Eric Newberry | 6b2cb79 | 2020-06-28 13:05:24 -0700 | [diff] [blame] | 1 | Signed Interest Version 0.2 (DEPRECATED) |
| 2 | ======================================== |
| 3 | |
| 4 | .. warning:: |
| 5 | This document describes a deprecated format for signed Interest packets. The current format can |
| 6 | be found in the |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 7 | `NDN Packet Specification <https://docs.named-data.net/NDN-packet-spec/current/signed-interest.html>`__. |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 8 | |
| 9 | **Signed Interest** is a mechanism to issue an authenticated interest. |
| 10 | |
| 11 | The signature of a signed Interest packet is embedded into the last component of the Interest |
| 12 | name. The signature covers a continuous block starting from the first name component TLV to the |
| 13 | penultimate name component TLV: |
| 14 | |
| 15 | :: |
| 16 | |
| 17 | +-------------+----------+-----------------------------------------------------------------------------------+ |
| 18 | | Interest | Interest | +------+--------+--------------------------------------------------+ +----------+ | |
Davide Pesavento | 933a567 | 2020-07-03 22:32:43 -0400 | [diff] [blame] | 19 | | Type (0x05) | length | | Name | Name | +---------+-- --+---------+---------+---------+| | Other | | |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 20 | | | | | Type | Length | |Component| ... |Component|Component|Component|| | TLVs ... | | |
| 21 | | | | | | | | TLV 1 | | TLV n-2 | TLV n-1 | TLV n || | in | | |
| 22 | | | | | | | +---------+-- --+---------+---------+---------+| | Interest | | |
| 23 | | | | +------+--------+--------------------------------------------------+ +----------+ | |
| 24 | +-------------+----------+-----------------------------------------------------------------------------------+ |
| 25 | |
| 26 | \ /\ / |
| 27 | ---------------- ------------------ --- --- |
| 28 | \/ \/ |
| 29 | Signed portion of Interest Signature |
| 30 | |
| 31 | More specifically, the SignedInterest is defined to have four additional components: |
| 32 | |
Davide Pesavento | 933a567 | 2020-07-03 22:32:43 -0400 | [diff] [blame] | 33 | - ``timestamp`` |
| 34 | - ``nonce`` |
| 35 | - ``SignatureInfo`` |
| 36 | - ``SignatureValue`` |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 37 | |
Davide Pesavento | 933a567 | 2020-07-03 22:32:43 -0400 | [diff] [blame] | 38 | For example, for ``/signed/interest/name`` name, CommandInterest will be defined as:: |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 39 | |
| 40 | /signed/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue> |
| 41 | |
| 42 | \ / |
| 43 | ----------------------------- -------------------------- |
| 44 | \/ |
| 45 | Additional components of Signed Interest |
| 46 | |
| 47 | Signed Interest specific Name components |
| 48 | ---------------------------------------- |
| 49 | |
| 50 | Timestamp component (n-3 *th*) |
| 51 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 52 | |
| 53 | The value of the n-3 *th* component is the interest's timestamp (in terms of millisecond offset |
| 54 | from UTC 1970-01-01 00:00:00) encoded as |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 55 | `NonNegativeInteger <https://docs.named-data.net/NDN-packet-spec/0.2.1/tlv.html#non-negative-integer-encoding>`__. |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 56 | The timestamp may be used to protect against replay attack. |
| 57 | |
| 58 | Nonce component (n-2 *th*) |
| 59 | ~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 60 | |
| 61 | The value of the n-2 *th* component is random value (encoded as |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 62 | `NonNegativeInteger <https://docs.named-data.net/NDN-packet-spec/0.2.1/tlv.html#non-negative-integer-encoding>`__) |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 63 | that adds additional assurances that the interest will be unique. |
| 64 | |
| 65 | SignatureInfo component (n-1 *th*) |
| 66 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 67 | |
| 68 | The value of the n-1 *th* component is actually a |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 69 | `SignatureInfo <https://docs.named-data.net/NDN-packet-spec/0.2.1/signature.html>`__ TLV. |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 70 | |
| 71 | :: |
| 72 | |
| 73 | +---------+---------+-------------------+ |
| 74 | |Component|Component| +---------------+ | |
| 75 | | Type | Length | | SignatureInfo | | |
| 76 | | | | | TLV | | |
| 77 | | | | +---------------+ | |
| 78 | +---------+---------+-------------------+ |
| 79 | |
| 80 | | | |
| 81 | |<---------The n-1 th Component-------->| |
| 82 | |
| 83 | SignatureValue component (n *th*) |
| 84 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 85 | |
| 86 | The value of the n *th* component is actually a |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 87 | `SignatureValue <https://docs.named-data.net/NDN-packet-spec/0.2.1/signature.html>`__ TLV. |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 88 | |
| 89 | :: |
| 90 | |
| 91 | +---------+---------+--------------------+ |
| 92 | |Component|Component| +----------------+ | |
| 93 | | Type | Length | | SignatureValue | | |
| 94 | | | | | TLV | | |
| 95 | | | | +----------------+ | |
| 96 | +---------+---------+--------------------+ |
| 97 | |
| 98 | | | |
| 99 | |<----------The n th Component---------->| |
| 100 | |
| 101 | Signed Interest processing |
| 102 | -------------------------- |
| 103 | |
| 104 | On receiving an Interest, the producer, according to the Interest name prefix, should be able |
| 105 | to tell whether the Interest is required to be signed. If the received Interest is supposed to |
| 106 | be signed, it will be treated as invalid in the following three cases: |
| 107 | |
| 108 | - one of the four components above (Timestamp, Nonce, SignatureValue, and SignatureInfo) is |
| 109 | missing or cannot be parsed correctly; |
| 110 | - the key is not trusted for signing the Interest; |
| 111 | - the signature cannot be verified with the public key pointed by the |
Davide Pesavento | 02ed332 | 2023-02-23 19:40:22 -0500 | [diff] [blame] | 112 | `KeyLocator <https://docs.named-data.net/NDN-packet-spec/0.2.1/signature.html#keylocator>`__ in |
Yingdi Yu | 4e99f53 | 2014-08-25 19:40:57 -0700 | [diff] [blame] | 113 | SignatureInfo. |
| 114 | |
| 115 | Recipients of a signed interest may further check the timestamp and the uniqueness of the |
| 116 | signed interest (e.g., when the signed interest carries a command). In this case, a signed |
| 117 | interest may be treated as invalid if : |
| 118 | |
| 119 | - a valid signed Interest whose timestamp is **equal or later** than the timestamp of the |
| 120 | received one has been received before. |
| 121 | |
| 122 | Note that in order to detect this situation, the recipient needs to maintain a *latest |
| 123 | timestamp* state for each trusted public key (**Since public key cryptography is used, sharing |
| 124 | private keys is not recommended. If private key sharing is inevitable, it is the key owner's |
| 125 | responsibility to keep clock synchronized**). For each trusted public key, the state is |
| 126 | initialized as the timestamp of the first valid Interest signed by the key. Since then, the |
| 127 | state will be updated every time when the recipient receives a valid signed Interest. |
| 128 | |
| 129 | Note that for the first Interest, the state is not available. To handle this special situation, |
| 130 | the recipient should check the Interest's timestamp against a grace interval (e.g., 120 |
| 131 | seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2]. The first interest |
| 132 | is invalid if its timestamp is outside of the interval. |