Hi Behcet, Yes it implements only draft-ietf-tls-oob-pubkey-09 and TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8. It implements the mandatory requirements of draft-ietf-core-coap-18 Section 9.1.3.2. Raw Public Key Certificates.
My changes where recently merged into the main branch of tinydtls. Hauke On 09/05/2013 05:34 PM, Behcet Sarikaya wrote: > I think that Tiny DTLS with raw public key support is good to have. > > My question is: is the implementation following > draft-ietf-tls-oob-pubkey? > > Regards, > > Behcet > > > On Tue, Aug 27, 2013 at 5:52 PM, Hauke Mehrtens <[email protected] > <mailto:[email protected]>> wrote: > > Hi Sye Loong, > > I am using a simulated sensor node in cooja. wismote is a simulated > wireless sensor node which simulates a TI MSP430 with 16kB RAM and 128 > kB Rom, so this suites in the class 1 category. > Currently I am still in the state of getting tinydtls working on the TI > MSP430. > > Hauke > > On 08/27/2013 03:32 AM, Keoh, Sye Loong wrote: > > Hi Hauke, > > > > What is a wismote? Do you have a use case for your work? and what are > > the assumptions of the nodes in your network? Are they class 1 devices > > as defined in the Terminology draft? > > > > Great that you are willing to contribute! > > > > cheers > > Sye Loong > > > > -----Original Message----- From: Hauke Mehrtens > > Sent: Monday, August 26, 2013 10:42 PM > > To: Sye Loong Keoh > > Cc: [email protected] <mailto:[email protected]> ; > [email protected] <mailto:[email protected]> ; > [email protected] <mailto:[email protected]> > > Subject: [SPAM?] Re: [Lwip] Notes on > draft-tschofenig-lwig-tls-minimal-03 > > > > Hi Sye Loong, > > > > I am currently at implementing reordering, it seams to work, but it is > > not committed to github yet. > > > > I am also sending only one message at a time, so a flight contains > many > > UDP packages. > > > > I am currently trying to get it to work in cooja on a simulated > wismote, > > the psk handshake already works, but I still have problems with the > > ECDH_ECDSA handshake, something is probably wrong in the ecc code, on > > x86 it works. Cooja also has a nice tool which shows the stack > usage of > > the application running. > > > > Too bad you can not give me access to your modified tinydtls version. > > > > Most of my code is at github, it misses some of the things that I am > > currently working on and that are not cleaned up right now. > > > > I want to do some measurements similar to the ones, you did for > the psk > > case with ECDH_ECDSA for my master's thesis and I would like to > get them > > integrated into the draft. > > > > Hauke > > > > On 08/26/2013 12:04 PM, Keoh, Sye Loong wrote: > >> Hi Hauke, > >> > >> Thank you for your interest in our draft. It is great to hear > that you > >> are extending TinyDTLS with raw public key support, and this is > indeed > >> the contribution that we needed in this document, as we only had > >> performance and implementation details of PSK in TinyDTLS. > >> > >> At least in your implementation, we needed the re-ordering because > >> messages were not sent using message flights. Each message is sent > >> individually. > >> > >> I am sorry that the the modified TinyDTLS code cannot be made > available > >> due to some constraints that we have. But, we can discuss > specific needs > >> that you have. > >> When you compile and flash the application to the hardware, you > can get > >> the RAM size measurement. > >> > >> Would be great if you could share your implementation details and > >> measurements with us, so that they can be incorporated into our > Internet > >> Draft. > >> > >> cheers > >> Sye Loong > >> > >>>>> > >> Hi Hannes, > >> > >> I have some notes on > >> https://tools.ietf.org/html/draft-tschofenig-lwig-tls-minimal-03 > >> > >> I am working on tinyDTLS and came across some problems. I > extended it to > >> support raw public keys with TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 > on the > >> SECP256R1 curve. The ECC code just supports this specific curve. > >> > >> The ClientHello without a cookie is now 99 Bytes big (value in UDP > >> header) and on ieee802.15.4 it has to be fragmented somewhere. > But to do > >> fragmentation we have to store a state somewhere. > >> > >> For retransmission, instead of storing the whole message you > could store > >> the data which is needed to recreate the message. Data like the > server > >> certificate already has to be stored somewhere. I am planing to > >> implement this. > >> > >> We have a high memory consumption in the handshake process, you could > >> make it possible to be able to just do one handshake at a time, > but have > >> more than one DTLS session open at a time. All these DTLS session > will > >> then share a common memory space to store their temporary handshake > >> data. I am planing to implement this. > >> > >> If you have a pretty reliable medium you could leave out > implementation > >> of reordering, the other peer will resend the messages if a > message will > >> be lost and then the client could start at the position where the > >> package was lost again. This could save some ram to store the > messages. > >> > >> Is the code of the modified tinyDTLS version and a more detailed > >> description of the setup available somewhere? I am planing to so some > >> measurements with tinyDTLS and raw public keys. How was the RAM size > >> measurement done? > >> > >> As already discussed in the meeting the sizes for the tls > implementation > >> are pretty big. I haven't implemented a generic ASN.1 parser, I > am just > >> supporting one type of raw public key, so I am doing a memcmp() to > >> ensure it is the one I excepted, then there is the public key at a > >> constant offset. > >> > >> My tinyDTLS implementation with raw public keys and > >> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 on the SECP256R1 curve is > about 30% > >> bigger then the version just supporting PSK cipher. This > measurement was > >> done on a AMD64 system without any compiler optimization for > size. I am > >> planing to do a better measurement. > >> > >> Hauke > >> > >> [0]: https://github.com/hauke/tinydtls/tree/ecdh-merge > > > > _______________________________________________ > Lwip mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/lwip > > _______________________________________________ Lwip mailing list [email protected] https://www.ietf.org/mailman/listinfo/lwip
