Project

General

Profile

CommandInterest » History » Revision 5

Revision 4 (Davide Pesavento, 04/02/2018 07:12 PM) → Revision 5/10 (Davide Pesavento, 04/02/2018 07:13 PM)

CommandInterest 
 =============== 

 **Command Interest** is an extension of [[SignedInterest|Signed Interest]]. 

 As a signed interest, a command interest encodes the SignatureInfo and SignatureValue into the last two components of the Interest name. 

     +-------------+----------+-----------------------------------------------------------------------------------+ 
     |    Interest     | Interest | +------+--------+--------------------------------------------------+ +----------+ | 
     | Type (0x01) |    length    | | Name |    Name    | +---------+--     --+---------+---------+---------+| | Other      | | 
     |               |            | | Type | Length | |Component|    ...    |Component|Component|Component|| | TLVs ... | | 
     |               |            | |        |          | |    TLV 1    |         | TLV n-2 | TLV n-1 |    TLV n    || | in         | | 
     |               |            | |        |          | +---------+--     --+---------+---------+---------+| | Interest | | 
     |               |            | +------+--------+--------------------------------------------------+ +----------+ | 
     +-------------+----------+-----------------------------------------------------------------------------------+ 

                                                  \                                      /\          / 
                                                   ----------------    ------------------    ---    --- 
                                                                   \/                         \/ 
                                                        Signed portion of Interest         Signature 


 A command interest must prevent replay attack, therefore a command interest may encode additional components before the SignatureInfo component. 
 Depending on specific communication models, the command interest may introduce different name components. 
 We introduce one of the simplest solutions, **stop-and-wait**: 

 ## stop-and-wait 

 A stop-and-wait command interest introduces two additional components: 

 * ``<timestamp>`` 
 * ``<random-value>`` (nonce) 

 For example, for ``/command/interest/name`` name, CommandInterest will be defined as: 
 
      /command/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue> 

                            \                           /\                                 / 
                             ------------    -----------    ---------------    -------------- 
                                         \/                              \/ 
                            Command Interest Extension    Components of Signed Interest 

 ### Timestamp component (n-3 *th*) 

 The value of the n-3 *th* component is the interest's timestamp (in terms of millisecond offset from UTC 1970-01-01 00:00:00) encoded as a [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding).  
 The timestamp may be used to protect against replay attacks. 

 ### Nonce component (n-2 *th*) 

 The value of the n-2 *th* component is a random value, encoded value (encoded as [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding), [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding)) that adds additional assurances that the Interest will be unique. 

 ### Command Interest Processing 

 **Note that this verification process require signed interest to be received in order.    Applications adopting this process may want to take "stop-and-wait" strategy.** 

 On receiving an Interest, the producer, after verifying the packet signature, should treat the Interest as invalid in the following three cases: 

 - one of the two components above (Timestamp and Nonce) is missing or cannot be parsed correctly; 
 - the timestamp is **equal or earlier** than the timestamp of the received one has been received before. 

 Note that in order to detect this situation, the recipient needs to maintain a *latest timestamp* state for each trusted public key 
 (**Since public key cryptography is used, sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clock synchronized**). 
 For each trusted public key, the state is initialized as the timestamp of the first valid Interest signed by the key. 
 Since then, the state will be updated every time when the recipient receives a valid signed Interest. 

 Note that for the first Interest, the state is not available.  
 To handle this special situation, the recipient should check the Interest's timestamp against a grace interval (e.g., 120 seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2]. 
 The first interest is invalid if its timestamp is outside of the interval.