IETF Logo Mail Archive

Re: [COSE] [sacm] CoSWID review

Jim Schaad <ietf@augustcellars.com> Wed, 20 November 2019 06:32 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16F5F120AFE; Tue, 19 Nov 2019 22:32:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oZrFqlpcsYPE; Tue, 19 Nov 2019 22:32:46 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84254120A5D; Tue, 19 Nov 2019 22:32:45 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 19 Nov 2019 22:32:39 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: 'Michael Richardson' <mcr+ietf@sandelman.ca>, cose@ietf.org, 'sacm' <sacm@ietf.org>
References: <CAHbuEH7OH_89+e4_BmXJN4LgxzTTQ9MtKF_03XK--a8K4AO11w@mail.gmail.com> <lejxf9f4owwm819gnwiwhlo0.1573973274271@email.android.com> <CAHcK3jMef-SK+AH4RC+EQs1LQ6wZCDAPGLCxqUyE+MFn=n-H+g@mail.gmail.com> <CAHbuEH75-jbPTqprpzjOdhRTVjtBcKy4+M6gW=zEog140ZEw5Q@mail.gmail.com>, <CAHbuEH6SjQRriP-2Sr4k12_hRk88VR3vpTsSW7phqEdKCJoRqg@mail.gmail.com>, <BN7PR09MB281982821C9CD2D11A5F546AF04C0@BN7PR09MB2819.namprd09.prod.outlook.com> <BN7PR09MB28195DC7222FF17789AAC7EBF04C0@BN7PR09MB2819.namprd09.prod.outlook.com>, <010401d59e80$7f4be360$7de3aa20$@augustcellars.com> <BN7PR09MB2819937DE42C9A1FA0F7C675F04C0@BN7PR09MB2819.namprd09.prod.outlook.com> <011a01d59e88$954f7110$bfee5330$@augustcellars.com> <10015.1574230291@dooku.sandelman.ca>
In-Reply-To: <10015.1574230291@dooku.sandelman.ca>
Date: Wed, 20 Nov 2019 14:32:37 +0800
Message-ID: <021601d59f6c$4eba3c50$ec2eb4f0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHzpN9RYTZyhsYpaTlVDcXoTZlvQAK3gtZBAhXIKp0BmGR9ZACpgMxNAk/8JVUCWvkKcwKTCkqPAr2UdpsDRFfDHgHj7CHMpqX2ZlA=
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/AHTW6RVglRrgm4z0SramBWNA0O4>
Subject: Re: [COSE] [sacm] CoSWID review
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 06:32:51 -0000


-----Original Message-----
From: COSE <cose-bounces@ietf.org> On Behalf Of Michael Richardson
Sent: Wednesday, November 20, 2019 2:12 PM
To: cose@ietf.org; 'sacm' <sacm@ietf.org>
Subject: Re: [COSE] [sacm] CoSWID review


In order to understand this thread, I took a look at
draft-ietf-cose-hash-algs.
MINOR:
* I think that the term "Thumbprint" is not often used, and that fingerprint
is
  a more common term to use.

[JLS] I betray my past.  Microsoft has always used Thumbprint for this term,
regardless of what anybody else is calling it.
I think it probably makes sense to change it.

Jim


My understand is that there is a proposal to use an existing registry for
the list ("COSE Algorithms"), but that this registry has things which are
not hash algorithms.

There are I think, three entities that care, and I think that there is an
over-generality being applied which is causing people to have concerns.

1) There are people who look at the list of algorithms to decide which one
to
   use for a particular application.  I hope these aren't end-users, but
   rather application writers who need to decide which ones they need to
   implement.  Better is that they are defining some protocol/profile which
   uses COSE.  It's Thread or OPC or Azure IoT, etc.
   I think that we can depend upon those people to be able to discard things
   which are of the wrong shape.

2) There is code which creates signatures or hashes to put into objects.
   It knows which algorithm it is using (it's been programmed to use that
   one), and finding the right number is trivial.

3) There is code which is validating things, and it needs to know which
   algorithm is using to avoid the situation where it becomes possible for
an
   attacker to replace a stronger hash with a weaker one for which a
   pre-image attack is easier to perform.

In case (3), the verifyer has to be ready to accept any hash from the
"list", and it has to be a valid hash.  But, it also has to be for code
which the verifier has implemented. I recall attacks against verifies of
certificates that had hard coded SHA1 (or maybe it was MD5) and ignored the
ASN.1 inside the signature which specified the actual algorithm to use.

If an attacker tells me to use the "RC4 hash", and I don't have a hash like
that, then I reject the number because I don't have it, not because it's not
a hash.

But, maybe I just don't get the problem.
   

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works  -=
IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email