Re: [core] Allowing non-HMAC based KDF in OSCORE

John Mattsson <john.mattsson@ericsson.com> Tue, 07 April 2020 04:33 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F4BE3A1564 for <core@ietfa.amsl.com>; Mon, 6 Apr 2020 21:33:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.268
X-Spam-Level:
X-Spam-Status: No, score=-2.268 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wQy1OiZyCKWG for <core@ietfa.amsl.com>; Mon, 6 Apr 2020 21:33:15 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-db5eur03on0606.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0a::606]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFF883A1563 for <core@ietf.org>; Mon, 6 Apr 2020 21:33:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RWx2kgY3WGJUzY+YSwtBtJVMibZCqu0qSjODYBzuHCiYNldnp1BnZU/jYGlCj36zpHYt6Y2EPRAJGlJGCQ1xYGoe/er4cM7OJ6H/Imsg+aPPuW6J/Ub6BR8roaTSY13frVkyDSzbYHUMIi6l0fANHUiuGRdu5kGsO14vzke6Fv0/hIFUfgPVEaOy4oaNO357H0x3RNaDcUum1n5SJXFtpDwu1KI6H9x17opPrgF3yi4amXe2qPpxAV3pb/d80sHjXza0+Y+le+H7i8bCVu57dcR9OFir7nixqLs4y3ZIVqfh0j2vL3sPmVJ83k1yoxB7GpwLno/fArR+jGbdB/VBOw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cpEm+n/qOBvo+ggxR34kzcje3ctmf05OIs3dSAGUj3Y=; b=Ob6AD80hfIrYYcNxcXMqer33YEHEHBDXudAFmOT+uSgkJtix/b3VdQcK1wwS185NGeVy/7fiYC2NyjGbAN4VkFQz8rOWtwmV4kka86XsNcDt0o9NP5tu4SMJ395h7bnsk0hFrMTJuX38KjRQ/XT8JtHQOlYfUTiI6dcIbPE40QahQFGRC6GdDMkwqbY7uh0AEE5Qsu/U+qsz0POXd4PZ55ZKGVWzIrmxLYeXg7Z5uW93iJZfqZB/UPpdR2BlsPwpLlzjz2dx4AOK5iDa7fNWQMLwxgmeeHRHfXtzCX9CoqRkAHqKAsLxDgYrNbiQYHModl4vcEE7z4x7xUv7t0Bb6Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cpEm+n/qOBvo+ggxR34kzcje3ctmf05OIs3dSAGUj3Y=; b=XWOxLlkrVWlXviMzcxEPQ1rBE30jDi9B04MlkRJvEnzLV57eaxCTRiCEg1UAj9Rvqgrbb8M6Eqjjlj5fpco9zIlb/AhmSgnZYSkOoxyDPfUGKkdRuttdnRr0y5sVCDvtjLBDimAiXbz9D/gKSrj7kBGIHvWSYBVr2LdDYkpsC7k=
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com (20.177.37.216) by AM6PR07MB3848.eurprd07.prod.outlook.com (52.134.114.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.13; Tue, 7 Apr 2020 04:33:12 +0000
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::928:dc19:896b:4b91]) by AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::928:dc19:896b:4b91%6]) with mapi id 15.20.2900.012; Tue, 7 Apr 2020 04:33:12 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: =?utf-8?B?Q2hyaXN0aWFuIEFtc8O8c3M=?= <christian@amsuess.com>
CC: "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] Allowing non-HMAC based KDF in OSCORE
Thread-Index: AQHWCaeQBKQ/R/PrJ0CpFz210vCuHahsSpsAgADu5oA=
Date: Tue, 7 Apr 2020 04:33:12 +0000
Message-ID: <9F199D88-4F17-4B6D-B91B-73C904464906@ericsson.com>
References: <5CD4BE47-4E21-4E00-8BE7-752917CBAF51@ericsson.com> <20200406161808.GB2688660@hephaistos.amsuess.com>
In-Reply-To: <20200406161808.GB2688660@hephaistos.amsuess.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20030802
authentication-results: spf=none (sender IP is ) smtp.mailfrom=john.mattsson@ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 739dc34b-eea7-4427-da1d-08d7daacc83d
x-ms-traffictypediagnostic: AM6PR07MB3848:
x-microsoft-antispam-prvs: <AM6PR07MB38489B1ACB73A0C6387E278789C30@AM6PR07MB3848.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 036614DD9C
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB4584.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(39860400002)(376002)(136003)(396003)(346002)(366004)(6916009)(5660300002)(66556008)(44832011)(2906002)(4326008)(33656002)(76116006)(66476007)(316002)(64756008)(91956017)(6486002)(2616005)(66446008)(71200400001)(66946007)(478600001)(8936002)(6512007)(81156014)(81166006)(8676002)(86362001)(53546011)(186003)(6506007)(36756003)(26005); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3zELhohQhNePeR2F7HBM0iCm5JeEcGtBqEnRmHpRmonoscMlMJTVpO+siK0yz+xhTxQuB17k+HJG+fgyh5oAKUkWyFszKypT+0KmB6ebzxgZ7CLRR/Py0zV+vHH4mlEJIwxkTA1oLy9Gb6cEGde1WSrAlSMDKivV4YXuhH+czzUJmtJDoBzmBGGiK2bNukiG3VM4KabOC59WPSg2NPXK0RmxkB5wxF318brWEVtnbH24dk80+0uHqPmMf6FWYZgp/nqjdpPsxXqgNTMr4USeULYdm0CO8QoENmI00cYht8WEKgm5VcOytRsfrAK11GFKOh1FgOVAzYDqiSWo/Kd+8S6GJsFcAws5NJ3NBItA2xk/0RfSIMYFBaDgj4ZHALuoWU1V7lxIuzv2Sr3YoFU+x9u4JKxUm8ymoZBAvz6oz7RlLbSefBqlsSulMFzHq2NR
x-ms-exchange-antispam-messagedata: 3zbwlm9hzmuhGwRXw354NC4CS0ubFL0jLA5KqIV1I+6XT8COKIQRYFcjzg+rQNGe1H8vELKMHH6EUL8ZRrBXtgrzMdjWtJWnTTqRsj3jhs0734GIPjNd2n5RsbJnIoVhbss8ysYLWk48bQyr1r9lnw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <CF440BE544EDD04A8EBCB8BBF8483F5D@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 739dc34b-eea7-4427-da1d-08d7daacc83d
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2020 04:33:12.4161 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VaJ7X+T0GHhCLUY4weTnIRbbszntswVairkg/y4lQG6j5+bcngaBzUfHdozC8Rfed7WQNYPO4qBz+u2exVGjIHwmE4LEu63SJ4SMDYN1uzM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB3848
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/6RlkvEDn2b4nLJ3zYtvMWOtJWxA>
Subject: Re: [core] Allowing non-HMAC based KDF in OSCORE
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Apr 2020 04:33:16 -0000

