.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH XXX
+.ds RH 15 May 2002
.ds CH
.na
.hy 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-pp-05.txt XXX
-Expires: XXX
+draft-riikonen-silc-pp-05.txt 15 May 2002
+Expires: 15 November 2002
.in 3
2 SILC Packet Protocol .......................................... 4
2.1 SILC Packet ............................................... 4
2.2 SILC Packet Header ........................................ 5
- 2.3 SILC Packet Types ......................................... 7
- 2.3.1 SILC Packet Payloads ................................ 16
- 2.3.2 Generic payloads .................................... 16
+ 2.3 SILC Packet Types ......................................... 8
+ 2.3.1 SILC Packet Payloads ................................ 17
+ 2.3.2 Generic payloads .................................... 17
2.3.2.1 ID Payload .................................. 17
2.3.2.2 Argument Payload ............................ 18
- 2.3.2.3 Channel Payload ............................. 18
- 2.3.2.4 Public Key Payload .......................... 19
+ 2.3.2.3 Channel Payload ............................. 19
+ 2.3.2.4 Public Key Payload .......................... 20
2.3.3 Disconnect Payload .................................. 20
2.3.4 Success Payload ..................................... 21
- 2.3.5 Failure Payload ..................................... 21
+ 2.3.5 Failure Payload ..................................... 22
2.3.6 Reject Payload ...................................... 22
- 2.3.7 Notify Payload ...................................... 22
- 2.3.8 Error Payload ....................................... 28
- 2.3.9 Channel Message Payload ............................. 29
- 2.3.10 Channel Key Payload ................................ 32
- 2.3.11 Private Message Payload ............................ 34
- 2.3.12 Private Message Key Payload ........................ 35
- 2.3.13 Command Payload .................................... 37
- 2.3.14 Command Reply Payload .............................. 38
- 2.3.15 Connection Auth Request Payload .................... 38
- 2.3.16 New ID Payload ..................................... 39
- 2.3.17 New Client Payload ................................. 40
- 2.3.18 New Server Payload ................................. 41
- 2.3.19 New Channel Payload ................................ 42
- 2.3.20 Key Agreement Payload .............................. 43
- 2.3.21 Resume Router Payload .............................. 44
- 2.3.22 File Transfer Payload .............................. 44
- 2.3.23 Resume Client Payload .............................. XXXXXX
- 2.4 SILC ID Types ............................................. 46
- 2.5 Packet Encryption And Decryption .......................... 46
- 2.5.1 Normal Packet Encryption And Decryption ............. 46
- 2.5.2 Channel Message Encryption And Decryption ........... 47
- 2.5.3 Private Message Encryption And Decryption ........... 48
- 2.6 Packet MAC Generation ..................................... 48
- 2.7 Packet Padding Generation ................................. 49
- 2.8 Packet Compression ........................................ 50
- 2.9 Packet Sending ............................................ 50
- 2.10 Packet Reception ......................................... 51
- 2.11 Packet Routing ........................................... 51
- 2.12 Packet Broadcasting ...................................... 52
-3 Security Considerations ....................................... 53
-4 References .................................................... 53
-5 Author's Address .............................................. 54
+ 2.3.7 Notify Payload ...................................... 23
+ 2.3.8 Error Payload ....................................... 31
+ 2.3.9 Channel Message Payload ............................. 31
+ 2.3.10 Channel Key Payload ................................ 35
+ 2.3.11 Private Message Payload ............................ 36
+ 2.3.12 Private Message Key Payload ........................ 38
+ 2.3.13 Command Payload .................................... 39
+ 2.3.14 Command Reply Payload .............................. 40
+ 2.3.15 Connection Auth Request Payload .................... 40
+ 2.3.16 New ID Payload ..................................... 42
+ 2.3.17 New Client Payload ................................. 42
+ 2.3.18 New Server Payload ................................. 43
+ 2.3.19 New Channel Payload ................................ 44
+ 2.3.20 Key Agreement Payload .............................. 45
+ 2.3.21 Resume Router Payload .............................. 46
+ 2.3.22 File Transfer Payload .............................. 46
+ 2.3.23 Resume Client Payload .............................. 48
+ 2.4 SILC ID Types ............................................. 49
+ 2.5 Packet Encryption And Decryption .......................... 49
+ 2.5.1 Normal Packet Encryption And Decryption ............. 50
+ 2.5.2 Channel Message Encryption And Decryption ........... 50
+ 2.5.3 Private Message Encryption And Decryption ........... 51
+ 2.6 Packet MAC Generation ..................................... 52
+ 2.7 Packet Padding Generation ................................. 52
+ 2.8 Packet Compression ........................................ 53
+ 2.9 Packet Sending ............................................ 53
+ 2.10 Packet Reception ......................................... 54
+ 2.11 Packet Routing ........................................... 54
+ 2.12 Packet Broadcasting ...................................... 55
+3 Security Considerations ....................................... 56
+4 References .................................................... 56
+5 Author's Address .............................................. 58
.ti 0
List of Figures
protocol describes the packet types and packet payloads which defines
the contents of the packets. The protocol provides secure binary packet
protocol that assures that the contents of the packets are secured and
-authenticated.
