draft-ietf-hip-dex-01.txt   draft-ietf-hip-dex-02.txt 
HIP WG R. Moskowitz, Ed. HIP WG R. Moskowitz, Ed.
Internet-Draft HTT Consulting Internet-Draft HTT Consulting
Intended status: Standards Track R. Hummen Intended status: Standards Track R. Hummen
Expires: September 22, 2016 COMSYS, RWTH Aachen Expires: September 22, 2016 Hirschmann Automation and Control
March 21, 2016 March 21, 2016
HIP Diet EXchange (DEX) HIP Diet EXchange (DEX)
draft-ietf-hip-dex-01 draft-ietf-hip-dex-02
Abstract Abstract
This document specifies the Host Identity Protocol Diet EXchange (HIP This document specifies the Host Identity Protocol Diet EXchange (HIP
DEX), a variant of the Host Identity Protocol Version 2 (HIPv2). The DEX), a variant of the Host Identity Protocol Version 2 (HIPv2). The
HIP DEX protocol design aims at reducing the overhead of the employed HIP DEX protocol design aims at reducing the overhead of the employed
cryptographic primitives by omitting public-key signatures and hash cryptographic primitives by omitting public-key signatures and hash
functions. In doing so, the main goal is to still deliver similar functions. In doing so, the main goal is to still deliver similar
security properties to HIPv2. security properties to HIPv2.
skipping to change at page 3, line 21 skipping to change at page 3, line 21
6.7. Processing Incoming I2 Packets . . . . . . . . . . . . . 34 6.7. Processing Incoming I2 Packets . . . . . . . . . . . . . 34
6.8. Processing Incoming R2 Packets . . . . . . . . . . . . . 37 6.8. Processing Incoming R2 Packets . . . . . . . . . . . . . 37
6.9. Processing Incoming NOTIFY Packets . . . . . . . . . . . 38 6.9. Processing Incoming NOTIFY Packets . . . . . . . . . . . 38
6.10. Processing UPDATE, CLOSE, and CLOSE_ACK Packets . . . . . 39 6.10. Processing UPDATE, CLOSE, and CLOSE_ACK Packets . . . . . 39
6.11. Handling State Loss . . . . . . . . . . . . . . . . . . . 39 6.11. Handling State Loss . . . . . . . . . . . . . . . . . . . 39
7. HIP Policies . . . . . . . . . . . . . . . . . . . . . . . . 39 7. HIP Policies . . . . . . . . . . . . . . . . . . . . . . . . 39
8. Security Considerations . . . . . . . . . . . . . . . . . . . 39 8. Security Considerations . . . . . . . . . . . . . . . . . . . 39
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 40 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 40
10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 41 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 41
11. Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . 41 11. Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . 41
11.1. Changes in draft-ietf-hip-dex-01 . . . . . . . . . . . . 41 11.1. Changes in draft-ietf-hip-dex-02 . . . . . . . . . . . . 41
11.2. Changes in draft-ietf-hip-dex-00 . . . . . . . . . . . . 41 11.2. Changes in draft-ietf-hip-dex-01 . . . . . . . . . . . . 41
11.3. Changes in draft-moskowitz-hip-rg-dex-06 . . . . . . . . 41 11.3. Changes in draft-ietf-hip-dex-00 . . . . . . . . . . . . 41
11.4. Changes in draft-moskowitz-hip-dex-00 . . . . . . . . . 42 11.4. Changes in draft-moskowitz-hip-rg-dex-06 . . . . . . . . 41
11.5. Changes in draft-moskowitz-hip-dex-01 . . . . . . . . . 42 11.5. Changes in draft-moskowitz-hip-dex-00 . . . . . . . . . 42
11.6. Changes in draft-moskowitz-hip-dex-02 . . . . . . . . . 42 11.6. Changes in draft-moskowitz-hip-dex-01 . . . . . . . . . 42
11.7. Changes in draft-moskowitz-hip-dex-03 . . . . . . . . . 43 11.7. Changes in draft-moskowitz-hip-dex-02 . . . . . . . . . 42
11.8. Changes in draft-moskowitz-hip-dex-04 . . . . . . . . . 43 11.8. Changes in draft-moskowitz-hip-dex-03 . . . . . . . . . 43
11.9. Changes in draft-moskowitz-hip-dex-04 . . . . . . . . . 43
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 43 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 43
12.1. Normative References . . . . . . . . . . . . . . . . . . 43 12.1. Normative References . . . . . . . . . . . . . . . . . . 43
12.2. Informative References . . . . . . . . . . . . . . . . . 44 12.2. Informative References . . . . . . . . . . . . . . . . . 44
Appendix A. Password-based two-factor authentication during Appendix A. Password-based two-factor authentication during
the HIP DEX handshake . . . . . . . . . . . . . . . 47 the HIP DEX handshake . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47
1. Introduction 1. Introduction
This document specifies the Host Identity Protocol Diet EXchange (HIP This document specifies the Host Identity Protocol Diet EXchange (HIP
skipping to change at page 41, line 36 skipping to change at page 41, line 36
11. Changelog 11. Changelog
This section summarizes the changes made from draft-moskowitz-hip-rg- This section summarizes the changes made from draft-moskowitz-hip-rg-
dex-05, which was the first stable version of the draft. Note that dex-05, which was the first stable version of the draft. Note that
the draft was renamed after draft-moskowitz-hip-rg-dex-06. the draft was renamed after draft-moskowitz-hip-rg-dex-06.
The draft was then renamed from draft-moskowitz-hip-dex to draft- The draft was then renamed from draft-moskowitz-hip-dex to draft-
ietf-hip-dex. ietf-hip-dex.
