https://redmine.named-data.net/https://redmine.named-data.net/favicon.ico?14759811232018-04-29T16:31:12ZNDN project issue tracking systemNDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=231392018-04-29T16:31:12ZJunxiao Shi
<ul><li><strong>Blocks</strong> <i><a class="issue tracker-2 status-1 priority-2 priority-default" href="/issues/4600">Feature #4600</a>: Redesign NFD Management protocol to use ApplicationParameters</i> added</li></ul> NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=235192018-06-22T16:50:01ZDavide Pesavento
<ul><li><strong>Tracker</strong> changed from <i>Task</i> to <i>Feature</i></li></ul> NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=239302018-08-27T15:45:38ZJunxiao Shi
<ul><li><strong>Blocks</strong> <i><a class="issue tracker-2 status-5 priority-2 priority-default closed" href="/issues/4649">Feature #4649</a>: Include PrefixAnnouncement in prefix registration commands</i> added</li></ul> NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=240092018-09-09T09:44:03ZJunxiao Shi
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>In Progress</i></li><li><strong>Assignee</strong> set to <i>Alex Afanasyev</i></li></ul><p><a href="https://gerrit.named-data.net/#/c/NDN-TLV/+/4942/">https://gerrit.named-data.net/#/c/NDN-TLV/+/4942/</a></p>
NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=244342018-12-12T13:33:42ZJunxiao Shi
<ul></ul><p>On 20181202 call, I pointed out a significant problem with 4942,22:<br>
The ParametersSha256DigestComponent is being used for two purposes: (1) identify Parameters (and possibly SignatureInfo) as basis of signing; (2) ensure every Interest has a different name during forwarding.<br>
As a result, a malicious consumer could modify the SignatureValue and confuse PIT aggregation, triggering a denial-of-service attack that is impossible to detect from the network without having a universal trust schema.</p>
<p>My proposal to fix this problem is:</p>
<ol>
<li>For signing purpose, a digest over Parameters (if present) and SignatureInfo is appended <em>temporarily</em> to the name. This name is used for signing.</li>
<li>After signing, a digest over Parameters (if present), SignatureInfo, and SignatureValue is put into the name and transmitted.</li>
</ol>
NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=245352019-01-13T15:25:42ZJunxiao Shi
<ul><li><strong>Blocks</strong> <i><a class="issue tracker-2 status-5 priority-2 priority-default closed" href="/issues/4804">Feature #4804</a>: Signed Interest v0.3</i> added</li></ul> NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=246642019-02-04T08:57:19ZJunxiao Shi
<ul><li><strong>Blocked by</strong> <i><a class="issue tracker-2 status-5 priority-2 priority-default closed" href="/issues/4831">Feature #4831</a>: Redefine ParametersSha256DigestComponent covered area</i> added</li></ul> NDN Specifications - Feature #4599: Redesign Signed Interest and Command Interest for packet format v0.3https://redmine.named-data.net/issues/4599?journal_id=252462019-04-23T11:52:22ZDavide Pesavento
<ul><li><strong>Subject</strong> changed from <i>Redesign Signed Interest and Command Interest to use Parameters</i> to <i>Redesign Signed Interest and Command Interest for packet format v0.3</i></li><li><strong>Status</strong> changed from <i>In Progress</i> to <i>Closed</i></li><li><strong>Assignee</strong> changed from <i>Alex Afanasyev</i> to <i>Zhiyi Zhang</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul>