Re: [Cfrg] Including "internal APIs" in CFRG security analysis
"Canetti, Ran" <canetti@bu.edu> Sun, 13 October 2019 17:18 UTC
Return-Path: <canetti@bu.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A128B12003E for <cfrg@ietfa.amsl.com>; Sun, 13 Oct 2019 10:18:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bushare.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vJDaSMak3w7j for <cfrg@ietfa.amsl.com>; Sun, 13 Oct 2019 10:18:33 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-eopbgr780100.outbound.protection.outlook.com [40.107.78.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FE58120024 for <cfrg@irtf.org>; Sun, 13 Oct 2019 10:18:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ccEQDjouLtGPy+4BSwxHTn9mBH1Ao1HHvWIfUpqW2qpbx2HU/vNzDBLbWW/HvUK730TZP+4MqoewZa7c+bEuhwifN0ceUNof/pJYRhnqs2KJGVQJ8BNPKrlPYQPdP1KcIR4fxixAlZz0uaHpx4O86GvssNorrp/8jvTil/kd3Tx2+M/unzQ6vSoXmEtRq/rZCujJgJW2XzT0RuT06tBGlSl+3LNARTw8pjQ7fop3BGB87gxkY9xuP8Jn4ANXDzdtcCyQka2KU35ozsyNB2RjIDqlI3JGR5dVxhI7rE4RvCc1gBZOsX/Z/wTKAn7Z+j2/peIwQA6c4n8WE61jLOts6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PzQ8hdLzfV0YUVs4toPGjE1Xy5xfzNYt59Xa+mVUgrk=; b=csXxW+iLPCn5JGvoxubmSWY5giz9ATcowyxEf7eSgi5rX1uMJdFH6Rs+jtSM/MP/iI+8sX2ELbTSdjp2Mds+lmxYeadffhDNsFjo+w/RIxcbJGNJbBFbK1wcVfLIWxfqrOS8+b85FAM07u7VS3MVaEvZNUxpdD+djeu2stvCh27nq+Gj22QBa1wXRUAt2lHYkvCNfDCjPaaxl+LXPzGBhL4r7xfff+VRTS2oIlSxhPnOPjeAwOaCHZm5fEaWnyq+fxnxIgUZ2IaYzkHDwNHv5+oVfEu/9uyuJKYiMsbMmIt+zaOWSBuYz6avyLIvF25UN6fuFt6N22rHScAyKBT/1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bu.edu; dmarc=pass action=none header.from=bu.edu; dkim=pass header.d=bu.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bushare.onmicrosoft.com; s=selector2-bushare-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PzQ8hdLzfV0YUVs4toPGjE1Xy5xfzNYt59Xa+mVUgrk=; b=ZMtsdu/HWpAwbQTcpH7oeLBgcvgY6Bnt9ZAklaUhycS53VWXwZYTXsqzwfTH9YU14gLodU8S2FlWLAf4NmFo0tVWLvWwhsRWVZy7+drx/mr0DANqwcck+200TqTQxKm7U/d1PbbVUmuh9RUKltAL7nEqIPQO/Ji4TgehDofNPBk=
Received: from BYAPR03MB4677.namprd03.prod.outlook.com (20.179.91.94) by BYAPR03MB4534.namprd03.prod.outlook.com (20.178.49.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.17; Sun, 13 Oct 2019 17:18:32 +0000
Received: from BYAPR03MB4677.namprd03.prod.outlook.com ([fe80::9c53:2d80:7f5b:abba]) by BYAPR03MB4677.namprd03.prod.outlook.com ([fe80::9c53:2d80:7f5b:abba%4]) with mapi id 15.20.2347.021; Sun, 13 Oct 2019 17:18:32 +0000
From: "Canetti, Ran" <canetti@bu.edu>
To: Carsten Bormann <cabo@tzi.org>, "Canetti, Ran" <canetti@bu.edu>
CC: cfrg <cfrg@irtf.org>
Thread-Topic: [Cfrg] Including "internal APIs" in CFRG security analysis
Thread-Index: AQHVgYpWPNdwusWfEE6z+Hatosv6Fg==
Date: Sun, 13 Oct 2019 17:18:31 +0000
Message-ID: <b71e7e79-82d7-af4f-a7c9-ff9ec0a51269@bu.edu>
References: <e9043999-6015-d010-b023-4cb784d4d7b9@bu.edu> <52084CD0-845A-41C0-B0ED-355A059A6037@tzi.org>
In-Reply-To: <52084CD0-845A-41C0-B0ED-355A059A6037@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: BL0PR02CA0009.namprd02.prod.outlook.com (2603:10b6:207:3c::22) To BYAPR03MB4677.namprd03.prod.outlook.com (2603:10b6:a03:12f::30)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=canetti@bu.edu;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [209.6.148.68]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 39ef46a4-f2bd-409b-9767-08d750015ee3
x-ms-traffictypediagnostic: BYAPR03MB4534:
x-ld-processed: d57d32cc-c121-488f-b07b-dfe705680c71,ExtFwd
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BYAPR03MB4534A7D56EEBF908207C773DD7910@BYAPR03MB4534.namprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3968;
x-forefront-prvs: 01894AD3B8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(346002)(136003)(396003)(366004)(376002)(39860400002)(189003)(199004)(15650500001)(14454004)(75432002)(2171002)(6246003)(4326008)(478600001)(66066001)(99286004)(76176011)(52116002)(31686004)(386003)(25786009)(81156014)(36756003)(8676002)(81166006)(14444005)(6506007)(53546011)(71190400001)(71200400001)(256004)(66946007)(66556008)(64756008)(66446008)(66476007)(8936002)(486006)(7736002)(186003)(26005)(102836004)(2906002)(2616005)(11346002)(476003)(88552002)(5660300002)(446003)(31696002)(86362001)(6486002)(6436002)(3846002)(6116002)(316002)(110136005)(229853002)(786003)(54896002)(236005)(6512007)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR03MB4534; H:BYAPR03MB4677.namprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bu.edu does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: u8wb5DxQXTkILEqqgER6J3FydhBSroCIov1Hd84RqaYtBdUYExu7htwlTMTpfVKYu3z9AezrXxHKUToYP3L1vsrBXkxLQy/HM9TAOZj9K0y5fphT2jEJekIdAFltBt79CT1ZBUMPi9WB+agTHNhXfEPNoc0Q9J67TA0A1pNGJhVj1qK2lUPhQBG6j05I+EXZ2XOibpEgEO4iACEt4rv7kYjN0NYyFtT2hKwnY5xwxMyc8GY3gVd0oRMFo0DZhab4I1brOc3Isjiju78slTE4ury8kUPIunot1aNrDVyRiFWXJ0SXPlKDOuXzyaTlNr0zN9sc5C8CEHb8MDzAUlTQ2Ej4aKVdYEHOLuskOTAxTijdnqFFckAWG233ctum2C7URxH9RwSU5NtIAL/ke/HrCViUqRUZD9vwOPvIwZtWkgk=
