Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp481601ybl; Wed, 14 Aug 2019 00:52:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqxnt1xzCfyv2UVk3exRW0U1G9lHGHOZwnI0+MMDYiYrcZNXtqZ2RR69jjeYWZSn57tfLrdl X-Received: by 2002:a17:90a:f0c7:: with SMTP id fa7mr5999527pjb.115.1565769147068; Wed, 14 Aug 2019 00:52:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565769147; cv=none; d=google.com; s=arc-20160816; b=0Zd4x7viUYSCoADzo9P/LczHgrR9i7yyx8BNwwWXt2oMyhpX4W6MPKCxqBEDtKIf8t nfbtSi9x/0EBh6KPnJYYnq2sRoWSnt2IKPcwROPuAphNVHNiADLQxFYtjfcZEKfktf58 EoN1wAiygxV0DhxnOQc6cfBJGJQvLBiUjfXmklX0wiYHICuA1W1mX/4PMlcSvrMGI43c 8O6lkUJRAYhUM3PGlsi3a7zM7r7bDVo2UvuRic4RiXW8FNMTzq20PCv5S2r77vwAL6j3 /FGL7Z0Rm6hxiILB/KN+1ASrzp+etLXow4EzqtAYB6+0qZmJRKpC9ZWvMDhqAJ+RHxeK zmaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:mail-followup-to:message-id:subject:cc:to:from:date :dkim-signature; bh=bYHUG5j6QiGLWPAItNUfBzdBj12xBwUwd5L+TQ5DQbc=; b=VRhpFzQn1O5kDBFRx0ZP6Chmx/R404saJwWwKHjM6OdsYeso0cMZ5ofu/II9Ik5r/y OpAaYdAM9N9tzvE5BA0X0FN4i4z0FOBiNfw761jyori/tf9csqKta87jGBCku8ejItML oxV6BH3DToaQAj9UUvcs6KgV+jaSKABXP1XGJwUhZfd+errXxC+ttqGgU6dNmvsyhd9e JyIBxcWeiSlzdU7bUroOAhffvDF3alC1/FrK9OzftPPpmLPh/KdQOO96KaVRgKQ8s0ut 3g9f84TSEdBt5JMf/206AtlB41kawJfY2gHjbnBOhh/AltoArPI4qia2OxTJYuRGpNZH wODg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=cJdNam5d; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j24si7685250pgh.287.2019.08.14.00.52.11; Wed, 14 Aug 2019 00:52:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=cJdNam5d; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725928AbfHNHwE (ORCPT + 99 others); Wed, 14 Aug 2019 03:52:04 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:36510 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725816AbfHNHwE (ORCPT ); Wed, 14 Aug 2019 03:52:04 -0400 Received: by mail-lj1-f196.google.com with SMTP id u15so8959240ljl.3 for ; Wed, 14 Aug 2019 00:52:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=silvair-com.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=bYHUG5j6QiGLWPAItNUfBzdBj12xBwUwd5L+TQ5DQbc=; b=cJdNam5d8geDEbCA/qQmUX6F12hDtAszQpnJBs7S3bzDiVnvFBYd9kDveOkffpOg6Q lx6NlXiBwh8iqeV6nBO5ldL7ukhJgFCDqRxJmNi7nsC8O43vEGi3RHhH0fRLW3yA4NGs /UBX8SRQ8czfQNuR5XdAHQOmeveXjDLjc17wZrFonyHNGvMVCMULGeomkZcYO0AQxxoS 4PpLoBpFEToxTKMaGaXyipSkIpywpc+8rgPe4sHaqUYJtC/5LhlUGnr2Cah1VDMJx6+a miUliNUukY45GV6E+Q4oSLFyk9ijoBiB9IyNWQ2GSxIiiuXeerRNlt1I9Nk88tsZ+3uu o9eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :content-transfer-encoding:in-reply-to:user-agent; bh=bYHUG5j6QiGLWPAItNUfBzdBj12xBwUwd5L+TQ5DQbc=; b=pcBkDg6vZI0q1F9NcMRhIkEfIN1mmKOQ0dUFMB4sRKrg0XfNDduglg9jsk9qqWjwbX mWzK/LkcXWmvR5qE2GFt9sSIEwco/W31jsIHCT8DpmzQCHHQQL41QBeAqrF99g+1+ILx a6o1kietlJfGCzbIFcoDtK5XZW3zj5mAFqWWVll/STDBevFy5VpCfrfNcl9gbU8vT4Sr RT+7+IDinX023Gofsf+T0y8K+1fzgM+j113tFuHjVajcMtsWd1dMgXmqh2sMdqKmi22y XRdyY2HavRmcwudecksVpE60s/zzHEHG+4GlbnNg/PZ8crjQDzlgFZU3wdw02TWRDYaN 8TMw== X-Gm-Message-State: APjAAAVgT9m9MTMJtSe8tZ+HkcNhkVau03TrqWPRP7Rce7fo2btBvRvk dJt6w0hqkL8tWa+XUy0SIdim0A== X-Received: by 2002:a2e:89d0:: with SMTP id c16mr23608220ljk.219.1565769121898; Wed, 14 Aug 2019 00:52:01 -0700 (PDT) Received: from mlowasrzechonek2133 ([217.153.94.18]) by smtp.gmail.com with ESMTPSA id y25sm689510ljj.5.2019.08.14.00.52.00 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Wed, 14 Aug 2019 00:52:01 -0700 (PDT) Date: Wed, 14 Aug 2019 09:52:00 +0200 From: =?utf-8?Q?Micha=C5=82?= Lowas-Rzechonek To: Brian Gix Cc: linux-bluetooth@vger.kernel.org, marcel@holtmann.org, johan.hedberg@gmail.com, inga.stotland@intel.com Subject: Re: [PATCH BlueZ 0/1] mesh: Add D-Bus Security for sensitive data Message-ID: <20190814075200.j3jmxpto7kszjjkp@mlowasrzechonek2133> Mail-Followup-To: Brian Gix , linux-bluetooth@vger.kernel.org, marcel@holtmann.org, johan.hedberg@gmail.com, inga.stotland@intel.com References: <20190814014357.32453-1-brian.gix@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20190814014357.32453-1-brian.gix@intel.com> User-Agent: NeoMutt/20180716 Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi Brian, On 08/13, Brian Gix wrote: > There are various "security sensitive" pieces of data that need to be > exchanged between Applications and the Bluetooth Mesh daemon. > > The following items will be encrypted before sending over D-Bus: > > token -- This is used by all nodes. > > net_keys, app_keys, dev_keys -- These will only typically be needed by > Provisioner/Config Client nodes to extract the keys for purposes of > Cponfiguration Database transfer. Please don't. I don't see any benefit from doing so. D-Bus traffic cannot be sniffed by an unprivileged user, and privileged user already has access to the storage and can extract all this information from there. In my opinion there is little point in encrypting D-Bus traffic. Noone else does that: - ConnMan sends login/password pairs over D-Bus in https://git.kernel.org/pub/scm/network/connman/connman.git/tree/doc/vpn-agent-api.txt - BlueZ sends pairing secrets in https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/doc/agent-api.txt regards -- Michał Lowas-Rzechonek Silvair http://silvair.com Jasnogórska 44, 31-358 Krakow, POLAND