Re: [Ace] Coordinated effort to produce updated profiles for the use of crypto algorithms in IoT

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Mon, 19 March 2018 11:14 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32E0B12D96B for <ace@ietfa.amsl.com>; Mon, 19 Mar 2018 04:14:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.909
X-Spam-Level:
X-Spam-Status: No, score=-2.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ylcHfiyPakjt for <ace@ietfa.amsl.com>; Mon, 19 Mar 2018 04:14:47 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0057.outbound.protection.outlook.com [104.47.0.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C1F1126FDC for <ace@ietf.org>; Mon, 19 Mar 2018 04:14:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=fF/7s1mOOD7Rhq9Z9+0g4nO+DT+LtXuSDm75tQ1FA0E=; b=EqdLAia5VyYbHJ2YOI7LB82Xw+IG3+PNKNTjfN1zA1ABp5qCpCfjNXpYNfuPbFaAl6Wc4xaPKpWEWrM4XaxMQASKbfpF7QaqbbRdxPwOwhi087udGrMWAVwUtSemuEOxVOxdbQX2mSrfe5ccyam2tbGv721V3ZMZnrwtEffUOSA=
Received: from VI1PR0801MB2112.eurprd08.prod.outlook.com (10.173.75.16) by VI1PR0801MB2079.eurprd08.prod.outlook.com (10.173.75.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.588.14; Mon, 19 Mar 2018 11:14:42 +0000
Received: from VI1PR0801MB2112.eurprd08.prod.outlook.com ([fe80::783f:d09c:fea6:f83d]) by VI1PR0801MB2112.eurprd08.prod.outlook.com ([fe80::783f:d09c:fea6:f83d%17]) with mapi id 15.20.0588.016; Mon, 19 Mar 2018 11:14:42 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: John Mattsson <john.mattsson@ericsson.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: Coordinated effort to produce updated profiles for the use of crypto algorithms in IoT
Thread-Index: AQHTv3MCif9BXYu3HkOEVFgP17NpK6PXZ6pA
Date: Mon, 19 Mar 2018 11:14:42 +0000
Message-ID: <VI1PR0801MB21123C4E562998F9038636F3FAD40@VI1PR0801MB2112.eurprd08.prod.outlook.com>
References: <2271DDAC-77A5-4B82-A4A7-5B48CBEC2321@ericsson.com>
In-Reply-To: <2271DDAC-77A5-4B82-A4A7-5B48CBEC2321@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [31.133.155.188]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR0801MB2079; 6:+JTCxrTV7s2A1qDaEZtTOgEJMiUdZYkWTYlsTLRWGuczhMuJ+pWypC1pH82Lfc/cp+V2quPbtHiGj05dF4Xz9cl4BtbbSI45ILY/SIGDHbBEOr0pMvbXP9XaEO87cARyuk46wi1eguoPH0QFnwVVFGS8Qjl7saEBDI9Jg6NWnXqD2jAfpmtGwM+HipgBxUlYWIHkrWhHq2l7yDSL9MQvDxDCIZhCrq5iYpCLB/zrpscnHPg/wA2npc7aZUiVeSTyUagKCKCf0VnHfv5pcpEyWWc+s76k52TRorCEIa9FlC5gAcAPmKVfd1hnGsxqQ7BzvyP5a35CN/NTi9ADoGJNqrlZtTyVpe5+B7mxzAWkb8u3OU5PQzkg5bP0II2LhdY4; 5:ePueoy0V+m7e95aP9Xi185iP4SOzGBmqI4XFWu9wsVSlp/EBt8+Ibvu+uWHbvvbLtPu0vLLbvX6a2rIczNRPNuVCTYyiPnBo4RDccs90XlftvYaTgIzKBsJLvgig2ZykKHWYioAH+rZC1tgbaEepgnB/8OIaCvJgoQCIjQ7mmIM=; 24:l3OxABzyZVwwIbmIhhTJwXT+DPsAhnI3quI/ITo3h3hvHOuQ9BZzOWznOohshFYW891Uv85mdx2E6dBlHRJM1VjrNAOq2T45O+XfvM5Sczc=; 7:zAcKNdfTdnyyOsFq/KWLW4grIhvHzzPoeLqSUeahqd3uRVqs5Y+v4RkCgRU66YoJlqJvYfS8LZN1spwEZfNd2s+2/7wvrUZcMinjjXheYo0f4aNCPgo9IqzSoMYfiFRD1v/lQZvpLjbPmE79YK8PC/NylEREshDAqgqXR2FNLc7YAiA9NMsm8YdlEXyPhtZQhZMN3Mb0sdzR99fTJ+jUlhiS5YDbsqHIsEHD8lR/Fr8BMcMVOF59IB6PK9XZpQpx
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 6492ea05-2cb4-47ec-e31a-08d58d8a9d51
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:VI1PR0801MB2079;
x-ms-traffictypediagnostic: VI1PR0801MB2079:
x-microsoft-antispam-prvs: <VI1PR0801MB20792954E56CE2FD618056B9FAD40@VI1PR0801MB2079.eurprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(192374486261705)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(3231221)(944501300)(52105095)(3002001)(93006095)(93001095)(6055026)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:VI1PR0801MB2079; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0801MB2079;
x-forefront-prvs: 06167FAD59
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(39380400002)(396003)(39860400002)(346002)(40434004)(189003)(199004)(55016002)(186003)(10710500007)(3280700002)(53936002)(7736002)(2501003)(3660700001)(7696005)(236005)(2906002)(9686003)(54896002)(6306002)(86362001)(14454004)(74316002)(5890100001)(229853002)(606006)(5660300001)(5250100002)(6246003)(2950100002)(25786009)(97736004)(68736007)(66066001)(316002)(106356001)(110136005)(102836004)(478600001)(6116002)(26005)(966005)(81156014)(81166006)(6436002)(7110500001)(59450400001)(2420400007)(8936002)(76176011)(15650500001)(6506007)(105586002)(8676002)(33656002)(3846002)(790700001)(72206003)(99286004)(53546011)(2900100001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0801MB2079; H:VI1PR0801MB2112.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 1U1KiDpZcDnqezGxRLyvX1n7Y4Y0oFyC2Xs2zTpZ7sOfKA0dqJMp+FaqEzjUZEGQLtOumlHE91INSXT8zK0IDslbV601H1jMyjro2sTSCVrPR6xpWfV37S+F1b954hrHFPTNl2HFqgIiT931oW6soTVSVlHxVJv7KjfhpRkhqS9eqcfP/F1/WWzi2DbSpnCNTSsE3tzhQp2A5DJJQPDQkxqyktFEPNKu8VMvBELrS1+ELbLeF38z4orCffhLv7s3HE9NTonzgMCKRdrsn7/kzFL37YkKM/eFmsPm7uFKyz8t/4EzuYXhf3V55T0Q+zxFIfspjP6XHeYS0klsGUurhA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_VI1PR0801MB21123C4E562998F9038636F3FAD40VI1PR0801MB2112_"
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6492ea05-2cb4-47ec-e31a-08d58d8a9d51
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Mar 2018 11:14:42.5779 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB2079
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/hHPwBy1QVfpm6p9kXNMSJ_WG7V4>
Subject: Re: [Ace] Coordinated effort to produce updated profiles for the use of crypto algorithms in IoT
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2018 11:14:50 -0000

