I know that
> nfd uses unix UTC time).
> Btw, do you know why we have both nonce and timestamp in signed
> interest? Will seq no alone solve this problem? I am worried that msec
> might not be sufficient in the future.

Using seqNo requires you to persistently remember the last used seqNo (even if the app is turned off), otherwise you cannot guarantee that a seqNo has not been used before. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20140920/6413886e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20140920/6413886e/attachment.bin>

More information about the Ndn-interest mailing list