Gitiles
Code Review Sign In
gerrit.named-data.net / NDN-TLV / 64fa06747df07b9636bf55c035e2edd9307c9894 / . / signed-interest.rst
blob: 2d2dcf38044c0162504265f8e7ee847d458747ac [file] [log] [blame]
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]1.. _Signed Interest:
2
3Signed Interest
4===============
5
6**Signed Interest** is a mechanism to issue an authenticated Interest.
7
Junxiao Shi78ce2952019-05-07 15:34:00 -0400[diff] [blame]8A signed Interest is an Interest where:
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]9
Junxiao Shi78ce2952019-05-07 15:34:00 -0400[diff] [blame]10* Name ends with ``ParametersSha256DigestComponent``.
11* ``InterestSignature`` is present.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]12
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]13See :ref:`InterestSignature` for details on the format of the ``InterestSignature`` element.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]14
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]15Construction of Signed Interests
16--------------------------------
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]17
18The following procedure describes the signing of an Interest:
19
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]20#. Remove all ``ParametersSha256DigestComponent`` components from ``Name`` if present, regardless of the location.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]21
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]22#. If ``ApplicationParameters`` element is absent, append a zero-length ``ApplicationParameters`` element to the Interest.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]23
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]24#. Prepare an ``InterestSignatureInfo`` element and append it at the end of the Interest.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]25
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]26#. Compute the cryptographic signature according to the :ref:`InterestSignature` section.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]27
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]28#. Insert the computed signature as an ``InterestSignatureValue`` element at the end of the Interest.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]29
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]30#. Compute the ``ParametersSha256DigestComponent`` according to the :ref:`ParametersDigestComponent` section and append it at the end of ``Name``.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]31
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]32Processing of Signed Interests
33------------------------------
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]34
35Upon receiving an Interest, the producer, according to the Interest name prefix, should be able to tell whether the Interest is required to be signed.
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]36If the received Interest is required to be signed, the application protocol or the producer should also explicitly define whether ``SignatureNonce``, ``SignatureTime``, and/or ``SignatureSeqNum`` must be present in ``InterestSignatureInfo`` or not.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]37If any of the required elements is missing, treat the Interest as invalid.
38Additionally, a signed Interest must be treated as invalid if any of the following conditions is true:
39
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]40#. The last name component is not ``ParametersSha256DigestComponent``, or its TLV-VALUE is incorrect according to the :ref:`ParametersDigestComponent` section.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]41
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]42#. The ``InterestSignatureInfo`` element is missing or any mandatory sub-element is missing from the ``InterestSignatureInfo`` element.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]43
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]44#. The ``InterestSignatureValue`` element is missing.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]45
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]46#. The signature cannot be cryptographically verified.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]47
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]48#. The key used to create the signature is not trusted for signing the Interest.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]49
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]50#. If ``SignatureTime`` (*t*) is present in the ``InterestSignatureInfo``:
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]51
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]52 Lookup the last recorded ``SignatureTime`` (*t*\ :sub:`0`) used in conjunction with the same key.
53 Use ``CurrentTime - GracePeriod`` if no previous record exists. The recommended grace period is 60 seconds.
54 If *t*\ :sub:`0` >= *t*, consider the Interest as invalid.
55 Set *t*\ :sub:`0` to *t* if the signed Interest has been validated according to this and all other rules.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]56
Davide Pesavento23e340c2021-12-03 04:52:22 -0500[diff] [blame]57 .. note::
58 Sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clocks synchronized.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]59
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]60#. If ``SignatureNonce`` is present:
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]61
62 To perform this check, the recipient must remember a list of ``SignatureNonce`` carried in previously received Signed Interests used in conjunction with the specific signing key.
63 Check whether the ``SignatureNonce`` carried in the current signed Interest is a repetition of a recorded ``SignatureNonce`` used with the same key.
64 If it is a repetition, treat the Interest as invalid.
65 Add the newly received ``SignatureNonce`` into the ``SignatureNonce`` list if the signed Interest has been validated according to this and all other rules.
66
Davide Pesavento23e340c2021-12-03 04:52:22 -0500[diff] [blame]67 .. note::
68 The size of the ``SignatureNonce`` list and the lifetime of each ``SignatureNonce`` remembered by the receiver depend on the application protocol's need.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]69
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]70#. If ``SignatureSeqNum`` (*s*) is present:
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]71
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]72 Lookup the last recorded ``SignatureSeqNum`` (*s*\ :sub:`0`) used in conjunction with the same key.
73 If *s*\ :sub:`0` >= *s*, consider the Interest as invalid.
74 If no previous record exists, check *s* against the application policy.
75 If *s* does not satisfy the application policy, treat the signed Interest as invalid.
76 Set *s*\ :sub:`0` to *s* if the signed Interest has been validated according to this and all other rules.
Zhiyi Zhang0c04fd82018-09-04 16:29:47 -0400[diff] [blame]77
Davide Pesavento23e340c2021-12-03 04:52:22 -0500[diff] [blame]78 .. note::
Davide Pesaventoec288fe2022-11-26 18:28:01 -0500[diff] [blame]79 The first ``SignatureSeqNum`` received is considered valid only if it satisfies the application's policy.
80 For example, application can decide the first ``SeqNum`` can only be a minimum value like 0 or 1, or a value that both sender and receiver agree on.