CommandInterest » History » Version 3
Davide Pesavento, 04/02/2018 07:09 PM
1 | 1 | Yingdi Yu | CommandInterest |
---|---|---|---|
2 | =============== |
||
3 | |||
4 | **Command Interest** is an extension of [[SignedInterest|Signed Interest]]. |
||
5 | |||
6 | 2 | Yingdi Yu | As a signed interest, a command interest encodes the SignatureInfo and SignatureValue into the last two components of the Interest name. |
7 | 1 | Yingdi Yu | |
8 | +-------------+----------+-----------------------------------------------------------------------------------+ |
||
9 | | Interest | Interest | +------+--------+--------------------------------------------------+ +----------+ | |
||
10 | | Type (0x01) | length | | Name | Name | +---------+-- --+---------+---------+---------+| | Other | | |
||
11 | | | | | Type | Length | |Component| ... |Component|Component|Component|| | TLVs ... | | |
||
12 | | | | | | | | TLV 1 | | TLV n-2 | TLV n-1 | TLV n || | in | | |
||
13 | | | | | | | +---------+-- --+---------+---------+---------+| | Interest | | |
||
14 | | | | +------+--------+--------------------------------------------------+ +----------+ | |
||
15 | +-------------+----------+-----------------------------------------------------------------------------------+ |
||
16 | |||
17 | \ /\ / |
||
18 | ---------------- ------------------ --- --- |
||
19 | \/ \/ |
||
20 | Signed portion of Interest Signature |
||
21 | |||
22 | |||
23 | 2 | Yingdi Yu | A command interest must prevent replay attack, therefore a command interest may encode additional components before the SignatureInfo component. |
24 | Depending on specific communication models, the command interest may introduce different name components. |
||
25 | We introduce one of the simplest solutions, **stop-and-wait**: |
||
26 | 1 | Yingdi Yu | |
27 | 2 | Yingdi Yu | ## stop-and-wait |
28 | |||
29 | A stop-and-wait command interest introduces two additional components: |
||
30 | |||
31 | 1 | Yingdi Yu | * ``<timestamp>`` |
32 | * ``<nonce>`` |
||
33 | |||
34 | 2 | Yingdi Yu | For example, for ``/command/interest/name`` name, CommandInterest will be defined as: |
35 | 1 | Yingdi Yu | |
36 | 2 | Yingdi Yu | /command/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue> |
37 | 1 | Yingdi Yu | |
38 | 2 | Yingdi Yu | \ /\ / |
39 | ------------ ----------- --------------- -------------- |
||
40 | \/ \/ |
||
41 | Command Interest Extension Components of Signed Interest |
||
42 | 1 | Yingdi Yu | |
43 | ### Timestamp component (n-3 *th*) |
||
44 | |||
45 | 3 | Davide Pesavento | The value of the n-3 *th* component is the interest's timestamp (in terms of millisecond offset from UTC 1970-01-01 00:00:00) encoded as a [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding). |
46 | The timestamp may be used to protect against replay attacks. |
||
47 | 1 | Yingdi Yu | |
48 | ### Nonce component (n-2 *th*) |
||
49 | |||
50 | The value of the n-2 *th* component is random value (encoded as [nonNegativeInteger](http://named-data.net/doc/ndn-tlv/tlv.html#non-negative-integer-encoding)) that adds additional assurances that the interest will be unique. |
||
51 | |||
52 | 2 | Yingdi Yu | ### Command Interest Processing |
53 | 1 | Yingdi Yu | |
54 | 2 | Yingdi Yu | **Note that this verification process require signed interest to be received in order. Applications adopting this process may want to take "stop-and-wait" strategy.** |
55 | 1 | Yingdi Yu | |
56 | 2 | Yingdi Yu | On receiving an Interest, the producer, after verifying the packet signature, should treat the Interest as invalid in the following three cases: |
57 | 1 | Yingdi Yu | |
58 | 2 | Yingdi Yu | - one of the two components above (Timestamp and Nonce) is missing or cannot be parsed correctly; |
59 | - the timestamp is **equal or earlier** than the timestamp of the received one has been received before. |
||
60 | 1 | Yingdi Yu | |
61 | 2 | Yingdi Yu | Note that in order to detect this situation, the recipient needs to maintain a *latest timestamp* state for each trusted public key |
62 | (**Since public key cryptography is used, sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clock synchronized**). |
||
63 | For each trusted public key, the state is initialized as the timestamp of the first valid Interest signed by the key. |
||
64 | Since then, the state will be updated every time when the recipient receives a valid signed Interest. |
||
65 | 1 | Yingdi Yu | |
66 | 2 | Yingdi Yu | Note that for the first Interest, the state is not available. |
67 | To handle this special situation, the recipient should check the Interest's timestamp against a grace interval (e.g., 120 seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2]. |
||
68 | The first interest is invalid if its timestamp is outside of the interval. |