CommandInterest » History » Version 6
Davide Pesavento, 04/02/2018 07:14 PM
1 | 1 | Yingdi Yu | CommandInterest |
---|---|---|---|
2 | =============== |
||
3 | |||
4 | **Command Interest** is an extension of [[SignedInterest|Signed Interest]]. |
||
5 | |||
6 | 2 | Yingdi Yu | As a signed interest, a command interest encodes the SignatureInfo and SignatureValue into the last two components of the Interest name. |
7 | 1 | Yingdi Yu | |
8 | +-------------+----------+-----------------------------------------------------------------------------------+ |
||
9 | | Interest | Interest | +------+--------+--------------------------------------------------+ +----------+ | |
||
10 | | Type (0x01) | length | | Name | Name | +---------+-- --+---------+---------+---------+| | Other | | |
||
11 | | | | | Type | Length | |Component| ... |Component|Component|Component|| | TLVs ... | | |
||
12 | | | | | | | | TLV 1 | | TLV n-2 | TLV n-1 | TLV n || | in | | |
||
13 | | | | | | | +---------+-- --+---------+---------+---------+| | Interest | | |
||
14 | | | | +------+--------+--------------------------------------------------+ +----------+ | |
||
15 | +-------------+----------+-----------------------------------------------------------------------------------+ |
||
16 | |||
17 | \ /\ / |
||
18 | ---------------- ------------------ --- --- |
||
19 | \/ \/ |
||
20 | Signed portion of Interest Signature |
||
21 | |||
22 | |||
23 | 2 | Yingdi Yu | A command interest must prevent replay attack, therefore a command interest may encode additional components before the SignatureInfo component. |
24 | Depending on specific communication models, the command interest may introduce different name components. |
||
25 | We introduce one of the simplest solutions, **stop-and-wait**: |
||
26 | 1 | Yingdi Yu | |
27 | 2 | Yingdi Yu | ## stop-and-wait |
28 | |||
29 | A stop-and-wait command interest introduces two additional components: |
||
30 | |||
31 | 1 | Yingdi Yu | * ``<timestamp>`` |
32 | 4 | Davide Pesavento | * ``<random-value>`` (nonce) |
33 | 1 | Yingdi Yu | |
34 | 2 | Yingdi Yu | For example, for ``/command/interest/name`` name, CommandInterest will be defined as: |
35 | 1 | Yingdi Yu | |
36 | 2 | Yingdi Yu | /command/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue> |
37 | 1 | Yingdi Yu | |
38 | 2 | Yingdi Yu | \ /\ / |
39 | ------------ ----------- --------------- -------------- |
||
40 | \/ \/ |
||
41 | Command Interest Extension Components of Signed Interest |
||
42 | 1 | Yingdi Yu | |
43 | ### Timestamp component (n-3 *th*) |
||
44 | |||
45 | 6 | Davide Pesavento | The value of the n-3 *th* component is the Interest's timestamp (in terms of millisecond offset from UTC 1970-01-01 00:00:00) encoded as a [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding). The timestamp may be used to protect against replay attacks. |
46 | 1 | Yingdi Yu | |
47 | ### Nonce component (n-2 *th*) |
||
48 | |||
49 | 6 | Davide Pesavento | The value of the n-2 *th* component is a random value, encoded as a [nonNegativeInteger](http://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding), that adds additional assurances that the Interest will be unique. |
50 | 1 | Yingdi Yu | |
51 | 2 | Yingdi Yu | ### Command Interest Processing |
52 | 1 | Yingdi Yu | |
53 | 2 | Yingdi Yu | **Note that this verification process require signed interest to be received in order. Applications adopting this process may want to take "stop-and-wait" strategy.** |
54 | 1 | Yingdi Yu | |
55 | 2 | Yingdi Yu | On receiving an Interest, the producer, after verifying the packet signature, should treat the Interest as invalid in the following three cases: |
56 | 1 | Yingdi Yu | |
57 | 2 | Yingdi Yu | - one of the two components above (Timestamp and Nonce) is missing or cannot be parsed correctly; |
58 | - the timestamp is **equal or earlier** than the timestamp of the received one has been received before. |
||
59 | 1 | Yingdi Yu | |
60 | 2 | Yingdi Yu | Note that in order to detect this situation, the recipient needs to maintain a *latest timestamp* state for each trusted public key |
61 | (**Since public key cryptography is used, sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clock synchronized**). |
||
62 | For each trusted public key, the state is initialized as the timestamp of the first valid Interest signed by the key. |
||
63 | Since then, the state will be updated every time when the recipient receives a valid signed Interest. |
||
64 | 1 | Yingdi Yu | |
65 | 2 | Yingdi Yu | Note that for the first Interest, the state is not available. |
66 | To handle this special situation, the recipient should check the Interest's timestamp against a grace interval (e.g., 120 seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2]. |
||
67 | The first interest is invalid if its timestamp is outside of the interval. |