Re: Notes on W3C WoT Security Use Cases

> On 20 Jul 2017, at 09:09, Mccool, Michael <michael.mccool@intel.com> wrote:
> 
> A few more points: 
> 1. Zeroconf already supports DNS-SD.
> 2. DNSSEC may provide a way to bootstrap trust in a local registry (although I have to look into the details of how it would work "locally").
> Not saying this is the answer, just putting it on the table so we can argue about it…


Last year I experimented with gateway discovery using DHCP and DNS-SD over mDNS for the Arduino plus Ethernet shield. The device boots up, initialises the Ethernet shield, then uses DHCP to acquire an IP address and then multicast DNS to discover the gateway.  I then reconfigure the Ethernet shield for an TCP/IP connection to the gateway which is then used for asynchronous message exchange.

An attacker could interfere with faked MAC addresses, the DHCP exchange, the spoofing of IP addresses via ARP, and the mDNS/DNS-SD exchange. This suggests the need for mutual authentication when the device registers with the gateway, and a means to back off and look again for the real gateway. The ease with which you can set MAC addresses gives attackers the chance to inject packets into a stream.  This is challenging for the boot strapping process, and requires a recovery mechanism when a stream is tampered with.

My experiments made me eager to tap the knowledge of experienced security experts ...

Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett
W3C champion for the Web of things & W3C Data Activity Lead

Received on Thursday, 20 July 2017 08:54:06 UTC