Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MasterASKey rollover #1714

Open
shitz opened this issue Jul 23, 2018 · 1 comment
Open

MasterASKey rollover #1714

shitz opened this issue Jul 23, 2018 · 1 comment
Labels
c/control c/router SCION Router feature New feature or request

Comments

@shitz
Copy link
Contributor

shitz commented Jul 23, 2018

Currently, that MasterASKey cannot be changed. According to the SCION book this key should change every couple of days. The current proposal to do this having at most two keys active (to enable seemless key rollover) and adding a 'keyslot' bit to each HopField that indicates which key slot is used for the hop field.
@shitz shitz added BR labels Jul 23, 2018
@oncilla oncilla mentioned this issue Aug 7, 2018
Merged
oncilla added a commit that referenced this issue Aug 8, 2018
@oncilla
Move MasterASKey out of as_conf (#1754)
2a1505d 
Remove MasterASKey from as_conf.yml.

The generator creates two keys in preparation for master key rollover (#1714 ) 
- `master0.key`
- `master1.key`

Fixes #1718
@kormat
Copy link
Contributor

kormat commented Feb 26, 2019
edited
Loading

The BS would be in charge of master key rollover. The BR doesn't actually need the master key, it only needs the hopfield MAC key if i remember correctly. In that case the BS would send a command to the BR saying "update your hopfield MAC key on slot [01]", and the BR needs to persist this to disk to survive restarting the process.

(Such a message would need to be strongly authenticated and encrypted)

@scrye scrye added c/control and removed BS labels Jan 28, 2020
@scrye scrye added c/router SCION Router and removed c/posix-router labels Nov 23, 2020
@matzf matzf added the feature New feature or request label Oct 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c/control c/router SCION Router feature New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@scrye @shitz @kormat @matzf