Network Working Group P. Porambage
Internet-Draft University of Oulou
Intended status: Standards Track C. Schmitt
Expires: August 18, 2014 University of Zurich
A. Gurtov
Aalto University
S. Gerdes
Universitaet Bremen TZI
February 14, 2014
X.509 Public Key Infrastructure Certificates for the Constrained
Application Protocol (CoAP)
<draft-porambage-core-ace-x509-00>
Abstract
The Constrained Application Protocol (CoAP) is a web transfer
protocol designed for resource limited nodes in constrained networks.
For securing the protocol, CoAP defines a binding to Datagram
Transport Layer Security (DTLS) with four security modes. One of
them is the Certificate mode where the device has an asymmetric key
pair with an X.509 certificate. However, the intrinsic properties of
x.509 certificates impede the application on the resource constrained
nodes. This draft describes the necessary adjustments and derives a
modified profile for X.509 certificates to cope with the resource
limitations of low-power low-performing devices
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 18, 2014.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
Porambage, et al. X.509 for CoAP [Page 1]
Internet-Draft X.509 for CoAP February 2014
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Document Structure . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Design Requirements . . . . . . . . . . . . . . . . . . . . . . 4
4. Overview of the approach . . . . . . . . . . . . . . . . . . . 4
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 4
6. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . . 5
7. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 5
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5
8.1. Norminative References . . . . . . . . . . . . . . . . . . 5
8.2. Informative References . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6
Porambage, et al. X.509 for CoAP [Page 2]
Internet-Draft X.509 for CoAP February 2014
1. Introduction
The Constrained Application Protocol (CoAP) [I-D.ietf-core-coap] is
proposed as a lightweight alternative for HTTP protocol, in order to
support web services while realizing the REST architecture on top of
the most constrained nodes and networks. CoAP is designed for the
special requirements of this constrained environments, especially
considering energy, building automation and other machine-to-machine
(M2M) applications.
CoAP defines a binding to Datagram Transport Layer Security (DTLS)
[RFC6347] and specifies four security modes: NoSec, PreSharedKey,
RawPublicKey and Certificate. In the Certificate Mode, the device
has an X.509 certificate [RFC5280], which binds the public key of the
device to its Authority name and is signed by a common trust root.
Complex asymmetric algorithms like RSA use a lot of resources such as
processing power and memory. Devices may have to dedicate the major
portion of these resources on security algorithms instead of spending
them on the application they are intended for. Therefore, it is
necessary to adapt a low cost solution for the DTLS Certificate mode
in CoAP.
Mismatches of X.509 certificates in their original formats; According
to [RFC5280] the content of X.509 certificates is mainly composed of
three parts: TBSCertificate, Signature Algorithm and Signature Value.
We would like to focus on the internal configurations and attributes
of TBSCertificate component. The standard X.509 certificates use RSA
public key algorithm and keys as the public key infrastructure.
According to the definitions of Classes of devices as given in
[I-D.ietf-lwig-terms] class 0 and 1 are the most constrained devices.
These low performing devices are not capable of handling RSA PKI
algorithms due to their limited memory capacities and processing
capabilities.
1.1. Document Structure
Section 2 mentions conventions used in this draft. Afterwards the
assumed design requirements are briefly mentioned in Section 3.
Section 4 describes the proposed approach using X.509 public key
infrastructure (PKI) certificates for CoAP,followed by security
considerations.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
Porambage, et al. X.509 for CoAP [Page 3]
Internet-Draft X.509 for CoAP February 2014
document are to be interpreted as described in [RFC2119].
3. Design Requirements
The key design goal is to profile the content and operations of X.509
certificates in such a way to balance the resource constraints of the
devices along with the security requirements. Therefore, we
emphasize the following design requirements: Low memory consumption;
Less complexity of mathematical operations for authentication and
authorization processes; Support interoperability among different
vendor devices. Alternatively, we focus on profiling X.509
certificates according to the specifications of CoAP enabled devices.
4. Overview of the approach
It is obvious that the utilization of X.509 certificates with RSA
public key algorithm would not be a lightweight solution. We can
adjust the size and the complexity of the certificate by changing the
attributes in TBSCertificate part in the original certificates.