+authenticated. The packet protocol is designed to be compact to avoid
+unnecessary overhead as much as possible. This makes the SILC suitable
+also in environment of low bandwidth requirements such as mobile networks.
+All packet payloads can also be compressed to further reduce the size
+of the packets.
The basis of SILC protocol relies in the SILC packets and it is with
out a doubt the most important part of the protocol. It is also probably
section 2.12 Packet Broadcasting for description of
packet broadcasting.
+
+ Compressed 0x08
+
+ Marks that the payload of the packet is compressed.
+ The sender of the packet marks this flag when it
+ compresses the payload, and any server or router
+ en route to the recipient MUST NOT unset this flag.
+ See section 2.8 Packet Compression for description of
+ packet compressing.
+
.in 3
Payload of the packet: See section 2.3.7 Notify Payload.
+
6 SILC_PACKET_ERROR
This packet is sent when an error occurs. Server MAY
Payload of the packet: See section 2.3.20 Key Agreement Payload
+
+
26 SILC_PACKET_RESUME_ROUTER
This packet is used during backup router protocol when the
not be defined by this document.
-
-
255 SILC_PACKET_MAX
This type is reserved for future extensions and currently it
The following diagram represents the ID Payload.
+
+
+
+
+
.in 5
.nf
1 2 3
the packet payload needing the arguments. Incorrect amount of argument
payloads MUST cause rejection of the packet.
-
-
-
-
-
-
The following diagram represents the Argument Payload.
.in 5
The following diagram represents the Channel Payload.
-
-
-
-
-
-
-
-
-
-
-
.in 5
.nf
1 2 3
note that all passphrases that may be sent inside arguments MUST be
UTF-8 [RFC2279] encoded.
+
+
.in 6
0 SILC_NOTIFY_TYPE_NONE
usually is Client ID but it can be Server ID and Channel ID as well.
+
+
6 SILC_NOTIFY_TYPE_NICK_CHANGE
Sent when client changes nick on a channel. The server MUST
the nickname. The <New Client ID> is the new ID generated by
the change of the nickname. The <nickname> is the new nickname.
Note that it is possible to send this notify even if the nickname
- hasn't changed, but client ID has changed.
+ has not changed, but client ID has changed.
7 SILC_NOTIFY_TYPE_CMODE_CHANGE
to the clients which is joined on the channel which mode was
changed.
- Max Arguments: 5
+ Max Arguments: 6
Arguments: (1) <ID Payload> (2) <mode mask>
(3) [<cipher>] (4) <[hmac>]
- (5) [<passphrase>]
+ (5) [<passphrase>] (6) [<founder public key>]
The <ID Payload> is the ID (usually Client ID but it can be
Server ID as well when the router is enforcing channel mode
packet will force the new channel key change anyway. The <hmac>
argument is important since the client is responsible of setting
the new HMAC and the hmac key into use. The <passphrase> is
- the passphrase of the channel, if it was now set.
+ the passphrase of the channel, if it was now set. The <founder
+ public key> argument is sent when the founder mode on the
+ channel was set. All routers and servers that receive the packet
+ MUST save the founder's public key so that the founder can
+ reclaim the channel founder rights back for the channel on any
+ server in the network.
+
+
8 SILC_NOTIFY_TYPE_CUMODE_CHANGE
sent only to the clients which is joined on the channel where
the target client is on.
- Max Arguments: 3
- Arguments: (1) <ID Payload> (2) <mode mask>
- (3) <Target Client ID>
+ Max Arguments: 4
+ Arguments: (1) <ID Payload> (2) <mode mask>
+ (3) <Target Client ID> (3) [<founder pubkey>]
The <ID Payload> is the ID (usually Client ID but it can be
Server ID as well when the router is enforcing user's mode
change) of the entity which changed the mode. The <mode mask>
is the new mode mask of the channel. The <Target Client ID>
- is the client which mode was changed.
+ is the client which mode was changed. The <founder pubkey>
+ is the public key of the channel founder and is sent only
+ when first setting the channel founder mode using the
+ SILC_COMMAND_CUMODE command, and when sending this notify.
