forked from netsec-ethz/lightning-filter
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
protocol: update scion version and DRKey configuration (netsec-ethz#25)
This PR updates the scion repository to the newest scionproto version. As a consequence this includes updating a lot of configs and the DRKey derivation scheme. Since AS-AS keys can no longer be fetched directly from the CS an option to configure shared keys in the LF config has been added. The fetching of HOST-AS and HOST-HOST keys will be added at a later point. The DRKey timestamps and especially the SPAO header will be updated in a separate PR. From the per peer preshared secret we derive a short term (3 day validity) AS-AS key. The derivation is done using AES-CBC MAC keyed with the shared secret and the input: **(type | ISD_AS1 | ISD_AS2 | start timestamp)** where - **type** is the 1 byte fixed constant **0**. - **ISD_AS1** is the ISD_AS number (8 byte) in network byte order of the fast side AS. - **ISD_AS2** is the ISD_AS number (8 byte) in network byte order of the slow side AS. - **start timestamp** is the timestamp in ns (8 byte) of the start time of the validity period for the resulting key. This can be synchronized between peers since the initial start time is configured by both and consequent start times can be calculated by **configured time** + **k** * **VALIDITY_PERIOD** for some **k** such that the key is currently valid. It is also possible to configure multiple shared secrets with different start time such that a shared secret can be replaced at some point.
- Loading branch information
1 parent
170478e
commit 04d9345
Showing
40 changed files
with
1,764 additions
and
1,474 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.