Bijective MAC for Constraint Nodes
draft-urien-core-bmac-01
|
| Document |
Type |
|
Active Internet-Draft (individual)
|
|
Last updated |
|
2019-11-16
|
|
Stream |
|
(None)
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
pdf
htmlized
bibtex
|
| Stream |
Stream state |
|
(No stream defined) |
|
Consensus Boilerplate |
|
Unknown
|
|
RFC Editor Note |
|
(None)
|
| IESG |
IESG state |
|
I-D Exists
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
CORE Working Group Working Group P. Urien
Internet Draft Telecom ParisTech
Intended status: Experimental
November 17, 2019
Expires: May 2020
Bijective MAC for Constraint Nodes
draft-urien-core-bmac-01.txt
Abstract
In this draft context, things are powered by micro controllers units
(MCU) comprising a set of memories such as static RAM (SRAM), FLASH
and EEPROM. The total memory size, ranges from 10KB to a few
megabytes. In this context code and data integrity is a major
security issue, for the deployment of Internet of Things
infrastructure. The goal of the bijective MAC (bMAC) is to compute
an integrity value, which cannot be guessed by malicious software.
In classical keyed MACs, MAC is computing according to a fixed
order.
In the bijective MAC, the content of N addresses is hashed according
to a permutation P (i.e. bijective application).
The bijective MAC key is the permutation P.
The number of permutations for N addresses is N!. So the computation
of the bMAC requires the knowledge of the whole space memory; this
is trivial for genuine software, but could very difficult for
corrupted software.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 2020.
Urien Expires May 2020 [Page 1]
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Urien Expires May 2020 [page 2]
Bijective MAC for Constraint Nodes November 2019
Table of Contents
Abstract........................................................... 1
Requirements Language.............................................. 1
Status of this Memo................................................ 1
Copyright Notice................................................... 2
1 Overview......................................................... 4
2 Bijective MAC.................................................... 4
2.1 Memory space................................................ 4
2.2 Permutation................................................. 4
2.3 bMAC computation............................................ 5
2.4 Unused memory............................................... 5
2.5 Permutation entropy......................................... 5
2.6 Time-stamped bMAC........................................... 5
3. The Pq permutation family....................................... 6
3.1 How to compute generators................................... 6
3.2 Shifted permutation......................................... 7
3.3 Composition in Fq........................................... 8
3.4 Code example................................................ 8
3.4.1 Example 1 ............................................ 8
3.4.2 Example 2 ............................................ 9
Show full document text