[Cryptography] ANIMA protocol to "bootstrap a Secure Key Infrastructure"
Neuhaus Stephan (neut)
neut at zhaw.ch
Mon Sep 11 10:55:03 EDT 2017
Hi list,
I'm currently working on an R&D project in the area of IoT. One of the
problems is that the proverbial lightbulb does not know that it's being
screwed into a legitimate network and the network doesn't know that the
lightbulb is genuine. This project aims to solve
this problem using ANIMA
(https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/)
.
Do you know anything about this protocol? I've looked through it and it
seems to me that the protocol confuses "I believe that Bob is telling me
the truth" with "I can authenticate Bob", that this gives rise to all
kinds of security shenanigans, and that at any rate the security
assumptions or the attacker model are not clearly stated. Also, they call
what they do "bootstrapping a Secure Key Infrastructure", not "Public Key
Infrastructure", even though they don't define the term. Is “Secure Key
Infrastructure” a standard term that has somehow passed me by?
I am skeptical about ANIMA, but it seems to have a lot of industry
support, among others from the Thread group, which includes non-idiots
from Google/Alphabet, among others. Am I missing something here?
Cheers,
Stephan
—
“[I]n the 19th C.[,] telegraphers […] copied Morse-coded messages.
Although they transcribed them, they never really processed them.”
Students still do this today — Peter Gutmann on the cryptography mailing
list
More information about the cryptography
mailing list