Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure Pairing must run on a reliable messaging protocol #2243

Closed
pan-apple opened this issue Aug 19, 2020 · 5 comments · Fixed by #5938
Closed

Secure Pairing must run on a reliable messaging protocol #2243

pan-apple opened this issue Aug 19, 2020 · 5 comments · Fixed by #5938
Assignees
@pan-apple
Labels
feature work p1 priority 1 work
Milestone
Test Event 2

Comments

@pan-apple
Copy link
Contributor

Problem

The pairing protocol is currently using unreliable messaging (e.g. BLE). The packets could be lost during transmission. Need a mechanism to detect and retransmit dropped packets.

Proposed Solution

The reliable messaging will need acknowledgement (from peer) of transmitted packets, timeouts, and retransmissions (of dropped packets).

This could be handled inside the secure pairing protocol, as it already performs a handshake between the peers. The handshake involves crypto operations on the low powered devices, that adds delays in the handshake.

The acknowledgement of the received packets can be faster than the pairing handshake (i.e. ack as soon as the message is received). This will help with shorter timeouts, and faster retries for the dropped packets.

So, it'll be better if a separate layer could guarantee the reliable messaging.
@issue-label-bot
Copy link

Issue-Label Bot is automatically applying the label feature_request to this issue, with a confidence of 0.71. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

@pan-apple pan-apple mentioned this issue Aug 19, 2020
Closed
@RyanTheOptimist
Copy link

Sounds great! It seems like we should be able to use (mostly) the same machinery for sending this messages reliably that we use when sending operational messages. (ACKs, retransmissions, etc)

@woody-apple woody-apple added this to the V1.0 milestone Sep 21, 2020
@franck-apple franck-apple added the p2 priority 2 work label Oct 16, 2020
@woody-apple woody-apple added p1 priority 1 work and removed p2 priority 2 work labels Oct 22, 2020
@woody-apple
Copy link
Contributor

SW BRB: @pan-apple @RyanTheOptimist what is the current POR here? Is this still needed post CRMP?

@pan-apple
Copy link
Contributor Author

This is not an issue for the following use-cases

  1. PASE pairing over BLE
  2. CASE pairing (as it uses TCP)

This can be an issue for PASE pairing over SoftAP and ethernet. As it stands today, CRMP works on top of Secure Session, i.e. it cannot be used for unencrypted traffic exchange. PASE session handshake involves sending unencrypted messages. So CRMP cannot be used to solve it.

@andy31415 andy31415 removed their assignment Feb 23, 2021
@franck-apple franck-apple modified the milestones: V1.0, Test Event 1 Feb 26, 2021
@franck-apple franck-apple added TE2 and removed TE1 labels Mar 9, 2021
@woody-apple
Copy link
Contributor

Assigning to @pan-apple

This was referenced Apr 7, 2021
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pan-apple pan-apple

Labels
feature work p1 priority 1 work
Projects
None yet
Milestone
Test Event 2
5 participants
@andy31415 @RyanTheOptimist @woody-apple @pan-apple @franck-apple