Here is a relevant document: https://tools.ietf.org/html/draft-tschofenig-uta-tls13-profile-00


From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of John Mattsson
Sent: 19 March 2018 11:11
To: ace@ietf.org
Subject: [Ace] Coordinated effort to produce updated profiles for the use of crypto algorithms in IoT

I strongly support Carsten’s suggestion to have a coordinated effort to produce updated profiles for the use of crypto algorithms in IoT. I think the work should include at least TLS, DTLS, COSE, and X.509 and take into consideration the hardware acceleration available in (future) devices. Should also look if there is a need to update X.509 profile in RFC 7925, any new IoT profile should be applicable to both TLS and COSE.

How do we get this started in a way that applies to all IETF groups using crypto? I would be happy to help with this work.

Some quick thoughts:

- Curve25519 is already implemented a lot, but needs to be differentiated from Ed25519 which is not implemented as much (yet) and may require CA support for certificate based deployments. Curve25519 and Ed25519 has a strong potential to lower latency, storage, memory, and battery consumptions in IoT devices. There was earlier vendors stating that curves with a cofactor caused problems for older hardware. My understanding is that this has now changed, at least the UICC vendors in 3GPP has stated that curve25519 works on their current hardware.

- ChaCha20-Poly1305 is only standardized with 128-bit tags and therefore not very well suited for IoT. Like GCM, Poly1305 is not very well suited for truncated tags. AES_128_OCB_8 only requires half the amount of AES operations, but AES is not drawing much power compared to transmitting, listening, and receiving radio, so any update from AES_128_CCM_8 might not be worth it. I think 64 bit tags is a good compromised between overhead and security for IoT.

-  PRF. TLS 1.3 used HMAC with SHA-256, RFC8247 specifies PRF_AES128_XCBC for devices not having SHA.

- Hash algorithms, Ed25519 is as far as I known standardized with SHA-512/256. IoT deployments of TLS and DTLS typically use SHA-256.

Cheers,
John
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.