Bijective MAC for Constraint Nodes
draft-urien-core-bmac-07
|
Document |
Type |
|
Active Internet-Draft (individual)
|
|
Author |
|
Pascal Urien
|
|
Last updated |
|
2020-12-15
|
|
Stream |
|
(None)
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
pdf
htmlized (tools)
htmlized
bibtex
|
Stream |
Stream state |
|
(No stream defined) |
|
Consensus Boilerplate |
|
Unknown
|
|
RFC Editor Note |
|
(None)
|
IESG |
IESG state |
|
I-D Exists
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
CORE Working Group Working Group P. Urien
Internet Draft Telecom Paris
Intended status: Experimental
December 15 2020
Expires: June 2021
Bijective MAC for Constraint Nodes
draft-urien-core-bmac-07.txt
Abstract
In this draft context, things are powered by micro controllers units
(MCU) comprising a set of memories such as static RAM (SRAM), FLASH
and EEPROM. The total memory size, ranges from 10KB to a few
megabytes. In this context code and data integrity are major
security issues, for the deployment of Internet of Things
infrastructure. The goal of the bijective MAC (bMAC) is to compute
an integrity value, which cannot be guessed by malicious software.
In classical keyed MACs, MAC is computing according to a fixed
order.
In the bijective MAC, the content of N addresses is hashed according
to a permutation P (i.e. bijective application).
The bijective MAC key is the permutation P.
The number of permutations for N addresses is N!. So the computation
of the bMAC requires the knowledge of the whole space memory; this
is trivial for genuine software, but could very difficult for
corrupted software, especially for time stamped bMAC.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 2021.
Urien Expires June 2021 [Page 1]
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Urien Expires June 2021 [page 2]
Bijective MAC for Constraint Nodes December 2020
Table of Contents
Abstract........................................................... 1
Requirements Language.............................................. 1
Status of this Memo................................................ 1
Copyright Notice................................................... 2
1 Overview......................................................... 4
2 Bijective MAC.................................................... 4
2.1 Memory space................................................ 4
2.2 Permutation................................................. 4
2.3 bMAC computation............................................ 5
2.4 Unused memory............................................... 5
2.5 Permutation entropy......................................... 5
2.6 Time-stamped bMAC........................................... 6
2.6.1 Rational ............................................. 6
2.6.2 Canonical time ....................................... 6
3. The Pq permutation family....................................... 7
3.1 How to find a generator..................................... 7
3.1.1 Method 1 ............................................. 7
3.1.2 Method 2 ............................................. 7
3.1.3 Method 3 ............................................. 8
Show full document text