Project

General

Profile

CommandInterest » History » Version 10

Davide Pesavento, 06/14/2023 11:58 PM

1 10 Davide Pesavento
**DEPRECATED**: *This document describes a deprecated format for command Interest packets. New applications are strongly encouraged to use the [new Signed Interest format](https://docs.named-data.net/NDN-packet-spec/0.3/signed-interest.html) directly.*
2
3
---
4
5 1 Yingdi Yu
CommandInterest
6 9 Davide Pesavento
===============
7
8 1 Yingdi Yu
**Command Interest** is an extension of [[SignedInterest|Signed Interest]].
9
10 2 Yingdi Yu
As a signed interest, a command interest encodes the SignatureInfo and SignatureValue into the last two components of the Interest name.
11 1 Yingdi Yu
12
    +-------------+----------+-----------------------------------------------------------------------------------+
13
    |  Interest   | Interest | +------+--------+--------------------------------------------------+ +----------+ |
14
    | Type (0x01) |  length  | | Name |  Name  | +---------+--   --+---------+---------+---------+| | Other    | |
15
    |             |          | | Type | Length | |Component|  ...  |Component|Component|Component|| | TLVs ... | |
16
    |             |          | |      |        | |  TLV 1  |       | TLV n-2 | TLV n-1 |  TLV n  || | in       | |
17
    |             |          | |      |        | +---------+--   --+---------+---------+---------+| | Interest | |
18
    |             |          | +------+--------+--------------------------------------------------+ +----------+ |
19
    +-------------+----------+-----------------------------------------------------------------------------------+
20
21
                                                 \                                    /\        /
22
                                                  ----------------  ------------------  ---  ---
23
                                                                  \/                       \/
24
                                                       Signed portion of Interest       Signature
25
26
27 2 Yingdi Yu
A command interest must prevent replay attack, therefore a command interest may encode additional components before the SignatureInfo component.
28
Depending on specific communication models, the command interest may introduce different name components.
29
We introduce one of the simplest solutions, **stop-and-wait**:
30 1 Yingdi Yu
31 2 Yingdi Yu
## stop-and-wait
32
33
A stop-and-wait command interest introduces two additional components:
34
35 1 Yingdi Yu
* ``<timestamp>``
36 4 Davide Pesavento
* ``<random-value>`` (nonce)
37 1 Yingdi Yu
38 2 Yingdi Yu
For example, for ``/command/interest/name`` name, CommandInterest will be defined as:
39 1 Yingdi Yu
 
40 2 Yingdi Yu
     /command/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue>
41 1 Yingdi Yu
42 2 Yingdi Yu
                           \                         /\                               /
43
                            ------------  -----------  ---------------  --------------
44
                                        \/                            \/
45
                           Command Interest Extension  Components of Signed Interest
46 1 Yingdi Yu
47 8 Davide Pesavento
### Timestamp component (*n-3 th*)
48 1 Yingdi Yu
49 8 Davide Pesavento
The value of the *n-3 th* component is the Interest's timestamp (in terms of millisecond offset from UTC 1970-01-01 00:00:00) encoded as a [NonNegativeInteger](https://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding). The timestamp may be used to protect against replay attacks.
50 1 Yingdi Yu
51 8 Davide Pesavento
### Nonce component (*n-2 th*)
52 1 Yingdi Yu
53 8 Davide Pesavento
The value of the *n-2 th* component is a random value, encoded as a [NonNegativeInteger](https://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding), that adds additional assurances that the Interest will be unique.
54 1 Yingdi Yu
55 2 Yingdi Yu
### Command Interest Processing
56 1 Yingdi Yu
57 2 Yingdi Yu
**Note that this verification process require signed interest to be received in order.  Applications adopting this process may want to take "stop-and-wait" strategy.**
58 1 Yingdi Yu
59 7 Davide Pesavento
On receiving an Interest, the producer, after verifying the packet signature, should treat the Interest as invalid in the following cases:
60 1 Yingdi Yu
61 2 Yingdi Yu
- one of the two components above (Timestamp and Nonce) is missing or cannot be parsed correctly;
62
- the timestamp is **equal or earlier** than the timestamp of the received one has been received before.
63 1 Yingdi Yu
64 2 Yingdi Yu
Note that in order to detect this situation, the recipient needs to maintain a *latest timestamp* state for each trusted public key
65
(**Since public key cryptography is used, sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clock synchronized**).
66
For each trusted public key, the state is initialized as the timestamp of the first valid Interest signed by the key.
67
Since then, the state will be updated every time when the recipient receives a valid signed Interest.
68 1 Yingdi Yu
69 2 Yingdi Yu
Note that for the first Interest, the state is not available. 
70
To handle this special situation, the recipient should check the Interest's timestamp against a grace interval (e.g., 120 seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2].
71
The first interest is invalid if its timestamp is outside of the interval.