[6tisch] FW: about the secure join process

Lijo Thomas Thu, 17 Sep 2015 06:05:32 -0700

Hi,


 

The PSK method sounds better during the joining process.

Probably JA acts as dummy agent for transferring the joining messages.

 

 

Case 1 : minimal

---------------------

 

JN                                                       JA                     
                                               JCE                              
                                                          

  |                                                        |                    
                                                     |                          
                                               

  |                                                        |                    
                                                     |                          
                                                       

Join Request (JR)    ------------->   JR          -------------------------->   
    Join Request

                                   (Using Key1)                    (K2 
key/layer2 key)

  |                                                        |                    
                                                     |                          
                                               

  |                                                        |                    
                                                     |             

Join Success        <--------------     Join Success    <---------------------  
Join Success 

                          (Key2 encrypted                                 (K2 
key/layer2 key)        (Made an entry for the new node)

                              using Key1)

 

 

Case 2 :  secure 

--------------------

 

JN                                                        JA                    
                                        JCE/PCE/NME                             
                                       

  |                                                        |                    
                                                     |                          
                                               

  |                                                        |                    
                                                     |                          
                                               

Join Request (JR)   ---------------> JR -------------------------->       Check 
for Pre shared key 

                                   (Using Key1)              (K2 key/layer2 key)

  |                                                        |                    
                                                     |                          
                                               

  |                                                        |                    
                                                     |                          
                                               

Join Check <------------------   Join Check  <-------------------------         
    Join Check  

 ( K2 key            (Using Key1)                           (K2 key/layer2 key 
)       (K2 key encrypted 

  decrypted                                                                     
                                    using PSK)

  using PSK )

  |                                                        |                    
                                                     |                          
                                               

  |                                                        |                    
                                                     |                          
                                               

Join Confirm ----------------->  Join Confirm ---------------------------->   
Join Success

                         (Using Key2)                                  (K2 
key/layer2 key)

 

 

 

Pre shared Key (PSK) should be there in the JCE /PCE/NME; if not,  the node is 
denied to join the network;

 

Does case2  make sense ?  Minimum 6 exchanges required in this scenario.

 

Is it possible to get the private keys of different manufacturers? Also how the 
interoperability issue to be addressed .

 

Regards,

Lijo Thomas 


-------------------------------------------------------------------------------------------------------------------------------
[ C-DAC is on Social-Media too. Kindly follow us at:
Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ]

This e-mail is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender by reply e-mail and destroy
all copies and the original message. Any unauthorized review, use,
disclosure, dissemination, forwarding, printing or copying of this email
is strictly prohibited and appropriate legal action will be taken.
-------------------------------------------------------------------------------------------------------------------------------

_______________________________________________
6tisch mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6tisch

[6tisch] FW: about the secure join process

Reply via email to