Pieces to Picture: Security components in the CoRE ecosystem ============================================================ .. figure:: smallslides.png :width: 200 :align: right :alt: Slide preview :target: slides.pdf An overview of the interaction of security components in the CoRE_ ecosystem around CoAP_, and how it can fit with RIOT_; presented 2021-09-09 at the `RIOT Summit`_. Slides ------ `Slides in PDF format`_ Their source code is attached to the slides, licensed under the terms of CC-BY-SA_ (Images are sourced from openclipart_ and game-icons_. the logos may have different terms to its use). Recording --------- The presentation has been recorded and is `available on YouTube`_ (ca. 30 minutes). Q&A / follow-up --------------- * Q: Does EDHOC use public key infrastructure like X.509? A: Not on its own; it can use certificates (X.509, C509_, CWTs) or public keys. From an implementation point of view, it asks a component that deals with certificates to tell it what a certificate means in terms of key material, uses it, and passes on the rest of the certificate. Certificates are typically not transported in EDHOC, but merely referenced. .. _C509: https://datatracker.ietf.org/doc/html/draft-ietf-cose-cbor-encoded-cert-02 * Q: Any ongoing coding effort in ACE-OAUTH outside RIOT? A: (None known by name at implementation time, but...) This was implemented for Contiki and OpenWSN according to the SPOTS_ project; three is also a Java implementation_ built around Californium. (If you know of more, let me know and I'll add them, while there isn't something like https://coap.technology/ for ACE). * Q: Should developers create security IoT products on their own, or rather use dedicated IoT security firms? A: Depends the goals of project. I think that RIOT can have room for both as long as adaequate expectations are set: Much work here is initial implementations of protocols that are just being developed and honed in the process of standardization -- these are often declared as experimental. Implementations done outside of research often benefit from their specification being complete ahead of time. That can often coincide with them being done out of commercial interest, and with having been packaged and reviewed externally (to be included through the pkg system), but does not always. Either way, it is through review by many parties, (including eg. external reviewers pulled in by users who use particular components) that trust in them is built. As with any piece of software, users need to check whether the components they use are appropriate for the job. (During the talk this was only answered in short; text here incorporates continued discussion in the conference chat). * Q: Does multicast OSCORE support signed unencrypted messages? A: It's not planned; I see use cases, but no support for them. Please bring any use cases to the `CoRE list`_! Follow-up: Use cases are `Multi-application Trust-based Task Offloading`_ and `vehicle communication`_; see `list archives`_ for the ongoing discussion. .. _SPOTS: https://www.ucg.ac.me/objava/blog/21682/objava/13446-about-spots .. _implementation: https://bitbucket.org/marco-tiloca-sics/ace-java/ .. _`CoRE list`: mailto:core@ietf.org .. _`issue tracker`: https://github.com/core-wg/oscore-groupcomm/issues .. _`Multi-application Trust-based Task Offloading`: https://raw.githubusercontent.com/MBradbury/publications/master/papers/SAC-DADS2021.pdf .. _`vehicle communication`: https://www.etsi.org/deliver/etsi_en/302600_302699/30263702/01.04.01_60/en_30263702v010401p.pdf .. _RFC7258: https://datatracker.ietf.org/doc/html/rfc7258 .. _`list archives`: https://mailarchive.ietf.org/arch/msg/core/GK4o5YfV-Ns8hhIJqIB-O-1F1Ek/ Links ----- Referenced documents in order of appearance: * `RFC7252: CoAP `_ -- the basic protocol * `RFC8613: OSCORE `_ -- slim shared secret security atop of CoAP * `RFC7252: CoAP-over-DTLS PSK `_ -- slim versatile security below CoAP * `RFC8180: Minimal 6TiSCH, and IEEE 802.15.4 `_ -- shared secret security below 6LoWPAN * `RFC9031: Constrained Join Protocol for 6TiSCH `_ -- key distribution for 6LoWPAN * `draft-ietf-ace-oscore-profile `_ -- key distribution for OSCORE * `RFC8152: COSE -- CBOR Object Signing and Encryptio `_ -- cryptographic building block of many protocols * `RFC8392: CWT -- CBOR Web Toke `_ -- self-contained expressions of authorization * `RFC9019: SUIT -- A Firmware Update Architecture for Internet of Thing `_ -- flexible, self-contained signed firmware images * `draft-ietf-lake-edhoc `_ -- setting up a shared secret from public keys or certificates * `draft-ietf-core-oscore-edhoc `_ -- ... with fewer round trips * `draft-ietf-ace-wg-coap-eap `_ -- setting up a shared secret from everything and the kitchen sink * `draft-friel-tls-atls `_ -- setting up a shared secret with TLS * `RFC8995: BRSKI `_ -- upgrading your vendor certificates to deployment certificates * `draft-ietf-ace-coap-est `_ -- ... run with CoAP * `draft-selander-ace-ake-authz `_ -- getting from a device certificate to a security context for CoJP in just two messages Author contact -------------- Christian Amsüss https://christian.amsuess.com https://etonomy.org .. _CoRE: https://datatracker.ietf.org/wg/core/about/ .. _CoAP: http://coap.technology/ .. _`RIOT Summit`: https://summit.riot-os.org/2021/blog/speakers/christian-amsuss/ .. _`Slides in PDF format`: slides.pdf .. _CC-BY-SA: https://creativecommons.org/licenses/by-sa/4.0/ .. _openclipart: https://openclipart.org/detail/171415/router-symbol .. _game-icons: https://game-icons.net/1x1/delapouite/finger-print.html .. _`available on YouTube`: https://www.youtube.com/watch?v=bj2ks9qbB80&list=PLDXXQJiSjPKGhjXzpc2p_BUSzr5xu0aqs&index=3 .. _RIOT: https://riot-os.org/