RFCs We Love: HMAC & CoAP Edition
The fifth meetup of RFCs we love was held at Synup in Koramangala on 14th October 2017 . It was a small crowd on a rainy Saturday afternoon. There were two talks scheduled for the afternoon.
The first talk was by Abhay Rana (@captn3m0) on HMAC: Keyed Hashing for message authentication. He started with explaing how hashing works with a focus on block-hashing and chaining. He then moved to explain the problems with earlier prevalent implementations with authenicating messages and the issues with replay attacks by adding payloads to the messages. He then went into detail about how HMAC prevents this attack. He went in some detail on RFC 2104 and then we had a quick chat about RFC 6151, 4635 and 4868 which are related to HMACs and assosiated algorithms and best practices. The slide deck for this talk is here.
The second talk was by Anmol Sarma on CoAP - Constrained Application Protocol. He first explained what constrained resource networks are and how they are different. He then explained the challenges of using these networks and how. Further, he went into details of the protocol and the concepts that underpin the protocol. He also addressed how the protocol was different as compared to HTTP (whose design it was inspired by). He then went on to demonstrate a few tools and plugins which show how the protocol worked. There was then a followup discussion on the adoption of this standard in the IoT industry. The slides for the talk can be found here.
Link to all presentations: https://github.com/rfcswelove/rfcs_we_love#meetup-5