Re: [Ace] EST over CoAP: Randomness

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Fri, 10 May 2019 02:52 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54A74120091 for <ace@ietfa.amsl.com>; Thu, 9 May 2019 19:52:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Tox2PEYC; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=X+myay8U
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JT4AIrhOx2Ww for <ace@ietfa.amsl.com>; Thu, 9 May 2019 19:52:54 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCC1B120071 for <ace@ietf.org>; Thu, 9 May 2019 19:52:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2353; q=dns/txt; s=iport; t=1557456773; x=1558666373; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=ytZ6p/W5jMOcAmP/79OCdpwy+/2eMctGFn2r8Sb73LQ=; b=Tox2PEYCGKH3/wkPiPxvbFE9Bw8iwPPjAKTel/PTGxKV9tt3kfp2uhyo GvAnE7az6TFUgeZI0s2tXMm6pUnQXtiFBMZaHQ1W+6nUBjqW5ht0Xfmjq EQEHO8H98yO2rgwhswfQ2N7crIqWYCAkY8ba2SogKFTbz/A3oY35l1upc s=;
IronPort-PHdr: =?us-ascii?q?9a23=3Ab0DUVBSQet78YGJTWrphFMKHf9psv++ubAcI9p?= =?us-ascii?q?oqja5Pea2//pPkeVbS/uhpkESXBNfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH1?= =?us-ascii?q?5g640NmhA4RsuMCEn1NvnvOjQ5FcFaXVls13q6KkNSXs35Yg6arw=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ATAAAR59Rc/5ldJa1kGgEBAQEBAgE?= =?us-ascii?q?BAQEHAgEBAQGBUwMBAQEBCwGBPSQFJwNpVSAECyiHWAOOfUqCDZclgS4UgRA?= =?us-ascii?q?DVAkBAQEMAQEYCwoCAQGEQAKCCCM2Bw4BAwEBBAEBAgEEbRwMhUoBAQEEAQE?= =?us-ascii?q?QKAYBASwCCgsEAgEIEQQBAR4BECcLHQgBAQQBEggTB4MBgWoDHQEOoXwCgTW?= =?us-ascii?q?IX4IggnkBAQWFAxiCDwMGgTIBijCBHheBQD8ma0aCTD6CYQEBgSUJARIBCRi?= =?us-ascii?q?DOoImiwScRQkCggmONYQ6ghAthhmNA4wllHcCBAIEBQIOAQEFgVYELWZxcBU?= =?us-ascii?q?7gmyCD4EkAQKCSIUUhT9ygSmMHoJDAQE?=
X-IronPort-AV: E=Sophos;i="5.60,452,1549929600"; d="scan'208";a="271382399"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 10 May 2019 02:52:52 +0000
Received: from XCH-ALN-001.cisco.com (xch-aln-001.cisco.com [173.36.7.11]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id x4A2qqbK025053 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 10 May 2019 02:52:52 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-ALN-001.cisco.com (173.36.7.11) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 9 May 2019 21:52:51 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 9 May 2019 22:52:50 -0400
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 9 May 2019 22:52:50 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zo5RO4XC6J05AsP6p2AqIXpFXk5KRIbXAkBIRt7Wps8=; b=X+myay8UpogAmxvn78V4JZcOGZLJ6h97Me2ZE3GmZdSmaAREprfw1+tf2+mP/8G74C3vlVuqivZ+qfMQGkItLRUwx7pZFA0mbHP+zB6Os+5MbZ5BsqszhGbjWJGPfolCQG+iwww65QUWrES5WSveiQCOhGWiZ7zd8ZRpIIa2urU=
Received: from MWHPR11MB1838.namprd11.prod.outlook.com (10.175.53.141) by MWHPR11MB1503.namprd11.prod.outlook.com (10.172.54.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1878.22; Fri, 10 May 2019 02:52:49 +0000
Received: from MWHPR11MB1838.namprd11.prod.outlook.com ([fe80::4964:5495:9121:8f12]) by MWHPR11MB1838.namprd11.prod.outlook.com ([fe80::4964:5495:9121:8f12%7]) with mapi id 15.20.1878.022; Fri, 10 May 2019 02:52:49 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] EST over CoAP: Randomness
Thread-Index: AdUGcOnxX76zbRm2S2qe/nEWIh3V6AAamrQA
Date: Fri, 10 May 2019 02:52:49 +0000
Message-ID: <MWHPR11MB18386309CD27A19485A6B204C90C0@MWHPR11MB1838.namprd11.prod.outlook.com>
References: <DBBPR08MB45393CDF71E7DB02F6C6938CFA330@DBBPR08MB4539.eurprd08.prod.outlook.com>
In-Reply-To: <DBBPR08MB45393CDF71E7DB02F6C6938CFA330@DBBPR08MB4539.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c4:1006::392]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fdeda7a2-91b2-4452-6016-08d6d4f29699
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:MWHPR11MB1503;
x-ms-traffictypediagnostic: MWHPR11MB1503:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <MWHPR11MB1503C702046003962BD39F81C90C0@MWHPR11MB1503.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0033AAD26D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(346002)(366004)(39860400002)(376002)(136003)(13464003)(53754006)(199004)(189003)(40434004)(33656002)(7696005)(316002)(110136005)(99286004)(305945005)(25786009)(7736002)(9686003)(6246003)(76176011)(53936002)(86362001)(74316002)(6306002)(46003)(102836004)(53546011)(6506007)(186003)(486006)(11346002)(476003)(446003)(2501003)(966005)(55016002)(68736007)(81166006)(81156014)(8936002)(14454004)(229853002)(478600001)(6436002)(2906002)(6116002)(8676002)(71190400001)(76116006)(73956011)(66946007)(66476007)(66556008)(64756008)(66446008)(5660300002)(71200400001)(52536014)(5024004)(14444005)(256004); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1503; H:MWHPR11MB1838.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: JblJurLrfz4bCuBNe2uns0FOa6MsbXEVtNvbPyhGe3s1OQVFBVBaNt7lOQHOmVbEzZrpxLLIGAMeqBvTk+hMgDIlc5+soPt8D3OrVLzn3dL89A5hsELbkzQaAsPkEfXCLWCbETREAoYASmaOPqqXbU89h/Rg5013d4O8cNs1j5AT1PwYYD90M/bTiVRZLfPhCt2u0RutaqITumrMWijItRlhVr4QBQQAZL78buNtj/NP85VLdQOd9NVYsFZbIEy33JYo/6SYH0IFHLyKgxjoCOd7Zm0bpAxGveQm6I8SXAedLXHQ63a3Qr/C8gUh0gkYeGZU5Rf7QtUKTX69UAG7hgY1LS/wyahtw5L8g4GEVxa5eJmrNhnbjIbZxMs82BswS3PNt5yC41Cw2spfzPNG+cITHnzNXhwuylz7Ccyg9Is=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: fdeda7a2-91b2-4452-6016-08d6d4f29699
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 May 2019 02:52:49.1420 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1503
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.11, xch-aln-001.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/B_Q9rAmWT-vgvujLcKZIFN8V5HI>
Subject: Re: [Ace] EST over CoAP: Randomness
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2019 02:52:56 -0000

