Dear Authors,
draft-fossati-tls-iot-optimizations-00 mentions in 4.2, page 5, a hash chain
(Lampert, "Password Authentication with Insecure Communication").
Would it be possible, to get more details about that approach?
In my opinion, DTLS needs a connection id, the record is usually secured by the
MAC.
So the hash chain providing a "password" seems for me to rely on a "identity",
for which the "password" should be verified.
But that identity is missing and the verification is done with the MAC.
Use this in reverse, I could think of something as:
connection hash := H ^ record.sequence_number (connection id)
So with an incoming record {sequence_number, connection hash} you may look up,
if "connection ids" hashed
"sequence_number" times results in the provided "connection hash" and then you
may verify, if one of the
candidates will verify with the MAC. Even with defining a "sequence number
window" to exclude "faraway"
sessions, I'm not sure, how such an approach would scale for a large number of
session.
So could you please provide your ideas about that hash chain?
Mit freundlichen Grüßen / Best regards
Achim Kraus
Bosch Software Innovations GmbH
Communications (INST/ESY1)
Stuttgarter Straße 130
71332 Waiblingen
GERMANY
www.bosch-si.de
www.blog.bosch-si.com
Tel. +49 711 811-58139
achim.kr...@bosch-si.com
Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
148411 B
Executives: Dr.-Ing. Rainer Kallenbach; Michael Hahn
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
