Hi Thomas and Xavi, I agree that with the a well-known key based MIC, some useless "start to join" can be avoided. However, it is under the assumption that there is no other 6tisch networks, right? If there are more than one 6tisch networks in the same area, and all of them use the well-known key based MIC to authentication, then the authentication will not save anything, right? ThanksQin
On Thursday, April 23, 2015 8:30 PM, Xavier Vilajosana <xvilajos...@eecs.berkeley.edu> wrote: Hi Thomas, now things are clear. If the "starting to join" is the bottleneck then I agree with you and I come up to the same conclusion. thanks for the clarification. At least for me now there is no doubt about it. regards,Xavi 2015-04-23 10:35 GMT+02:00 Thomas Watteyne <watte...@eecs.berkeley.edu>: Xavi, I think (?) I understand where we get confused. In both case 1 and case 2 Zelda's network will be sending a lot of EBs and Charlie's nodes will be receiving that EBs. Agreed. In both cases Charlie node will be receiving more EBs from Zelda's network than from Charlie's network. Agreed. This will be slowing down the join procedure. Not agreed, or not exactly :-) Many packets in the air (EBs or not) mean occasional packet collision and MAC-level retransmissions, for sure.But the main reason in this case for Charlie's mote to join slowly is that is attempts to join Zelda's network: the mote hears Zelda's EB, synchronizes to it, contacts Zelda's JCE to join, which rejects it. That process might take tens of second, and it happens every time Charlie's mote mistakes Zelda's EB for one of Charlie's. I understand that Zelda's network JCE will reject Charlie's nodes when trying to join if MIC is not correct. Agreed. However, when Zelda's network send EBs, they are broadcast and Charlie's nodes must receive them anyway. So the difference seems slight and only from the JCE side not from Charlie's nodes which will be still trying to parse a lot of EBs. Agreed, regardless of what we come up with, Charlie's node needs to listen for valid EBs, which involves parsing all packets it receives (maybe with a little help of the HW). But it terms of delays, it's the "starting to join the wrong network" that has the most impact. right? wrong? Thomas On Thu, Apr 23, 2015 at 9:36 AM, Xavier Vilajosana <xvilajos...@eecs.berkeley.edu> wrote: Hi Thomas, sorry, but I still do not see the benefit :) .. In both case 1 and case 2 Zelda's network will be sending a lot of EBs and Charlie's nodes will be receiving that EBs. In both cases Charlie node will be receiving more EBs from Zelda's network than from Charlie's network. This will be slowing down the join procedure. I understand that Zelda's network JCE will reject Charlie's nodes when trying to join if MIC is not correct. However, when Zelda's network send EBs, they are broadcast and Charlie's nodes must receive them anyway. So the difference seems slight and only from the JCE side not from Charlie's nodes which will be still trying to parse a lot of EBs. am I missing something?X 2015-04-23 9:31 GMT+02:00 Thomas Watteyne <watte...@eecs.berkeley.edu>: Xavi, If I read Kris' e-mail correctly, in option 1, Charlie's nodes attempt to join Zelda's network (i.e. they synchronize and ask the JCE, or equivalent, to join). Since Zelda's network cannot authenticate Charlie's node, it gets rejected. Charlie's node then tries again by listening for EBs. Because Zelda's toys send so many beacons (they are little robots with motors drawing 1A of current, so the little bit of extra current because of a large number of EBs doesn't matter), Charlie's node attempts to join Zelda's network much more often that its own. Charlie's nodes waste a lot of energy trying over and over, until they finally join Charlie's network. Thomas On Thu, Apr 23, 2015 at 5:14 AM, Xavier Vilajosana <xvilajos...@eecs.berkeley.edu> wrote: Kris, can you explain me "Charlie does some testing of option 1, and finds that when there is a Zelda's Toy Shopnear one of his stores, his networks take a *really* long time to join. It seems that Zelda's toys send 15.4e EBs too, and they send a lot of them. The sensors that Alice and Bob sell spend a lot of time and battery energy trying to join the wrong network. Charlie would really like something better than option 1." why if there is no authentication it takes longer that if there is authentication? I understand that if a network sends a lot of EBs other networks will receive the frames despite there is authentication or not. if there is no authentication a node parses the EB and decides to join or not. If the nodes uses a MIC it has to receive the packet as well and check the MIC then decides to join or not. In both cases the nodes receive a lot of EBs so the situation is similar (the only difference is that if we use MIC and the node can decode it the node knows that it is allowed to join that network). I only see benefit if the MIC is used as a filter and this is done automatically by the hw. regards,Xavi 2015-04-22 19:15 GMT+02:00 Kris Pister <k...@berkeley.edu>: Alice and Bob make wireless temperature sensors that run a 6tisch stack. Charlie owns a nationwide chain grocery store and is rolling out 6tisch everywhere. Zelda sells wireless toys that use 802.15.4e. Mallory is always lurking. Charlie needs to decide if and how to use message integrity checks on enhanced beacons. He thinks that he has three options: 1) don't use MICs on EBs. 2) use MICs on EBs, with a secret key 3) use MICs on EBs, with a well-known key Charlie does some testing of option 1, and finds that when there is a Zelda's Toy Shop near one of his stores, his networks take a *really* long time to join. It seems that Zelda's toys send 15.4e EBs too, and they send a lot of them. The sensors that Alice and Bob sell spend a lot of time and battery energy trying to join the wrong network. Charlie would really like something better than option 1. Charlie decides to use option 2, a MIC with a secret key, and it works great! The sensors ignore EBs from Zelda's, and only respond to EBs from his networks. He asks Alice and Bob if they are willing to install that secret key before they ship the sensors to his various stores, and he's such a big customer that they say sure. He is driving an industry standard. But then Charlie gets worried. He's probably going to end up buying sensors from Aaron, Abu, Acacia, and Ada as well. How will he keep his key secret? Eventually someone will find it or leak it, and then there will be a big news story "Charlie's Markets Hacked!" He imagines himself trying to explain to reporters that the MIC key on the EB is just there for network segregation and message integrity. He imagines that wouldn't go very well, so he decides option 2 is out. Maybe he can just publish the MIC key in the standard? But if Charlie uses option 3, a well-known key, Mallory will be able to spoof EBs. Of course, if he uses no MIC at all, Mallory will also be able to spoof EBs. What should Charlie do? ksjp _______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch _______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch _______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch
_______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch