Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / aa8b3785d6512c6e72f95997e06ef02228b2be5b / . / docs / specs / signed-interest.rst
blob: 2319e5aa6fc044f27360f7c309b53d30f30c1015 [file] [log] [blame]
Alexander Afanasyevaa8b3782017-01-19 20:04:31 -0800[diff] [blame^]1.. _Signed Interest:
2
Yingdi Yu4e99f532014-08-25 19:40:57 -0700[diff] [blame]3Signed Interest
4===============
5
6**Signed Interest** is a mechanism to issue an authenticated interest.
7
8The signature of a signed Interest packet is embedded into the last component of the Interest
9name. The signature covers a continuous block starting from the first name component TLV to the
10penultimate name component TLV:
11
12::
13
14 +-------------+----------+-----------------------------------------------------------------------------------+
15 | Interest | Interest | +------+--------+--------------------------------------------------+ +----------+ |
16 | Type (0x01) | length | | Name | Name | +---------+-- --+---------+---------+---------+| | Other | |
17 | | | | Type | Length | |Component| ... |Component|Component|Component|| | TLVs ... | |
18 | | | | | | | TLV 1 | | TLV n-2 | TLV n-1 | TLV n || | in | |
19 | | | | | | +---------+-- --+---------+---------+---------+| | Interest | |
20 | | | +------+--------+--------------------------------------------------+ +----------+ |
21 +-------------+----------+-----------------------------------------------------------------------------------+
22
23 \ /\ /
24 ---------------- ------------------ --- ---
25 \/ \/
26 Signed portion of Interest Signature
27
28More specifically, the SignedInterest is defined to have four additional components:
29
30- ``<timestamp>``
31- ``<nonce>``
32- ``<SignatureInfo>``
33- ``<SignatureValue>``
34
35For example, for ``/signed/interest/name`` name, CommandInterest will be defined as:
36
37::
38
39 /signed/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue>
40
41 \ /
42 ----------------------------- --------------------------
43 \/
44 Additional components of Signed Interest
45
46Signed Interest specific Name components
47----------------------------------------
48
49Timestamp component (n-3 *th*)
50~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
51
52The value of the n-3 *th* component is the interest's timestamp (in terms of millisecond offset
53from UTC 1970-01-01 00:00:00) encoded as
54`nonNegativeInteger <http://named-data.net/doc/ndn-tlv/tlv.html#non-negative-integer-encoding>`__.
55The timestamp may be used to protect against replay attack.
56
57Nonce component (n-2 *th*)
58~~~~~~~~~~~~~~~~~~~~~~~~~~
59
60The value of the n-2 *th* component is random value (encoded as
61`nonNegativeInteger <http://named-data.net/doc/ndn-tlv/tlv.html#non-negative-integer-encoding>`__)
62that adds additional assurances that the interest will be unique.
63
64SignatureInfo component (n-1 *th*)
65~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
66
67The value of the n-1 *th* component is actually a
68`SignatureInfo <http://named-data.net/doc/ndn-tlv/signature.html>`__ TLV.
69
70::
71
72 +---------+---------+-------------------+
73 |Component|Component| +---------------+ |
74 | Type | Length | | SignatureInfo | |
75 | | | | TLV | |
76 | | | +---------------+ |
77 +---------+---------+-------------------+
78
79 | |
80 |<---------The n-1 th Component-------->|
81
82SignatureValue component (n *th*)
83~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
84
85The value of the n *th* component is actually a
86`SignatureValue <http://named-data.net/doc/ndn-tlv/signature.html>`__ TLV.
87
88::
89
90 +---------+---------+--------------------+
91 |Component|Component| +----------------+ |
92 | Type | Length | | SignatureValue | |
93 | | | | TLV | |
94 | | | +----------------+ |
95 +---------+---------+--------------------+
96
97 | |
98 |<----------The n th Component---------->|
99
100Signed Interest processing
101--------------------------
102
103On receiving an Interest, the producer, according to the Interest name prefix, should be able
104to tell whether the Interest is required to be signed. If the received Interest is supposed to
105be signed, it will be treated as invalid in the following three cases:
106
107- one of the four components above (Timestamp, Nonce, SignatureValue, and SignatureInfo) is
108 missing or cannot be parsed correctly;
109- the key is not trusted for signing the Interest;
110- the signature cannot be verified with the public key pointed by the
111 `KeyLocator <http://named-data.net/doc/ndn-tlv/signature.html#keylocator>`__ in
112 SignatureInfo.
113
114Recipients of a signed interest may further check the timestamp and the uniqueness of the
115signed interest (e.g., when the signed interest carries a command). In this case, a signed
116interest may be treated as invalid if :
117
118- a valid signed Interest whose timestamp is **equal or later** than the timestamp of the
119 received one has been received before.
120
121Note that in order to detect this situation, the recipient needs to maintain a *latest
122timestamp* state for each trusted public key (**Since public key cryptography is used, sharing
123private keys is not recommended. If private key sharing is inevitable, it is the key owner's
124responsibility to keep clock synchronized**). For each trusted public key, the state is
125initialized as the timestamp of the first valid Interest signed by the key. Since then, the
126state will be updated every time when the recipient receives a valid signed Interest.
127
128Note that for the first Interest, the state is not available. To handle this special situation,
129the recipient should check the Interest's timestamp against a grace interval (e.g., 120
130seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2]. The first interest
131is invalid if its timestamp is outside of the interval.