Elliptic Curve Cryptography (ECC) algorithms would be suitable
candidate for PKI replacement in X.509 certificates. Alternatively
this could be reusable for digital signature in the certificates too.
For instance the algorithm in Elliptic Curve Qu-Vanstone Implicit
Certificate Scheme (ECQV) would be a feasible solution for this[1].
5. Security Considerations
The following security goals are addressed by the key idea presented
in this draft similar to proposed considerations in
[I-D.draft-schmitt-two-way-authentication-for-iot]:
Authenticity
Recipients of a message can identify their communication partners
and can detect if the sender information has been forged.
Integrity
Communication partners can detect changes to a message during
transmission.
Porambage, et al. X.509 for CoAP [Page 4]
Internet-Draft X.509 for CoAP February 2014
Confidentiality
Attackers cannot gain knowledge about the content of a secured
message.
6. Acknowledgement
This work has been supported by Tekes under Massive Scale Machine-to-
Machine Service (MAMMotH) project and Academy of Finland project
SEMOHealth.
The ongoing work is supported partially by the SmartenIT [2] and the
FLAMINGO [3] projects, funded by the EU FP7 Program under Contract
No. FP7-2012-ICT-317846 and No. FP7-2012-ICT-318488, respectively.
7. Formal Syntax
CoAP - Constrained Application Protocol
DTLS - Datagram Transport Layer Security
ECC - Elliptic Curve Cryptography
ECQV - Elliptic Curve Qu-Vanstone Implicit Certificate Scheme
IETF - Internet Engineering Task Force
M2M - Machine-to-Machine
PKI - Public Key Infrastructure
8. References
8.1. Norminative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, January 2012.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
Porambage, et al. X.509 for CoAP [Page 5]
Internet-Draft X.509 for CoAP February 2014
(CRL) Profile", RFC 5280, May 2008.
[I-D.ietf-core-coap]
Shelby, Z., Hartke, K., and C. Bormann, "Constrained
Application Protocol (CoAP), http://www.ietf.org/
internet-drafts/draft-ietf-core-coap-18.txt",
draft-ietf-core-coap-18 (work in progress), March 2013.
[I-D.ietf-lwig-terms]
Bormann, C. and M. Ersue, "Terminology for Constrained
Node Networks, http://www.ietf.org/internet-drafts/
draft-ietf-lwig-terms-00.txt", draft-bormann-lwig-terms-00
(work in progress), November 2012.
[I-D.draft-schmitt-two-way-authentication-for-iot]
Schmitt, C. and B. Stiller, "DTLS-based Security with two-
way Authentication for IoT, http://www.ietf.org/id/
draft-schmitt-two-way-authentication-for-iot-02.txt",
draft-schmitt-two-way-authentication-for-iot-02 (work in
progress), February 2014.
8.2. Informative References
[1] "Elliptic Curve Qu-Vanstone Implicit Certificate Scheme
(ECQV), v0.97,
http://www.secg.org/download/aid-785/sec4-0.97.pdf",
SEC 4, March 2011.
[2] SmartenIT Consortium, "Socially-aware Management of New
Overlay Application Traffic combined with Energy
Efficiency in the Internet (SmartenIT),
http://www.smartenit.eu/", 20103.
[3] Flamingo Consortium, "FLAMINGO - Management of the Future
Internet, http://www.fp7-flamingo.eu/", 2013.
Authors' Addresses
Pawani Porambage
University of Oulou
P.O. Box 4500
Oulu 90014
Finland
Email: pporamba@ee.oulu.fi
Porambage, et al. X.509 for CoAP [Page 6]
Internet-Draft X.509 for CoAP February 2014
Corinna Schmitt
Univerity of Zurich
Department for Informatics
Communication Systems Group
Binzmuehlestrasse 14
Zurich 8050
Switzerland
Email: schmitt@ifi.uzh.ch
Andrei Gurtov
Aalto University
Otakaari 1
Espoo 02150
Finland
Email: gurtov@hiit.fi
Stefanie Gerdes
Universitaet Bremen TZI
Postfach 330440
Bremen 28359
Germany
Email: gerdes@tzi.org
Porambage, et al. X.509 for CoAP [Page 7]