Initial implementation of IEEE 802.15.4 security#15150
Initial implementation of IEEE 802.15.4 security#15150benpicco merged 6 commits intoRIOT-OS:masterfrom
Conversation
fabian18
requested review from
PeterKietzmann,
cgundogan,
daniel-k,
haukepetersen,
jia200x,
miri64 and
smlng
as code owners
benpicco
added
Area: network
|
Awesome, thank you! I'll look into the other things soon. |
|
I think code-wise makes a lot of sense. My only concern is the dependency from Also, do you think it could make sense to (optionally) expand the what do you think? |
Did this real quick |
That´s the hard question. I could try to add these and see what comes out. Or do you want to add the CAP´s ? |
That could be nice! |
|
btw, I think this could work already out of the box using That means, CC2420 and nrf802154 can be used with full CSMA-CA and retransmissions + security |
I mean ideally we would have a general crypto API that is either backed by a hardware or a software implementation depending on the platform. But that is for another endeavor. I like your idea that the radio driver can 'catch' those netops, so if the radio can handle crypto itself we already get this abstraction for free. |
So as a first step, I should move my |
It shouldn't be necessary, since |
|
Sorry for the long radio silence, I tried to do some interoperability testing, but wasn't very successful on that end.
Anyway so with a
The at86rf233 radio attached to an esp32 also worked fine with encryption. I also noticed nodes can still receive unencrypted frames - that'll be convenient if we want to do some Diffie-Hellman key exchange and have per-node keys 😀 |
benpicco
left a comment
benpicco
left a comment
There was a problem hiding this comment.
A so this is only hooked up to the at86rf2xx driver so far, but it could be hooked up the the sub-MAC and then catch all drivers that implement the radio HAL? (That would be for a later PR)
I'm happy with starting at a basic but solid foundation so we can get results, and make it more practical going forward, so a hard-coded key for all nodes and just supporting a single driver is fine.
But those encrypt and decrypt routines are a bit scary - manipulating buffers with long lists of offsets… if there is a bug in there I wouldn't want to search it.
Those mathematical variable names need explanations, otherwise they are just cryptic.
maribu
left a comment
maribu
left a comment
There was a problem hiding this comment.
Before I again forget to submit my review, here is at least the chunk I looked at so far.
|
|
fabian18
force-pushed
the
ieee802154_security
branch
from
349c24c to
3007905
Compare
fabian18
force-pushed
the
ieee802154_security
branch
from
3007905 to
233c3f6
Compare
fabian18
force-pushed
the
ieee802154_security
branch
from
233c3f6 to
9c45cf1
Compare
|
@miri64 have your comments been addressed? |
| uint32_t frame_counter = byteorder_ntohl( | ||
| byteorder_ltobl((le_uint32_t){aux->fc})); |
There was a problem hiding this comment.
| uint32_t frame_counter = byteorder_ntohl( | |
| byteorder_ltobl((le_uint32_t){aux->fc})); | |
| uint32_t frame_counter = byteorder_ltohl((le_uint32_t){aux->fc}); |
should also work now.
| ahr->scf = _scf(ctx->security_level, ctx->key_id_mode); | ||
| /* If you look in the specification: Annex C, | ||
| integers values are in little endian */ | ||
| ahr->fc = byteorder_btoll(byteorder_htonl(ctx->frame_counter)).u32; |
There was a problem hiding this comment.
| ahr->fc = byteorder_btoll(byteorder_htonl(ctx->frame_counter)).u32; | |
| ahr->fc = byteorder_htoll(ctx->frame_counter).u32; |
feel free to squash directly
benpicco
added
Area: CI
|
🎉 Good to have this in :-) |
|
congratz! One stop closer to the full MAC layer :) |
7 participants
Contribution description
This PR aims to integrate initial IEEE 802.15.4 security support for RIOT.
The implementation waives to use a proper key store to mitigate complexity. Instead it always uses the key that has been set via
NETOPT_ENCRYPTION_KEY. So in terms of specification, the key is always implicitly known (IEEE802154_SCF_KEYMODE_IMPLICIT).This is what I have been using as a reference.
Testing procedure
You can test the implementation with
examples/gnrc_networking, if you addUSEMODULE += ieee802154_securityand tryping6. It is supposed to work with any 802.15.4 radio. If you have anat86rf2xxwithSPI, you can additionally addUSEMODULE += at86rf2xx_aes_spi, if you want to utilize the transceiver´s hardware crypto module.I tested the implementation on two
nucleo-f767ziwith anat86rf233.Issues/PRs references
Could be related to #14950