9 SILC_NOTIFY_TYPE_MOTD
Channel ID> is the new one that MUST replace the old one.
+
+
11 SILC_NOTIFY_TYPE_SERVER_SIGNOFF
Sent when server quits SILC network. Those clients from this
Router server which receives SILC_NOTIFY_TYPE_SIGNOFF,
SILC_NOTIFY_TYPE_SERVER_SIGNOFF, SILC_NOTIFY_TYPE_KILLED,
SILC_NOTIFY_TYPE_NICK_CHANGE and SILC_NOTIFY_TYPE_UMODE_CHANGE
-MUST chech whether someone in the local cell is watching the nickname
+MUST check whether someone in the local cell is watching the nickname
the client has, and send the SILC_NOTIFY_TYPE_WATCH notify to the
watcher, unless the client in case has the SILC_UMODE_REJECT_WATCHING
user mode set. If the watcher client and the client that was
watched is same the notify SHOULD NOT be sent.
+
+
.ti 0
2.3.8 Error Payload
other parts of the packet.
o MAC (variable length) - The MAC computed from the
- Message Length, Message Data, Padding Length, Padding and
- Initial Vector fields. This protects the integrity of the
- plaintext channel message. The receiver can verify from
- the MAC whether the message decrypted correctly. Also, if
- more than one private key has been set for the channel, the
- receiver can verify which of the keys decrypted the message
- correctly. Note that, this field is encrypted and MUST
- be added to the padding calculation.
+ Message Flags, Message Length, Message Data, Padding Length,
+ Padding and Initial Vector fields in that order. This
+ protects the integrity of the plaintext channel message.
+ The receiver can verify from the MAC whether the message
+ decrypted correctly. Also, if more than one private key
+ has been set for the channel, the receiver can verify which
+ of the keys decrypted the message correctly. Note that,
+ this field is encrypted and MUST be added to the padding
+ calculation.
o Initial Vector (variable length) - The initial vector
that has been used in packet encryption. It needs to be
used in the packet decryption as well. What this field
includes is implementation issue. However, it is
- RECOMMENDED that it would be random data or, perhaps,
+ RECOMMENDED that it would be random data, or perhaps
a timestamp. It is NOT RECOMMENDED to use zero (0) as an
initial vector. This field is not encrypted. This field
is not included into the padding calculation. Length
diagram represents the Private Message Payload.
-
-
-
-
-
-
.in 5
.nf
1 2 3
.in 3
+
+
.ti 0
2.3.16 New ID Payload
represents the New Client Payload.
-
-
-
-
-
-
-
-
-
-
-
.in 5
.nf
1 2 3
-
-
.in 5
.nf
1 2 3
Server or router that receives this from the client also sends this,
without the Authentication Payload, to routers in the network so that
they know the detached client has resumed. Refer to the [SILC1] for
-detailed description how the detaching and resuming prodecure is
+detailed description how the detaching and resuming procedure is
performed.
The payload may only be sent with SILC_PACKET_RESUME CLIENT packet. It
the packet is received and decrypted the data area MUST be decompressed.
Note that the true sender of the packet MUST apply the compression and
the true receiver of the packet MUST apply the decompression. Any
-server or router en route MUST NOT decompress the packet.
+server or router en route SHOULD NOT decompress the packet.
.ti 0
However, there are some issues when routing channel messages to group
of users. Routers are responsible of routing the channel message to
other routers, local servers and local clients as well. Routers MUST
-send the channel message to only one router in the network, preferrably
+send the channel message to only one router in the network, preferably
to the shortest route to reach the channel users. The message can be
routed into either upstream or downstream. After the message is sent
to a router in the network it MUST NOT be sent to any other router in
4 References
[SILC1] Riikonen, P., "Secure Internet Live Conferencing (SILC),
- Protocol Specification", Internet Draft, April 2001.
+ Protocol Specification", Internet Draft, May 2002.
[SILC3] Riikonen, P., "SILC Key Exchange and Authentication
- Protocols", Internet Draft, April 2001.
+ Protocols", Internet Draft, May 2002.
-[SILC4] Riikonen, P., "SILC Commands", Internet Draft, April 2001.
+[SILC4] Riikonen, P., "SILC Commands", Internet Draft, May 2002.
[IRC] Oikarinen, J., and Reed D., "Internet Relay Chat Protocol",
RFC 1459, May 1993.
.nf
Pekka Riikonen
-Snellmanninkatu 34 A 15
+Snellmaninkatu 34 A 15
70100 Kuopio
Finland
EMail: priikone@iki.fi
-This Internet-Draft expires XXX
+This Internet-Draft expires 15 November 2002