Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp192506ybl; Tue, 13 Aug 2019 18:44:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqxqaA+TR5E9d3/R+ZyPKdFLM8idsrspjVpcJBLqZvhgyjsMY+T//3zXqU1M/xj8phDigEQc X-Received: by 2002:a17:902:3003:: with SMTP id u3mr5930058plb.8.1565747079562; Tue, 13 Aug 2019 18:44:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565747079; cv=none; d=google.com; s=arc-20160816; b=SK2YktIfFYpJlVnPQgTZ2ph2b9sla/TZ2700QAbAi3utNXZayO+ZWyh4R/VsUDDS5C gLEKVW1GwtVWUXVFLfFlTKDqIGJ8GUj9Lorp0VUegOFlcnDPsEYxl204ulDg4tHrvuHQ VfZP4+71yAScGpORle9J+GKA+ZYPAwceP6POfHtKyrEGws/ExC0Tg3VvmEqgwWjD4K+d ahUz9ADtvZionTjkbmH3RljmRg1Nzy3q/8pR8hIsUU2U77IM8aPxelt7+fprZZewBUue xd1C6aYKleAUbzYyQB5c9m6zkbSux1MlPmTr6TcqGS+1F+i/SwRS6RrMVOdauSPnvbFi eu5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=Ybjafm5sYOgKesIY2H9cJjcyzBDGRtwEi9AmGSbmlTY=; b=qcNDg74zoomZfM4rHzfhIoPgtvfQ/e71Gxzy6wuINX8kpZjmecd6MnP5jmW3zjuCCM cmypa9AiX/vAv5ihdS1pG2g6nJcDlkSlQD7UmgDU7Z65gJjeoHm3MnfAiFLPErPfSgoX CTpvSbZa/eXIbaSilOQ074q5RJ2x3KnIKZ3Ak+RGjkwrRqRzKHadQt/YJK680n03e1A0 Etwipco14RfRJPBkux+cnf8UNLtVwB0SqsU3YlS2QrN0lUFr/KCFa2q3mt5m1d1Vq75f 5XiL7Bg8rB+bPio2XU6ZRxj/SiAsdcGsyGJbHlVvG5HaRSL58n2Hg+AJW6xVEdMVNG9o +Qew== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i69si24671418pgd.184.2019.08.13.18.44.08; Tue, 13 Aug 2019 18:44:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726102AbfHNBoH (ORCPT + 99 others); Tue, 13 Aug 2019 21:44:07 -0400 Received: from mga01.intel.com ([192.55.52.88]:58789 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726007AbfHNBoH (ORCPT ); Tue, 13 Aug 2019 21:44:07 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Aug 2019 18:44:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,382,1559545200"; d="scan'208";a="176377779" Received: from bgi1-mobl2.amr.corp.intel.com ([10.254.104.160]) by fmsmga008.fm.intel.com with ESMTP; 13 Aug 2019 18:44:06 -0700 From: Brian Gix To: linux-bluetooth@vger.kernel.org Cc: marcel@holtmann.org, johan.hedberg@gmail.com, brian.gix@intel.com, inga.stotland@intel.com, michal.lowas-rzechonek@silvair.com Subject: [PATCH BlueZ 0/1] mesh: Add D-Bus Security for sensitive data Date: Tue, 13 Aug 2019 18:43:56 -0700 Message-Id: <20190814014357.32453-1-brian.gix@intel.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org There are various "security sensitive" pieces of data that need to be exchanged between Applications and the Bluetooth Mesh daemon. The following items will be encrypted before sending over D-Bus: token -- This is used by all nodes. net_keys, app_keys, dev_keys -- These will only typically be needed by Provisioner/Config Client nodes to extract the keys for purposes of Cponfiguration Database transfer. Methodology: ECC Public/Private pairs, and key exchanges which are set up for each Attach() Session, and a counting diversifier to be used as a Nonce. The App and Daemon will each generate a single session ECC pair, and will generate an ECDH Shared Secret, which will be used as the symetric encription key, for AES-CCM. For most nodes, these steps will be required only for Attaching, to authenticate the application to the daemon while obscuring the token from D-Bus sniffers. ECC and AES-CCM are both already natively supported by Mesh. Brian Gix (1): doc: Add Pub/Private ECC shared secret to obscure sensitive data doc/mesh-api.txt | 102 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 91 insertions(+), 11 deletions(-) -- 2.21.0