Re: [core] Allowing non-HMAC based KDF in OSCORE

John Mattsson <john.mattsson@ericsson.com> Tue, 07 April 2020 04:29 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7BF43A1570 for <core@ietfa.amsl.com>; Mon, 6 Apr 2020 21:29:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.268
X-Spam-Level:
X-Spam-Status: No, score=-2.268 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0bsu3NRSgKw for <core@ietfa.amsl.com>; Mon, 6 Apr 2020 21:29:23 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70051.outbound.protection.outlook.com [40.107.7.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12B0E3A1550 for <core@ietf.org>; Mon, 6 Apr 2020 21:29:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JVBan+a8hww3tntNnv8dx23Z8JwV3btvCsdYnA+NJe8cg8LY8FVdeY3rved8tDNQ4ePYDiNx5AgF2B1IgUOwCW2wnWYOpaFLmZNQE1D1HO/USpOe9wzWmPLjB3KMdk7hCrTXx9gnEaUHoedC7YekgOB5dcdrHxyyKMXPBIj5CC8WFq2XeUXvT2km1RtJP+KDG9WRLSHm3SKiNEOIxRRh0rebTvVPEE6WO61zT2P+gqp171YSKH5Nz1ae03XC8zPVHF54qQEDxJ3AcJU/oqsCiCTt0FT0T7P4V8/B0UQosiuxqP+Rdab596fkFs+RO5CAq5ZVpD5bl6HLRkt5NEwBoQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZfpFM2Z40l1y1u0vMCOrR+gzANiy6ZWnl7ESyT5u4fo=; b=ady5x2rt3F0pZL3cuMEcPfmqmOd3Wirez/ozz/JEvOkOjUdukMOgs3pUcAHKrh7u033H3jtbhBq0IFSIchLBoH+7krvGhzFImDxP6z+g1dwyxFGhbHmYKkSuX3qyxbJKuJ/HgKQbGQOMdGdBqRah2cxRz1h4/h4eWWc7vdDb8WCd+1+BiI7GURep8KHiS1XQRHXvL5qh3riePzwY9qA+I7i1HWl5KJAOPxKvAW3iyLpvKg9xxB/lNMsNZskfBhc20RQ8AQm/juWMsPoHgRptJx5zmbJTSvrkO0Bom7xOUarIXOPslTorfNWg9OXLLwRnHPryTIPmOjN7XRwIvfWf/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZfpFM2Z40l1y1u0vMCOrR+gzANiy6ZWnl7ESyT5u4fo=; b=mv9nvpWe3G286o2OQ8lOWqEnINDY4HaSYX2eYx29a6kI90IZ2GX33kVospn+tToPLUHvKn+a4XLilc1Ld8bB3psL2bfkBpJoS9vbE6gkhCjhT5OHh4AyZO/iYRPCa84JfFrSEGGsnejylSBiV3oE0iMrK208X6qW0JP4bD/cfqo=
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com (20.177.37.216) by AM6PR07MB3848.eurprd07.prod.outlook.com (52.134.114.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.13; Tue, 7 Apr 2020 04:29:20 +0000
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::928:dc19:896b:4b91]) by AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::928:dc19:896b:4b91%6]) with mapi id 15.20.2900.012; Tue, 7 Apr 2020 04:29:20 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Jim Schaad <ietf@augustcellars.com>, "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] Allowing non-HMAC based KDF in OSCORE
Thread-Index: AQHWCaeQBKQ/R/PrJ0CpFz210vCuHahs/KMAgAA7yoA=
Date: Tue, 7 Apr 2020 04:29:19 +0000
Message-ID: <13AC1C7F-0D0A-479D-B8BD-EF95333C6CD6@ericsson.com>
References: <5CD4BE47-4E21-4E00-8BE7-752917CBAF51@ericsson.com> <043c01d60c87$fb334d90$f199e8b0$@augustcellars.com>
In-Reply-To: <043c01d60c87$fb334d90$f199e8b0$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20030802
authentication-results: spf=none (sender IP is ) smtp.mailfrom=john.mattsson@ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: db9e46b4-e852-49a9-1a88-08d7daac3dbd
x-ms-traffictypediagnostic: AM6PR07MB3848:
x-microsoft-antispam-prvs: <AM6PR07MB38481CDFDDEF6D856BDE123089C30@AM6PR07MB3848.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 036614DD9C
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB4584.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(39860400002)(376002)(136003)(396003)(346002)(366004)(5660300002)(66556008)(44832011)(2906002)(33656002)(110136005)(76116006)(66476007)(316002)(64756008)(91956017)(6486002)(2616005)(66446008)(71200400001)(66946007)(478600001)(8936002)(6512007)(81156014)(81166006)(8676002)(86362001)(4744005)(186003)(6506007)(36756003)(26005); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0L5OuT+dbyANzNPeljPQNVWXQ0jRVack2RlOdPDfH38sSTMUU6rKWHd8CyGCeGbKWM0/6NnU53K5deKFUWWFyYM4Bm2fZdw87bIuF/k5mUA+AvwxUznPzOwFfLIWaPEffqrJF8KLbPSxfUJVqp5LfDFXp95wDhF2VxJrq+t8PgV2QgX8FVDDB6iWkwIfEfS6mrAiZkR2u4pT1aHg0CgPbBjMCF/eJU/moiYGmmnmj++Wb0OZzxj4B4UMJXx+398UtNRDdPFZ3TU6RPAg+O7oyhQJeDUhfQaVAqH+poYu19raavcf6tfQADx+Qb5+UU7q42GpzDKU/nHHfwQbxMKLbNYmVVhKKi9a8W/juej/wkcKIQVXJTtUeoQ0nGrGqK6ESqwPUjbYI37teYIdsP5++tbDhyOqhu20BRmLcHJ1CMFREDpHaUrSmVMhvWPxEGCP
x-ms-exchange-antispam-messagedata: xjUIu+NwGrOWrRFLGusZbGAJY603LwnzalH9qh91g8nD2CwQMA2IqQil+UnoUnt3Pd4koGy7JUS/SuVWGqtceb5narI9IgwecqTVhA9kq2LGI7mjaoZlPMZTKal25w5eT93DhVTtP7GJRwGbQTbEMw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <7DB374ED84ECC047A5145104BA190B0E@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: db9e46b4-e852-49a9-1a88-08d7daac3dbd
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2020 04:29:20.0088 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: W25VgveMejvMWB9L+49uY2nS58r4XcCVSkONifxdTK0D7O5J6zlZyuCLgMAIT1leutR3u5/L2YN/Xg/nbhyzC7JX7JHexH8IarWQgeEVGcM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB3848
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/iSqPsAmKkOhs-dwrn0UzfIvnnh4>
Subject: Re: [core] Allowing non-HMAC based KDF in OSCORE
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Apr 2020 04:29:27 -0000

- Jim Schaad wrote:

    - There are no security reasons for the limitation (at least not if Master
    Secret is uniformly random), and it currently hinders OSCORE to be used with
    the COSE AES based KDFs.
    - The restriction is currently a practical problem. 6TiSCH people have
    stated that using AES and SHA-256 is not a problem at all.
    [JLS] I am not sure that I under stand where the immediate practical problem
    is.  If SHA-256 is not a problem then HMAC-SHA-256 can be used as the PDF
    for HKDF.

[JPM] Sorry my fault, I intended to write to write the opposite: "The restriction is currently NOT a practical problem", but Christian seems to think it is inconvenient.

John