Project

General

Profile

CommandInterest » History » Version 9

Davide Pesavento, 07/03/2020 12:39 PM

1 1 Yingdi Yu
CommandInterest
2
===============
3
4 9 Davide Pesavento
[**DEPRECATED**: *This document describes a deprecated format for command Interest packets. New applications are strongly encouraged to use the [new Signed Interest format](https://named-data.net/doc/NDN-packet-spec/current/signed-interest.html) directly.*]
5
6 1 Yingdi Yu
**Command Interest** is an extension of [[SignedInterest|Signed Interest]].
7
8 2 Yingdi Yu
As a signed interest, a command interest encodes the SignatureInfo and SignatureValue into the last two components of the Interest name.
9 1 Yingdi Yu
10
    +-------------+----------+-----------------------------------------------------------------------------------+
11
    |  Interest   | Interest | +------+--------+--------------------------------------------------+ +----------+ |
12
    | Type (0x01) |  length  | | Name |  Name  | +---------+--   --+---------+---------+---------+| | Other    | |
13
    |             |          | | Type | Length | |Component|  ...  |Component|Component|Component|| | TLVs ... | |
14
    |             |          | |      |        | |  TLV 1  |       | TLV n-2 | TLV n-1 |  TLV n  || | in       | |
15
    |             |          | |      |        | +---------+--   --+---------+---------+---------+| | Interest | |
16
    |             |          | +------+--------+--------------------------------------------------+ +----------+ |
17
    +-------------+----------+-----------------------------------------------------------------------------------+
18
19
                                                 \                                    /\        /
20
                                                  ----------------  ------------------  ---  ---
21
                                                                  \/                       \/
22
                                                       Signed portion of Interest       Signature
23
24
25 2 Yingdi Yu
A command interest must prevent replay attack, therefore a command interest may encode additional components before the SignatureInfo component.
26
Depending on specific communication models, the command interest may introduce different name components.
27
We introduce one of the simplest solutions, **stop-and-wait**:
28 1 Yingdi Yu
29 2 Yingdi Yu
## stop-and-wait
30
31
A stop-and-wait command interest introduces two additional components:
32
33 1 Yingdi Yu
* ``<timestamp>``
34 4 Davide Pesavento
* ``<random-value>`` (nonce)
35 1 Yingdi Yu
36 2 Yingdi Yu
For example, for ``/command/interest/name`` name, CommandInterest will be defined as:
37 1 Yingdi Yu
 
38 2 Yingdi Yu
     /command/interest/name/<timestamp>/<random-value>/<SignatureInfo>/<SignatureValue>
39 1 Yingdi Yu
40 2 Yingdi Yu
                           \                         /\                               /
41
                            ------------  -----------  ---------------  --------------
42
                                        \/                            \/
43
                           Command Interest Extension  Components of Signed Interest
44 1 Yingdi Yu
45 8 Davide Pesavento
### Timestamp component (*n-3 th*)
46 1 Yingdi Yu
47 8 Davide Pesavento
The value of the *n-3 th* component is the Interest's timestamp (in terms of millisecond offset from UTC 1970-01-01 00:00:00) encoded as a [NonNegativeInteger](https://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding). The timestamp may be used to protect against replay attacks.
48 1 Yingdi Yu
49 8 Davide Pesavento
### Nonce component (*n-2 th*)
50 1 Yingdi Yu
51 8 Davide Pesavento
The value of the *n-2 th* component is a random value, encoded as a [NonNegativeInteger](https://named-data.net/doc/NDN-packet-spec/current/tlv.html#non-negative-integer-encoding), that adds additional assurances that the Interest will be unique.
52 1 Yingdi Yu
53 2 Yingdi Yu
### Command Interest Processing
54 1 Yingdi Yu
55 2 Yingdi Yu
**Note that this verification process require signed interest to be received in order.  Applications adopting this process may want to take "stop-and-wait" strategy.**
56 1 Yingdi Yu
57 7 Davide Pesavento
On receiving an Interest, the producer, after verifying the packet signature, should treat the Interest as invalid in the following cases:
58 1 Yingdi Yu
59 2 Yingdi Yu
- one of the two components above (Timestamp and Nonce) is missing or cannot be parsed correctly;
60
- the timestamp is **equal or earlier** than the timestamp of the received one has been received before.
61 1 Yingdi Yu
62 2 Yingdi Yu
Note that in order to detect this situation, the recipient needs to maintain a *latest timestamp* state for each trusted public key
63
(**Since public key cryptography is used, sharing private keys is not recommended. If private key sharing is inevitable, it is the key owner's responsibility to keep clock synchronized**).
64
For each trusted public key, the state is initialized as the timestamp of the first valid Interest signed by the key.
65
Since then, the state will be updated every time when the recipient receives a valid signed Interest.
66 1 Yingdi Yu
67 2 Yingdi Yu
Note that for the first Interest, the state is not available. 
68
To handle this special situation, the recipient should check the Interest's timestamp against a grace interval (e.g., 120 seconds) [current\_timestamp - interval/2, current\_timestamp + interval/2].
69
The first interest is invalid if its timestamp is outside of the interval.