Thanks Hannes.
Before I try to address it, can you help me understand what you are proposing. To amend this paragraph maybe?

-----Original Message-----
From: Ace <ace-bounces@ietf.org> On Behalf Of Hannes Tschofenig
Sent: Thursday, May 09, 2019 10:43 AM
To: ace@ietf.org
Subject: [Ace] EST over CoAP: Randomness

Hi all,

I am still a bit unhappy about this paragraph:

"
   Constrained devices sometimes do not have the necessary hardware to
   generate statistically random numbers for private keys and DTLS
   ephemeral keys.  Past experience has also shown that low-resource
   endpoints sometimes generate numbers which could allow someone to
   decrypt the communication or guess the private key and impersonate as
   the device [PsQs] [RSAorig].  Additionally, random number key
   generation is costly, thus energy draining.
"

If you get hardware that does not have a hardware-based RNG then you are in trouble. The main security protocols we look into do not work without a source of randomness. Hence, getting the certificate & private key from the server will not get you too far.

I believe we should encourage developers to pick the correct hardware for the task rather than making them believe we have come up with solutions that allow them to get away without a hardware-based RNG.

I also do not believe the statement that random number key generation is costly. Can you give me some number?

The references to [PsQs] [RSAorig] are IMHO also not appropriate because they are conveying a different message (at least that's my understanding from reading them). The message is that you have to be careful with designing and using a random number generator on embedded systems because the sources of entropy may just not be there (like keyboards, harddisk drive, processing scheduling, etc.).

Ciao
Hannes

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace