Thanks to all who responded. Thanks Samita for the paper. So with this conversation, I think it makes sense that given the 802.15.4 spec, it is clear that some work needs to be done in making the link layer more secure (or tuning there of) but this may be beyond the scope of our current charter.
The more relevant problem that this WG need to address would be to mention a need for a comprehensive end to end security given that current security protocols were not designed for 6lowpan devices. I will add something along these lines in the draft. Regards, Nandu -----Original Message----- From: gabriel montenegro [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 11, 2005 11:48 PM To: Samita Chakrabarti; Kushalnagar, Nandakishore Cc: [email protected] Subject: Re: [6lowpan] goals draft issues 802.15.4b is improving somewhat the link security. I *believe*, for example, that they have deprecated (or recommended against) CBC-CTR (one of the weaknesses identified in the paper) and recommend CCM* (also recommended by ZigBee according to their public tutorials at their open house events), supposedly a much improved mode. Not sure about other security related changes, but I'm sure there are plenty of 15.4b-savvy folks on this alias. Hopefully, they can respond. It might even be a good idea to have a quick update by one of those folks at the meeting. -gabriel ps - another thing 15.4b is doing is increasing the speed for the sub-1GHz PHYs to bring them up to 250 Kbps. --- Samita Chakrabarti <[EMAIL PROTECTED]> wrote: > > > > From: "Kushalnagar, Nandakishore" <[EMAIL PROTECTED]> > > To: <[email protected]> > > Issue: > > The security considerations are still "TBD". Gabriel Montenegro proposed > mining the security considerations section of the format document for > possible input. > > > > NK: > > I am soliciting for some feedback here as to what this section is > supposed to have? > > Chairs/others? > -------------------------------- > > Hi Nandu, > > In the first meeting of LowPan wg (BOF?), folks brought up the > security consideration issues. It was mentioned that 802.15.4 > link-layer security should be enough. The following paper > depicts some of the problem scenarios with 802.15.4 security: > > http://www.cs.berkeley.edu/~nks/papers/15.4-wise04.pdf > > I was told by a security expert that 802.15.4 security is not > good enough. The above paper recomends a few modifications - does > anyone know if IEEE 802.15.4 workgroup is looking into improving > the link-layer security? > > I don't think IPsec security is a feasible solution on this kind > of small devices where 6lowpan would eventually run. It'd be > interesting to get people's viewpoint on this. > > Since we are routing at the link-layer, it would be better if we > have tighter link-level security and then application level security > using crypto. Perhaps the protocols running on top of LowPan > can run some security protocols that are appropriate for this kind > of network. > > Comments? > > -Samita > > > _______________________________________________ > 6lowpan mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/6lowpan > _______________________________________________ 6lowpan mailing list [email protected] https://www1.ietf.org/mailman/listinfo/6lowpan
