Robert Cragie writes: > If the command ID is encrypted, a KeyUsageDescriptor for a MAC > command frame can no longer be used.
KeyUsageDescriptors can be checked after the frame has been decrypted. This is how most of the other security protocols do things (for example IPsec), i.e. you use information in the frame to pick up the security association, you verify MIC and decrypt packet, and after that you verify that the packet matches the security policies. > This should be made clear. In the 802.15.4rev we did make this clear by moving the security level descriptor and key usage policy checks after the unsecuring the frame. > This has implications for policing frames, especially MAC command > frames. Yes. On the other hand all implementors who we polled did say that they do not support frames where we first have encrypted Payload IEs and then unencrypted MAC Command ID, and then again encrypted MAC command Content field. Supporting such frames would be possible, but would be bit complicated, as you would need to do following: - Parse MHR and Header IEs to find the start of MAC Payload - Decrypt the MAC Payload, but keep copy of the encrypted MAC Payload - Parse the Payload IEs to find the length of them. - Fetch the clear text Command ID from the encrypted MAC Payload part from the offset found out in previous step. Even in this case you would need to decrypt the frame first before you can run the security level descriptor and key usage policy checks, as you do not know the length of Payload IEs before you have decrypted the frame. You can check what the incoming frame security procedure looks like from the https://mentor.ieee.org/802.15/dcn/15/15-15-0275-00-0mag-security-functional-description-from-p802-15-4-revc-df5.pdf document (note, that there is typo in 9.2.3 step M, the 9.2.9 should be 9.2.10). The way how frame is splitted to encrypted and clear text parts in 802.15.4rev is to say that in general Private Payload field is set to the MAC Payload Field, and Open Payload field is set to empty. This means the whole MAC Payload field will be encrypted. Then there are two exceptions to that general rule in table 147. Those exceptions are: +-----------------------+-----------------------+--------------------------+ | Frame type | Private Payload field | Open Payload field | +-----------------------+-----------------------+--------------------------+ | Beacon | Beacon Payload field | All other fields in | | (Frame Version < 2) | | the MAC Payload field | +-----------------------+-----------------------+--------------------------+ | MAC Command | Content field | Command Identifier field | | (Frame Version < 2) | | | +-----------------------+-----------------------+--------------------------+ -- [email protected] _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
