IETF Logo Mail Archive

Re: [CFRG] [EXTERNAL] pq firmware signing question

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 17 March 2024 22:00 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97F3DC14F603 for <cfrg@ietfa.amsl.com>; Sun, 17 Mar 2024 15:00:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.008
X-Spam-Level:
X-Spam-Status: No, score=-7.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cSTRBXga_PhM for <cfrg@ietfa.amsl.com>; Sun, 17 Mar 2024 15:00:42 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04on071a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0c::71a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DD0EC14F5F4 for <Cfrg@irtf.org>; Sun, 17 Mar 2024 15:00:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zu2BRjNfUrswL8gpjucRzwqoCsj2OfcyoIHgfm5ZaAplAJaw/vO7B9xOIAaX3i3nVevZOy+jBbEq2YynMTPVgOCeI0JGjMqW20LabEOW/Nm+Tv9LE6Emp7X+P7Hs+C4CwlWo+MGvW37OqcLjcnLCQ/+IZmpt/k8RXyoWus+bLLie1EnVCOdLpgW7BbYMLWlr57rUWnDThxvhtkXTQcdsfWh7wZ3gsYrLbHKRc2+AL1VD6khKFJt2Ke0BxmBtl+B+UK2Dp3Pvj6wAAtIH4ZmdLVIkYxy7FYMJLmi+7/+FHVBNIWl3g3KMb6mowQCBpIzBDTv4lJZGcEaxvuNjG5AZ4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2wIQkJkopGXab9INaJi4KIkNJhpHB55EXTN7FlzP+y0=; b=P+OjxBQZeOuhdiR94c8UoH6EdhBjjETzJg4dOQbjmtTspOsQLfNsECRNY+I3oHOOW9DTo9LdtHX2D5qPOahZ/fFQxCUQjVf735DQESfoOewTBzJDlb+2h6dEYfyCwHNyBJ2k+MK+IKMCxfiQLD/ogHjSuc03QmX2vxmlY41S/79Mlozoeq6iEppzP98rTQcH2qXBOa2tAW64s8Y72FoIFOBXqSyRViJKQmq2IuRg6H7mo25rvjjNYuEImrUyyCrGOBChvfCOWa539ueDXFpIUBJkWxgDFrUKbru2z0iUqibGBzV23IhWMB5/USzP4pNGECRuCyznYHvEnk/eENP96Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2wIQkJkopGXab9INaJi4KIkNJhpHB55EXTN7FlzP+y0=; b=WBSUDsKiq7dP3MXgeM8S2SD9/b8OyqWXR7+xJ36REiUvl9ZTDhmdqaU773erx7iuw71B2nkKuT6BQK6n9SVqARX7wwLbX4UJV38u4grtphEjK2j2rooJ75UZxh6uX4nGwO83KYmSKf736H32xtUpfjfPbmYWhNgFxuqe4gi8mE3Za+wVqOfW+rYtkWGiaI24CoUIaBNfiFkb0C5+BSn83eXptb/21o+kBAIo8+c6J8eyR9dsieyBDw8uVXL2qdt5qZ0z00jMVLKcLW30itHcNc15Po8nfpjvSzYIbbc2GJOm/yd9y1zVhh8Is45vb5z9i2hHheWhcH1vPzuBf4asTA==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by PR3PR02MB6236.eurprd02.prod.outlook.com (2603:10a6:102:73::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.26; Sun, 17 Mar 2024 22:00:38 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9%7]) with mapi id 15.20.7386.025; Sun, 17 Mar 2024 22:00:38 +0000
Message-ID: <5e573fc4-3d45-4757-9c3d-efda3c273ed1@cs.tcd.ie>
Date: Sun, 17 Mar 2024 22:00:29 +0000
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>, Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, "cfrg@irtf.org" <Cfrg@irtf.org>
References: <73126498-47c2-4f8a-9425-18a3d9cce22c@cs.tcd.ie> <CH0PR11MB5739FD074FF5337C8E4E3DFB9F2E2@CH0PR11MB5739.namprd11.prod.outlook.com> <CH0PR11MB5444D732D1619268DB3353B8C12E2@CH0PR11MB5444.namprd11.prod.outlook.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <CH0PR11MB5444D732D1619268DB3353B8C12E2@CH0PR11MB5444.namprd11.prod.outlook.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------gafeTKCr970X0prR9WACBfHa"
X-ClientProxiedBy: SY5PR01CA0021.ausprd01.prod.outlook.com (2603:10c6:10:1f9::11) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|PR3PR02MB6236:EE_
