Re: [Ace] Group Communication Security Disagreements

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 25 July 2016 15:47 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2FEF12D907 for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 08:47:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.888
X-Spam-Level:
X-Spam-Status: No, score=-3.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rlsZnkIid5Lr for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 08:47:23 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EEE512D901 for <ace@ietf.org>; Mon, 25 Jul 2016 08:47:22 -0700 (PDT)
Received: from [192.168.10.131] ([195.149.223.151]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0MCcOw-1bZvZg1QaA-009TAB; Mon, 25 Jul 2016 17:47:14 +0200
To: Eliot Lear <lear@cisco.com>, Michael StJohns <mstjohns@comcast.net>, ace@ietf.org
References: <57909032.10809@gmx.net> <6d259c5b-28e3-c748-4590-0c9f942fe343@comcast.net> <378a0359-6b31-a30c-af28-8ea567b06b00@cisco.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <57963480.2000809@gmx.net>
Date: Mon, 25 Jul 2016 17:47:12 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <378a0359-6b31-a30c-af28-8ea567b06b00@cisco.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="OUr6fOdEmi7Qs51tT9KOUghEaK1aESi7i"
X-Provags-ID: V03:K0:wiK2awb+6qpfxw4EonmvBfcLUG7VKq1vRI5BueONquwqJ5Ig9q3 zpBfqJEFwfcU5p677XbT5e00J9ODMivCNW5PuUhcEc2yfT5cxrCb6/d//TgPj8SjXjoPIMa 8Gy5ZvNaZQDeUE69HoaeJI+DtAdtYB08a/ZqSTuQ4UTyvuIKJMBwytKt63h6gN6cl8+nrAQ 8vskon+IVGHG3Ck0mVLMA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:2bwDkOB3oDs=:lG4MhHrS88PZ2vy9DaYwlA YQok38BGXbMg0GoFTPnoUbkzlnUX6DS1sFuPoWSnXDwixvsCnQxxQpC/s06w0kj3hL6N+rSwi H1cC247IN7uMewqkE57Xnv2qs0mvzHctdDor1x+m2v7QcqkAXXz7R0GcZWqGc8fzY5p4i7DZI DcLuSM8lBNidwg3t33UsT2PVbzLKYXEfjsu11qdD4ErYT0TF8e/vKB+8DVYdlZStZ9/Ny+abi 8qVknMVA6Z4TQ5QPcM7Bwd5f9vk5QVr7eoPlVNdJYadDijaVRol/FvfoU/yBYZmV7yg/w9cz3 BBOgtqG7cIcg2YxSNIzdaJcvAVvEeJlo/tc5RBQQ57oXmYVlRSdRwsLYbd3SzeOh9GnPfVBY6 HwE9JFHm1Rzbo6Ddl02NFO8AdjKc2v8lPzdQb3peZZsuOS+oBLJE7p4llXY3AIn7EQyKgc93M 7EuDnck6OtR7V7jPkzLe+BpykR6mUJih4HC0TYifZlEJNmEbmaRvzZ5HhGxj9ihIixGHQkDRL BmYxx0udixGW4XuBbxUuFaGBCxUV19qjmkFSgc4nvK2gDiwhsxrU5dB1ZbpncRsnQOF7WGSBh FcCXRxcq4J1i7R+pjOmXWeQ7ctqsRIK48tsJ2Ri5MQC9ORj3r5UW0QlNNQHXJeGpnO766x7pf 4dK9mBLrwBstUFd/J15OpBwoloBh+g/YiWByPgNzjbHK9FJadjdec4FuYhSmD5pC1roNjmeoy j722ljyhHZSOTWq/mzvPj4cWdnzWUhCLSYvP6c+WGHN5KHpUQR0QuV7TWso=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/_3VEv4VfhTn5FGG-9mS3U5S1KPo>
Subject: Re: [Ace] Group Communication Security Disagreements
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2016 15:47:25 -0000

Hi Eliot,

a quick response.

On 07/25/2016 05:12 PM, Eliot Lear wrote:
> 
> 
> On 7/21/16 3:48 PM, Michael StJohns wrote:
>> Without unique source identification (and for that matter role
>> identification either inband or implicit) any compromised device
>> results in your attacker being able to act as a controller for the
>> group.  Again, not a large problem (but a problem nonetheless) for a
>> small group of lights inside an office behind locked doors. But a very
>> large problem for a system that's possibly controlling 100 or 1000
>> lights in a group.
> 
> +1, and I'm not even sure if it's not a problem for a small group of
> lights behind locked doors if wireless is involved.

In order for the attack to work a luminary and a door lock need to be in
the same group and share the same group key.

For me the question is (from an authorization point of view) why the
door lock as well as a luminary belong to the same group. Would a door
lock participate in a group communication interaction altogether?

> 
>>
>> As I said at the microphone, if I thought you could just do this as
>> the "ACE protocol for group control of lights" and keep people from
>> using it for other things I'd be a lot less concerned (but still
>> there's the whole threat of turning off all the lights in a building
>> all at once).  But the reality is this protocol will be used for
>> control of things beyond lights and it would be irresponsible to
>> standardize a protocol with a real possibility for direct real-world
>> negative impacts on safety and health.
>>
> 
> Yes, but I would go further and say that network owners ask two questions:
> 
>  1. What is this Thing?
>  2. And what access does it require/not want?
> 
> Absent device identity they cannot answer the 2nd question.  This is as
> important for lighting as for any other application, because it is how a
> network will distinguish what those applications are.
> 

In ACE we don't care what the network does. This is outside the scope of
the charter, intentionally. The identifier for the device is what the
device uses to authenticate itself to the authorization server in our
setup. We don't call this "device identity" though.

The authorization server is, as the name indicates, about storing
authorization decisions typically provided by some human. This human
could be a user in a home network or could as well an administrator in
an enterprise network. We don't care that much. Call it policy.

> 
>>
>> The way to solve this for a general involves public key cryptography -
>> that's just how the security and physics and math work out.
>>
> 
> Yes.  And as I believe has also been discussed, use of PSK seems to
> cause us to muddle the authentication and authorization aspects of
> OAUTH, for instance.

I am not sure this is a fair summary of the work in OAuth. OAuth 2.0 as
used today on the Web and in smart phone applications with bearer tokens
makes heavy use of public key cryptography. It just has to work in a
fragile environment -- the Web.


Ciao
Hannes


> 
> Eliot
> 
> 
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
>