Christian Amsüss wrote:

    > I don't think there is any hurry to change this restriction but I
    > think it should be changed at some point. It makes sense for OSCORE to
    > allow any KDF specified in COSE. I would suggest that Group OSCORE
    > (which updates OSCORE) lifts this limitation also for RFC 8613.
    
    If we go that route (which sounds viable to me), could we have a "There
    are no technical reasons why this could not be extended to (non-group)
    OSCORE; updating that specification in a later document is being
    considered." in there?

[JPM] I was more thinking that Group OSCORE document already now writes that

    This document updates RFC 8613 as follows:
   
    OLD: The HKDF MUST be one of the HMAC-based HKDF [RFC5869] algorithms
   defined for COSE [RFC8152].

   NEW: The KDF MUST be one of the KDF algorithms defined for COSE [RFC8152]


John

-----Original Message-----
From: Christian Amsüss <christian@amsuess.com>
Date: Monday, 6 April 2020 at 18:18
To: John Mattsson <john.mattsson@ericsson.com>
Cc: "core@ietf.org" <core@ietf.org>
Subject: Re: [core] Allowing non-HMAC based KDF in OSCORE

    Hello John,
    
    On Fri, Apr 03, 2020 at 11:03:54AM +0000, John Mattsson wrote:
    > As pointed out by Jim in the COSE virtual interim yesterday, OSCORE
    > restricts the type of KDF to HMAC-based HKDF algorithms. I do not know
    > (or remember) why the restriction is there.
    
    from an implementer point of view, it would be much appreciated if an
    OSCORE library would only need to ask its backend COSE library things it
    can know (eg. whether an algorithm is a KDF algorithm) and not have to
    ship additional knowledge about algorithms.
    
    > I don't think there is any hurry to change this restriction but I
    > think it should be changed at some point. It makes sense for OSCORE to
    > allow any KDF specified in COSE. I would suggest that Group OSCORE
    > (which updates OSCORE) lifts this limitation also for RFC 8613.
    
    If we go that route (which sounds viable to me), could we have a "There
    are no technical reasons why this could not be extended to (non-group)
    OSCORE; updating that specification in a later document is being
    considered." in there?
    
    KR
    c
    
    -- 
    I shouldn't have written all those tank programs.
      -- Kevin Flynn