ACE Working Group Q. Huang Internet Draft M. Wei Interned status: Standards Track H. Wang Expires: August 26, 2017 S. Li P. Wang Y. Li Chongqing University of Posts and Telecommunications February 22, 2017 Subliminal Channel Hiding Communication for Constrained-Node Networks draft-huang-ace-hiding-communication-00 Abstract Due to the computation and storage limitations of constrained-node networks, it is costly to apply those security mechanisms based on public key algorithm. This document proposed a subliminal channel hiding communication method, which can provide message authentication service and protect the transmission of the sensitive data. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on August 26, 2017. Huang, et al. Expires August 26, 2017 [Page 1] Internet-Draft ace hiding communication February 2017 Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction ................................................ 2 1.1. Requirements Notation................................... 3 1.2. Terms Used ............................................. 3 2. Subliminal Channel Hiding Communication ..................... 4 2.1. Overview of the scheme.................................. 4 2.2. The implementation of the scheme ....................... 5 3. Security Considerations...................................... 6 4. IANA Considerations ......................................... 6 5. References .................................................. 6 5.1. Normative References.................................... 6 5.2. Informative References.................................. 6 1. Introduction In the existing networks, the processing of the sensitive data has mainly used a variety of encryption technologies, and the sensitive data is transmitted through the public channel. The attacker could easily detect the communication process, hence, the man-in-middle attack, the DoS attack or the Sybil attack can be applied to interfere the communication, which makes the legal receiver cannot obtain the encrypted sensitive data, and leads to the failure of the communication process eventually. The subliminal channel hiding communication is to hide the sensitive data into the ordinary data. The attacker is hard to analyze whether there is any sensitive data in the ordinary data. In this way, the transmitted ordinary data would not cause attacker's attentions and doubts. The subliminal channel hiding communication decreased the Huang, et al. Expires August 26, 2017 [Page 2] Internet-Draft ace hiding communication February 2017 intercept rate of the sensitive data and guaranteed the security of the sensitive data fundamentally. The traditional subliminal channel hiding communication is not suitable for the constrained-node networks due to its high computational overhead. Many existing subliminal channel communications are based on public key mechanisms, such as: Scheme of subliminal channel based on Schnorr digital signature and analysis, and the Subliminal Channel Protocol based on Elliptic Curve Digital Signature Algorithm, both of them hides the sensitive data into the digital signature by using embedding algorithm. Although the message authentication mechanism is introduced in the communication process, the asymmetric encryption technology is adopted in the existing embedding algorithm, which increases the calculation costs of the node, and makes the distribution of the public key and the private key very complex. The purpose of this document is to solve the problems of low security and high energy consumption in constrained-node networks communication process. A subliminal channel hiding communication method based on Message Authentication Code (MAC) has been put forward. By using the data hiding technology, the confidentiality and integrity of the sensitive data can be protected, where the sensitive data is less vulnerable to be attacked in the communication process. 1.1. Requirements Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] 1.2. Terms Used MAC: Message Authentication Code. Ordinary data: The data is divided into different grades according to its importance, the ordinary data is low-grade. Sensitive data: The data is divided into different grades according to its importance, the sensitive data is high-grade. Such as the key update messages, time synchronization messages, etc. Broadcast packet: A 2-tuple packets contains the ordinary data and MAC. Huang, et al. Expires August 26, 2017 [Page 3] Internet-Draft ace hiding communication February 2017 Cluster head node: Resource-rich node with high computation and storage capacity. Cluster node: Constrained node with constrained computation and storage capacity. 