11.1. Changes in draft-ietf-hip-dex-01 11.1. Changes in draft-ietf-hip-dex-02
o Author address change.
11.2. Changes in draft-ietf-hip-dex-01
o Added the new ECDH groups of Curve2519 and Curve448 from RFC 7748. o Added the new ECDH groups of Curve2519 and Curve448 from RFC 7748.
11.2. Changes in draft-ietf-hip-dex-00 11.3. Changes in draft-ietf-hip-dex-00
o The Internet Draft was adopted by the HIP WG. o The Internet Draft was adopted by the HIP WG.
11.3. Changes in draft-moskowitz-hip-rg-dex-06 11.4. Changes in draft-moskowitz-hip-rg-dex-06
o A major change in the ENCRYPT parameter to use AES-CTR rather than o A major change in the ENCRYPT parameter to use AES-CTR rather than
AES-CBC. AES-CBC.
11.4. Changes in draft-moskowitz-hip-dex-00 11.5. Changes in draft-moskowitz-hip-dex-00
o Draft name change. HIPRG ended in IRTF, HIP DEX is now individual o Draft name change. HIPRG ended in IRTF, HIP DEX is now individual
submission. submission.
o Added the change section. o Added the change section.
o Added a Definitions section. o Added a Definitions section.
o Changed I2 and R2 packets to reflect use of AES-CTR for o Changed I2 and R2 packets to reflect use of AES-CTR for
ENCRYPTED_KEY parameter. ENCRYPTED_KEY parameter.
o Cleaned up KEYMAT Generation text. o Cleaned up KEYMAT Generation text.
o Added Appendix with C code for the ECDH shared secret generation o Added Appendix with C code for the ECDH shared secret generation
on an 8 bit processor. on an 8 bit processor.
11.5. Changes in draft-moskowitz-hip-dex-01 11.6. Changes in draft-moskowitz-hip-dex-01
o Numerous editorial changes. o Numerous editorial changes.
o New retransmission strategy. o New retransmission strategy.
o New HIT generation mechanism. o New HIT generation mechanism.
o Modified layout of ENCRYPTED_KEY parameter. o Modified layout of ENCRYPTED_KEY parameter.
o Clarify to use puzzle difficulty of zero under normal network o Clarify to use puzzle difficulty of zero under normal network
skipping to change at page 42, line 46 skipping to change at page 42, line 46
MUST). MUST).
o Align inclusion of TRANSPORT_FORMAT_LIST with HIPv2 (added to R1 o Align inclusion of TRANSPORT_FORMAT_LIST with HIPv2 (added to R1
and I2). and I2).
o HIP_CIPHER, HIT_SUITE_LIST, and TRANSPORT_FORMAT_LIST must now be o HIP_CIPHER, HIT_SUITE_LIST, and TRANSPORT_FORMAT_LIST must now be
echoed in R2 packet. echoed in R2 packet.
o Added new author. o Added new author.
11.6. Changes in draft-moskowitz-hip-dex-02 11.7. Changes in draft-moskowitz-hip-dex-02
o Introduced formal definition of FOLD function. o Introduced formal definition of FOLD function.
o Clarified use of CMAC for puzzle computation in section "Solving o Clarified use of CMAC for puzzle computation in section "Solving
the Puzzle". the Puzzle".
o Several editorial changes. o Several editorial changes.
11.7. Changes in draft-moskowitz-hip-dex-03 11.8. Changes in draft-moskowitz-hip-dex-03
o Addressed HI crypto agility. o Addressed HI crypto agility.
o Clarified purpose of secret exchanged via ENCRYPTED_KEY parameter. o Clarified purpose of secret exchanged via ENCRYPTED_KEY parameter.
o Extended the IV in the ENCRYPTED_KEY parameter. o Extended the IV in the ENCRYPTED_KEY parameter.
o Introduced forward-references to HIP DEX KEYMAT process and o Introduced forward-references to HIP DEX KEYMAT process and
improved KEYMAT section. improved KEYMAT section.
o Replaced Appendix A on "C code for ECC point multiplication" with o Replaced Appendix A on "C code for ECC point multiplication" with
short discussion in introduction. short discussion in introduction.
o Updated references. o Updated references.
o Further editorial changes. o Further editorial changes.
11.8. Changes in draft-moskowitz-hip-dex-04 11.9. Changes in draft-moskowitz-hip-dex-04
o Improved retransmission extension. o Improved retransmission extension.
o Updated and strongly revised packet processing rules. o Updated and strongly revised packet processing rules.
o Updated security considerations. o Updated security considerations.
o Updated IANA considerations. o Updated IANA considerations.
o Move the HI Algorithm for ECDH to a value of 11. o Move the HI Algorithm for ECDH to a value of 11.
skipping to change at page 47, line 34 skipping to change at page 47, line 34
Authors' Addresses Authors' Addresses
Robert Moskowitz (editor) Robert Moskowitz (editor)
HTT Consulting HTT Consulting
Oak Park, MI Oak Park, MI
USA USA
EMail: rgm@htt-consult.com EMail: rgm@htt-consult.com
Rene Hummen Rene Hummen
Chair of Communication and Distributed Systems, RWTH Aachen Hirschmann Automation and Control
Ahornstrasse 55 Stuttgarter Strasse 45-51
Aachen 52074 Neckartenzlingen 72654
Germany Germany
EMail: hummen@comsys.rwth-aachen.de EMail: rene.hummen@belden.com
URI: http://www.comsys.rwth-aachen.de/team/rene-hummen/
 End of changes. 13 change blocks. 
21 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.44. The latest version is available from http://tools.ietf.org/tools/rfcdiff/