Content-Type: multipart/alternative; boundary="_000_b71e7e7982d7af4fa7c9ff9ec0a51269buedu_"
MIME-Version: 1.0
X-OriginatorOrg: bu.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 39ef46a4-f2bd-409b-9767-08d750015ee3
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2019 17:18:31.8484 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d57d32cc-c121-488f-b07b-dfe705680c71
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 1Xu3IG/KvpbA4hS4Cs3i9BSlHYc1CkE497SBKfhIdzMrODlLmfxCpM3KTev1tg0T
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR03MB4534
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/cyTCxdNni7dW_ggLvWKD90VcwtI>
Subject: Re: [Cfrg] Including "internal APIs" in CFRG security analysis
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Oct 2019 17:18:37 -0000
Thanks Carsten for raising this point. Indeed API is a confusing and overloaded term. As you say, the concern is not the precise syntax but rather the flow of information, within each participant in the protocol, between the analyzed component and the rest of the local system. Still, in order to provide concrete and meaningful bounds on this information flow one must formulate some minimal syntax. This is especially important given that we would like to consider the case where some of the components that our analyzed component is interacting with are faulty or even malicious. And indeed, pinpointing such minimal syntax that allows for meaninful security analysis and is still not overly restrictive or cumbersome is an important part of the security analysis. (Can think of the UC SIDs as an attempt at such a syntax point.) Not sure what a good term might be here. "security API" could have been good except that it's used already for something somewhat different. Perhaps "Semantic Interface"? Best, Ran On 10/13/2019 2:52 AM, Carsten Bormann wrote: Hi Ran, On Oct 13, 2019, at 07:52, Canetti, Ran <canetti@bu.edu><mailto:canetti@bu.edu> wrote: the IETF traditionally shies away from standardizing APIs that are “internal to endpoints”. I agree that this is a long-standing tradition of the IETF. I also see that it is often misunderstood in the way that you describe. An API is about mapping an interface to the specifics and idiosyncrasies of a programming language (platform, …). The IETF is indeed shying away from standardizing those aspects for good reasons. However, what you are (rightly) concerned about is not that aspect of the API, but the information flows themselves. Executing a protocol between two peer entities is *meaningless* without those “local” information flows. These have to be specified, or the execution of the protocol remains ambiguous. In the IETF, we usually do not supply information about these information flows explicitly, but leave the reader with the task to piece them together from the protocol description. We make sure that we use wording for describing the protocol messages that lead the reader on the desired path, but we often fail to obtain the necessary precision (in particular, it is hard to verify consensus on implicitly conveyed information). Sometimes we make feeble attempts to talk about those information flows. E.g., Section 6.2.1 of RFC 5246 (I did not find the equivalent text in RFC 8446) says: Client message boundaries are not preserved in the record layer (i.e., multiple client messages of the same ContentType MAY be coalesced into a single TLSPlaintext record, or a single message MAY be fragmented across several records). It does not say that the receiving end also does not hand through the record layer boundaries to the application; you are supposed to infer this from the above. While standardizing a protocol on top of TLS, I met at least one accomplished expert with several RFCs in the area of TLS that didn’t understand the implications of that. If CFRG can be a spearhead for properly dealing with the information flows going into and emanating from protocol execution, I would be delighted. Grüße, Carsten
- [Cfrg] Including "internal APIs" in CFRG security… Canetti, Ran
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Carsten Bormann
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Hannes Tschofenig
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Hannes Tschofenig
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Canetti, Ran
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Carsten Bormann
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Ira McDonald
- Re: [Cfrg] Including "internal APIs" in CFRG secu… Colin Perkins