2. Subliminal Channel Hiding Communication 2.1. Overview of the scheme There are two types of nodes in this document, the cluster head node which is a resource-rich node, and the cluster node which is a constrained-node. The topology of the network is shown in Figure 1. Node A is cluster head node, node B, C and N etc. are cluster nodes. +---+ +---->| A |<------+ | +---+ | | | | v v v +---+ +---+ +---+ | B | | C | ... | N | +---+ +---+ +---+ Figure 1. The network topology There is a trust third party with high computation and storage capacity in the network used to distribute the key materials and other necessary materials to the cluster head node and the cluster nodes at the initialization phase. The mode of the third party is shown in Figure 2. Key/Prime number +-------------------+ +--------------| Trust third party | | +-------------------+ | | | | Key/Prime number v v +-------------------+ +--------------+ | Cluster head node |<---------->| Cluster node | +-------------------+ +--------------+ Figure 2. The third-party mode The cluster head node hides the sensitive data into MAC and constructs a broadcast packet by using Chinese Remainder Theorem (CRT). Then the cluster head node sends the broadcast packet to the Huang, et al. Expires August 26, 2017 [Page 4] Internet-Draft ace hiding communication February 2017 cluster nodes. While the cluster nodes receive the broadcast packet it SHOULD have the message authenticated before, and then it can extract the sensitive data from the MAC if the message is certified. The attacker cannot know whether the MAC contains a sensitive data and cannot get any data from the MAC. This method increased the difficulty of decoding the sensitive data. 2.2. The implementation of the scheme The communication process is divided into several steps: (1) Initialization phase; (2) Preprocessing phase; (3) Constructing broadcast packets; (4) Message authentication; (5) Recovering the sensitive data. (1) Initialization phase: In order to realize authentication and information hiding, the trust third party needs to generate the key parameters. The trust third party generates a key k shared by the whole network nodes, and a series keysrespectively shared by the cluster nodes and the cluster head node. The trust third party also generates a large prime number m shared by the whole network nodes, and a series of large prime numberrespectively shared by the cluster node and the cluster head nodes. (2) Preprocessing phase: when the cluster head node broadcasts the ordinary data v, it utilizes hash algorithm and key k to generate a preprocessed data b. If the cluster head node wants to send a sensitive data u to the cluster node A, it utilizes the individual key KA and the identity of the receiving node A through a symmetric encryption algorithm to generate an encrypted sensitive data U. (3) Constructing broadcast packets phase: the cluster head node utilizes the preprocessed data b, the prime number m, the encrypted sensitive data U and the prime number mA which is shared by the cluster node A and the cluster head node to calculate the congruence equation according to the Chinese Remainder Theorem algorithm. The cluster head node calculates the solution of the congruence equation as the MAC which is embedded the sensitive data. Then the cluster head node constructs a 2-tuple packets P and broadcasts to the cluster nodes. (4) Message authentication phase: when the cluster node A received the 2-tuple packets P, it SHOULD first authenticate the packet. If Huang, et al. Expires August 26, 2017 [Page 5] Internet-Draft ace hiding communication February 2017 the packet P is certified, which means the packet p is credible; otherwise, it will discard the packet. (5) Recovering the sensitive data phase: If the packet P passed the verification, the cluster node A will calculate the encrypted sensitive data U by using its prime number mA from the MAC, then it uses key KA to decrypt the data U, and finally obtains the sensitive data u. 3. Security Considerations TBD. 4. IANA Considerations This memo includes no request to IANA. 5. References 5.1. Normative References 5.2. Informative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119,DOI 10.17487/RFC2119, March 1997, . [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for Constrained-Node Networks", RFC 7228,DOI 10.17487/RFC7228, May 2014, . Huang, et al. Expires August 26, 2017 [Page 6] Internet-Draft ace hiding communication February 2017 Authors' Addresses QingQing Huang Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Chongqing, 400065 China Email: huangqq@cqupt.edu.cn Min Wei Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Chongqing, 400065 China Email: weimin@cqupt.edu.cn Hao Wang Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Chongqing, 400065 China Email: wanghao@cqupt.edu.cn Shuaiyong Li Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Chongqing, 400065 China Email: lishuaiyong@cqupt.edu.cn Ping Wang Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Huang, et al. Expires August 26, 2017 [Page 7] Internet-Draft ace hiding communication February 2017 Chongqing, 400065 China Phone: (86)-23-6246-1061 Email: wangping@cqupt.edu.cn Yong Li Key Laboratory of Industrial Internet of Things & Networked Control Ministry of Education Chongqing University of Posts and Telecommunications 2 Chongwen Road Chongqing, 400065 China Email: 13101279737@126.com Huang, et al. Expires August 26, 2017 [Page 8]