X-MS-Office365-Filtering-Correlation-Id: b1186018-a0de-40e1-caf0-08dc46cdadc7
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: +ngokWSm0ZOp6jkHuCxrJ5rJyTCeMK6HdMUwppG9WFOxh15aZWk3e2UR4QBe5m7KTolw81yitZq7HlLZwu7HE3Jh+YF4mZJ9y8HPBA/EWZTl7EIxXTEjPDxfgR4lJVJX8gExHalzZKnwdYD0WPtM0SDuAxcieswqTIPixwpnbiI0wywxLx05fzJfTok46bgRBPqc0whd8KYCeh1olmdx6bXGhDAOkryMUZcd5XATu3fZI08XEcr+G8tNQO8UcZylAZ7IqZ2NJ0PqfbrrjnJjjX3Kq7a+C5xpPk/uCGEA/1n5nD7Nf9rN6mZj02ceFJQcRAEV+Ov7SWeVPNlR8atAu4RqrqCuzm/uXusJ++dta1H4R29Yx0SAfSBEwIKXJFacEgfZEHk+bRLbR7DJnUtFDsHL9xy6Tw1QjpTu3GtIdV4rixiuaCQTUSstHNqTgrhssFPZ1U7zQMmUShZHiKqAdRY7AxUGcAENvshYwRxcxFBm8M9Qr5XZk0WduqyL4W3WezKKJ3ur6ojHfTnKQohtfBk0YXFKf8LFVyVUv3FkNfJqe5zzciotCavemNooggLcVlfPaSXopBLiOuQs/5hl3jXEPxZLf3H1CwAv3hfoY+e/wA9MVnmfax3Z2qCbH4s+jRJLh1mhk4jNFZ0XZOBRFNCwaUiAyPDU2rlJymSXk0Y=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376005)(1800799015)(366007); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: R87UR46p05m8L1o+1eGUwWFZxfr5nkqmSUmhrVDaKIsRS1ZTgBO5avWsYNsn3LEoVgt4lKjx0Wxmuq5mj2tpsBV2abQqhhMpufkJHNmI+lHSExhZlOLPluzxlR0k4Ayzzf60bKJKnn9Mgowgn1UhZezeVEDdcf/3dUpUEAisfdaijcWNWiF/Q3kgdStCq8Rr9BXV3cay5NnHhFdo8kTxU5l7JvrH8ibTKT5eM5+78J3UhO5/p7uUsX5RvtlI08zVvzJJMWtEGjSJ4zirnHkUjJlVq5RdijgPLyMlvRx4ZM8xvwCphQof5SxGle3NKPnAoWsu5M0o5eI6/116lOaUGY1zvdzXj1D0F6KoGdVGoB/dPLUdqUl8mL1BaqoHqg7wqSV0yetkZVrVuSkXz24LiwqYfHuiaLiCuR1heXLlR4Y9zuZw7DNYsElgjAlHzwMgaY7p4UrmrPpK4J3Y4rV4hvKkm+xNCAfrNf/ZQNB/FNShCsQjvnnyLB13fkCxhVmZvXMzJA55+vkr5R2b0zriRHlpD+w0BydhJvCKlHMuO//TP850u09U7ckUMiUkaIEeuhOJBRvY3JErI5oVpKwZ6h9/owaWg74+BxSjW767Xl+iFj4nRf5Ff6dgnE28tyBWc1FjF0r5YP4Wr4SIOls5H97jpuThRy9pMOlLkGOaaNR7++o64BI9HmsFb1I+nhpxF4jzgDenQegV77niXJxcbiQq6uB4xDHy5jYASGBO2GLtIQYuf/nZTj+tFsDFHQe+8FE+Ndts3TzD1RIXlDU0T7WmcNVvePJX3UZSgOcMU1YM/oFUtNFq4m2ZI5nKN+nqxrXDL34Qm7MLn0L8bc+MBOxkxitXgsH90NdcfDxafRKk/hJuFyRZXpbugO7HZ2AQ42k8nF/+Inbbr1cJjNmoGzr3M7g60cz8+1gBzdSsn5LaaGewLrMO4remqX88gq13EuhMgypy8otm3qI8S6Fr/rcn2miNmgHX39jGQ7Yj8iLVWuC7/OQ6kTHyWeofMkAW9xrpB22ACtCdMIV39rRLy/nb7H316l7PYNBPauj7zAUv5oo+xKKUTRrheBOsjc1bVd7xTzjXWZEJs3dBUUV+F9DXiYtlRiBoUiy4qXDv7I0im/zJrOsFx5YeX7YIz5dTrejGwu9IOVkS2RrMtLTzsVyuEokX3BtJgNY0Jr4cwbMJLfueA+7j1t8E67y4gcTBEDssxUdbV2PMQF57mUoApyh7JJgbj0Df6jg8pMhuLgw56tMaAP91hFXVI8jiMHtU0QQTNPIOM/jFdQ0xiV6wE+h0n5PYeM1CkjQshsa4soRptKGH0yG8eoqGLuRXm6CzaGcBRsGJneozE33u3gPu5uViYoS51HSQHxTLJmyRgpJWNK65VTujtEUhqxDwDjNQ1Ir5WOhUhuEeDP8ZSJ4oGPSVQx3GVEGXE/EQkhZN3e9GsZTpdVfrh7CrVc8q4oAalDRnqzWUYrjGFcVs69Fbk8LXmtp/BVLCfF22oviirXIfHEwP19eTguMviXKrGKuM037cSSwXbd3Atz0tUqWlY1wHKsAKJMOe6fYMZ0xPZmxw6AyOzkTzmI3R0N407PM3WW87y1bG3+lDVT1OpuSh/ZOURK2PkA/PDT8IOCsU/aqBVIZGhK2F6zS3tMkvC03X
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: b1186018-a0de-40e1-caf0-08dc46cdadc7
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Mar 2024 22:00:38.3855 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: lsI3C0cGJ9qGUR5XBCHjG1//XAa/oRby22GC9zBn9KwLhJrC6l1KJ1QVLijmcLDq
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR02MB6236
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/xWjPTlSpOceB0ewjson8SCfp8Wk>
Subject: Re: [CFRG] [EXTERNAL] pq firmware signing question
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Mar 2024 22:00:46 -0000


