[Emu] Fwd: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)

Joseph Salowey <joe@salowey.net> Mon, 11 January 2021 05:24 UTC

Return-Path: <joe@salowey.net>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 292C73A15C8 for <emu@ietfa.amsl.com>; Sun, 10 Jan 2021 21:24:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kul6CxtiweLV for <emu@ietfa.amsl.com>; Sun, 10 Jan 2021 21:23:59 -0800 (PST)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 269743A15C6 for <emu@ietf.org>; Sun, 10 Jan 2021 21:23:59 -0800 (PST)
Received: by mail-lf1-x12a.google.com with SMTP id s26so35957397lfc.8 for <emu@ietf.org>; Sun, 10 Jan 2021 21:23:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=xvdXriD3DrkyriKEKJlAHelNTPpkOH80xPC0Aa3335I=; b=KfroP3csGDM9eep8MvrdZOY5L5l+V7nhBjX8OfbxHQcTdFUQXD1iqOq0J3PEu09lll ok1P/vXe/Vb/HYjk+zqS3uF39qASMXW0KOmFQZ6DLE+AY1xbW9iaTtfdZIVhc3Sb0/tx 0K37QU6Yq/wNfNQupFWxeizO4WxyvH71fndCq+zcbUPqgFKYxxjeark2uo2qTZ/9Pux+ 3ztwHfud2KJVfcoxnJY29dm7/s9dwwRxn/RTIUZ+vWg+tLTiG971zV+AsaBlOHZyHLwg wpehExtHNttzBLFnbPcvB1aL2JBdbc/CwHd3/jZbPWkFs54o3giY+wWpLxfArnQISgFh TKOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=xvdXriD3DrkyriKEKJlAHelNTPpkOH80xPC0Aa3335I=; b=ZKbjpZkCBdzt8QXyb4Yx0SJp1eZ9jW5dZItXtIUpv9fQvdPwPTdF0rhpHlgS3X6iwK YcMi7SgsCfGRvdvvqAvKvQaLff+gYD75UNX6sKiTpnDdp4UNf8RRy4cFcpkZW5Dt6cPF IPIhFstY6IBlGQfj0kkVkPkpmQk0albqRPjFww0iwm9LUIcgcsFYpj0zWjm5pufsKgNd HiiuDKWsh2ZQWNueETh/4We3rjCC6KO7LcbWrhv4+aT+gOAKCV/oM0wP1uVyijHwrdyu Q1M+GUoKJRZjEjli/tgFrWdTfS+6LDkTl4L7i5BddMEgeBLtchAWwAUxBvQ4rVeMg1O2 tJoA==
X-Gm-Message-State: AOAM530viLh0jgn11ajoOgnlj1InyuauQ1kYo7ytcEeWEsdjmFAlIGKf MZDBJJT97nqNJ+Q5UXmsDWf5zpuquu17ZItsZZszm2qzZqM=
X-Google-Smtp-Source: ABdhPJwgSVD/8FxCPsLtJFl6DtmCZctmbFKNs9vbJ3QTvRRUkmAjTghGLcEF9CIe1Rz3UdlOIIgnaOjOVxcgh/7DEJE=
X-Received: by 2002:ac2:4a65:: with SMTP id q5mr6916685lfp.320.1610342637053; Sun, 10 Jan 2021 21:23:57 -0800 (PST)
MIME-Version: 1.0
References: <160815821055.25925.15897627611548078426@ietfa.amsl.com> <20201216223842.GR64351@kduck.mit.edu> <0f2b05db-5c98-43d4-aae3-cf620814bacc@www.fastmail.com> <A4BBA31B-8754-4D8C-B0F1-D1C6C859F6AE@deployingradius.com> <CAOgPGoBvBzhA0q4gFqpFSm2HkAs6NoyLc6RVZYLtTYsNd02i8A@mail.gmail.com> <e669002f-caff-1e6e-e28b-d09157eb0c07@ericsson.com> <6241F0B6-C722-449E-AC3A-183DE330E7B5@deployingradius.com> <9ddd1593-3131-f5cc-d0db-74bf3db697bf@ericsson.com> <3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com> <CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com>
In-Reply-To: <CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
Date: Sun, 10 Jan 2021 21:23:45 -0800
Message-ID: <CAOgPGoB-YGF6kMPZ=Jh3pGfVwAuij-aeo3TP82zxW9GCY5XcRQ@mail.gmail.com>
To: EMU WG <emu@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d93a2505b8991c44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/l8MqfGQNM_ZUj2EBG-fX2-X0srY>
Subject: [Emu] Fwd: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jan 2021 05:24:02 -0000

Forwarded this conversation from the TLS list.  The question is about
changing the key derivation.

Joe

---------- Forwarded message ---------
From: Joseph Salowey <joe@salowey.net>
Date: Tue, Jan 5, 2021 at 10:24 PM
Subject: Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on
draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
To: Alan DeKok <aland@deployingradius.com>
Cc: Mohit Sethi M <mohit.m.sethi@ericsson.com>, EMU WG <emu@ietf.org>,
Benjamin Kaduk <kaduk@mit.edu>, tls@ietf.org <tls@ietf.org>




On Tue, Jan 5, 2021 at 8:31 AM Alan DeKok <aland@deployingradius.com> wrote:

> On Jan 5, 2021, at 11:13 AM, Mohit Sethi M <mohit.m.sethi@ericsson.com>
> wrote:
> >
> > Hi Alan,
> >
> > Cleaning up the email. The current draft says the exporter should be
> called once as:
> >
> >>    Key_Material = TLS-Exporter("EXPORTER_EAP_TLS_Key_Material",
> >>                                Type-Code, 128)
> >>
> > and then split the 128 into MSK (64) and EMSK (64). As said, from
> initial glance, it seems the exporter is called twice (once in
> eap_tls_get_emsk and once in eap_tls_getKey). Both the calls are with
> exactly the same context, context length, and labels. In getKey, the EMSK
> parts are cleared with
> >> os_memset(eapKeyData + EAP_TLS_KEY_LEN, 0, EAP_EMSK_LEN);
> > while in get_emsk, they are read with
> >
> >
> >>              os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN,
> >>
> >>
> >> EAP_EMSK_LEN);
> > Maybe we can live with this. But if exporter is called twice, we should
> use different labels as suggested by Martin?
>
>   Yes.
>
>   Perhaps as Joe suggested: EXPORTER_EAP_TLS_MSK and
> EXPORTER_EAP_TLS_EMSK, which seem simple enough.
>
> [Joe] I created a pull request (
https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/17)  with the
proposed labels.  Is this change going to cause significant problems for
implementation?


  Alan DeKok.
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>