On 17/03/2024 21:55, Scott Fluhrer (sfluhrer) wrote:
> I do work for a hardware manufacturer; I can confirm that this is what we do.

Thanks. Can you provide (ptrs to) more details? Other that for a very
tiny range of devices, I don't get why the upgraded device can't change
the range of sig algs usable. I'm also surprised that (I guess) the
root of trust for the signing key also can't be changed ever.

What I'm trying to understand is how prevalent such devices might be,
and therefore how much to weigh their specific requirements against
what's needed for almost all devices that don't have those specific
requirements.

Ta,
S.


> 
> From: CFRG <cfrg-bounces@irtf.org> On Behalf Of Mike Ounsworth
> Sent: Sunday, March 17, 2024 5:46 PM
> To: Stephen Farrell <stephen.farrell@cs.tcd.ie>; cfrg@irtf.org
> Subject: Re: [CFRG] [EXTERNAL] pq firmware signing question
> 
> Stephen.
> 
> Short answer: firmware verification keys burned into ROM or some other immutable trust store which is itself outside the memory space of the firmware that you can update.
> 
> I am not myself a hardware manufacturer, but I have been lead to believe that this is common practice.
> 
> - Mike Ounsworth
> ________________________________
> From: CFRG <cfrg-bounces@irtf.org<mailto:cfrg-bounces@irtf.org>> on behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>
> Sent: Monday, March 18, 2024 7:41:33 AM
> To: cfrg@irtf.org<mailto:cfrg@irtf.org> <Cfrg@irtf.org<mailto:Cfrg@irtf.org>>
> Subject: [EXTERNAL] [CFRG] pq firmware signing question
> 
> 
> Hiya,
> 
> A number of people have asserted that firmware signing implies
> distributing a public value now, (or soon) on which they may
> still have to rely after a CRQC might exist. The implication being
> that we should start to do this kind of thing now, based on some
> composite sig-alg, verification of which is assumed to be implemented
> below the crypto APIs used by relevant applications.
> 
> I'd like to try tease bits of that apart to better understand
> what's required.
> 
> ISTM that firmware signing entirely does allow one to update the
> signature keys/algs needed for the next signed firmware update and that
> there is no need, given ongoing updates, to continue to depend on
> the original key/alg for the public value with which a device was
> shipped. IOW, update N can update anything, including the sig
> alg required for update N+1.
> 
> I don't understand what class of device might be able to load new
> firmware but not change the verification alg for sigs on subsequent
> updates. If there are such devices, can someone describe 'em?
> 
> There does seem to be an exception - a factory-reset of a device
> would imply returning to depending on the original public value
> and alg. However, a factory reset also seems to imply that a human
> can "touch"/control a specific device at a specific point in time
> so is not an unattended upgrade. And if someone can touch the
> device, then in many cases it'd be cheaper to replace the whole
> thing than do a factory reset in the field.
> 
> And then there's the issue of the specific signing key - it's hard
> to imagine a system where that can be changed but the verification
> alg cannot. Are there such systems?
> 
> All in all, it seems like a lot of firmware signing deployments
> should be able to allow for the evolution of verification algs, and
> the set of devices where we now (or soon) need to embed a forever-fixed
> alg and key for sig verification has to be very small.
> 
> What am I getting wrong there?
> 
> Ta,
> S.
> Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
>

v2.23.0 | Report a Bug | By Email