IETF Logo Mail Archive

Re: [jose] PKCS #11 for JWK

Nikos Mavrogiannopoulos <nmav@redhat.com> Mon, 10 July 2017 06:03 UTC

Return-Path: <nmav@redhat.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D0C6120454 for <jose@ietfa.amsl.com>; Sun, 9 Jul 2017 23:03:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCjCDYS8oaCX for <jose@ietfa.amsl.com>; Sun, 9 Jul 2017 23:03:01 -0700 (PDT)
Received: from mail-wr0-f177.google.com (mail-wr0-f177.google.com [209.85.128.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 807E11200B9 for <jose@ietf.org>; Sun, 9 Jul 2017 23:03:01 -0700 (PDT)
Received: by mail-wr0-f177.google.com with SMTP id k67so122959901wrc.2 for <jose@ietf.org>; Sun, 09 Jul 2017 23:03:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=/1/hR2wuD2kd5A/vl72DeLM1c9odQ1dmWmL5wgdxutA=; b=HLWXSku+EBpQkfjubx8DM1UI3fB5oJjYwX94z4gric7B97C0x0oYRxiIxpJxXPp5Y2 RagOb1aJaGiYjcsXbNC6Y8ZDXMEwn08OkkVJzdqXv62m/oHpwFpELy9zBNfPnbAZqjg1 yZuCYlvlQ71zO8WvVQSoGXYBnFPqNOw2TScPqDwxoydsl5IBt1U7rOX02OZUF6igntR0 A0Cd12fMRRWEDy5/HIVh8wisIXWTyN4gMBCE+E17WM875OUwO02xyFbdq1mOmREjH6aq oh+Vp76227jM5RuxGSPaK1FgKOMwsgoOMBOWPEK3rRDowTYAeF5DuF3JzkjKSQbCecQs Pvdg==
X-Gm-Message-State: AIVw112G1By0999h2NJAY8Ue3ndpV4lvUVYZQuLANEqcLhWcNaM4BUty 3B2edzR0kvSrTrApf2gBpw==
X-Received: by 10.223.142.202 with SMTP id q68mr5860878wrb.13.1499666579504; Sun, 09 Jul 2017 23:02:59 -0700 (PDT)
Received: from dhcp-10-40-1-102.brq.redhat.com (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id v2sm15026494wrb.68.2017.07.09.23.02.58 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 09 Jul 2017 23:02:58 -0700 (PDT)
Message-ID: <1499666578.2933.3.camel@redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Nathaniel McCallum <npmccallum@redhat.com>, Simo Sorce <simo@redhat.com>
Cc: jose@ietf.org, Daiki Ueno <dueno@redhat.com>
Date: Mon, 10 Jul 2017 08:02:58 +0200
In-Reply-To: <CAOASepOYo4hnqdFCJ5-Oxf1C5eLWj-qavQUwfXt_nG-1pZ=cMw@mail.gmail.com>
References: <CAOASepNR_1XjDaCHUyLL_o63EvBcQ6L1TyeMhdUzrbmtYSWRNg@mail.gmail.com> <1498896051.11334.78.camel@redhat.com> <CAOASepOYo4hnqdFCJ5-Oxf1C5eLWj-qavQUwfXt_nG-1pZ=cMw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.22.6 (3.22.6-2.fc25)
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/lCja-9IzsEEwzcHzLf8WcT0EUXc>
Subject: Re: [jose] PKCS #11 for JWK
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jul 2017 06:03:03 -0000

On Wed, 2017-07-05 at 09:04 -0400, Nathaniel McCallum wrote:
> On Sat, Jul 1, 2017 at 4:00 AM, Simo Sorce <simo@redhat.com> wrote:
> > Later on you talk about performance penalty and say:
> > 
> >    Implementations SHOULD perform public
> >    key operations, such as asymmetric signature verification or
> >    asymmetric encryption, without using PKCS #11
> > 
> > I think this should be at most a MAY. If I wanted to be more
> > pedantic I
> > would say you should take in consideration there may be PKCS#11
> > modules
> > that are already smart enough to implement such functions in
> > software
> > so that they do not incur in performance penalties, so the whole
> > this
> > would have to be wrapped in something like:
> >  "If the PKCS#11 implementation perform public key operation in
> > hardare
> > that may result in poor performance then implementations MAY
> > perfrom
> > public ..."
> 
> I did some reflection on this over the long weekend. If we wanted to
> support offloading public key operations to PKCS #11, we'd need to
> have a "p11pub" JWK property which defines the URI to the public key
> to perform the operation on. This duplicates the existing public key
> information in the JWK.
> 
> We could allow three modes:
> 1. pubkey-only; no PKCS #11
> 2. URI-only; PKCS #11
> 3. both; optional PKCS #11
> 
> In mode #3, there is a possibility for public key mismatch. However,
> no attacks exist which don't also exist for mode #1.
> 
> My worry is that this is a lot of complexity for minimal gain. JOSE
> implementations already have to support #1. At best, mode #2 is going
> to be as fast as #1. I just don't see any compelling reason to
> support public key URIs. Do you?

As long as you have the tooling to extract that public key/cert from
the HSM, I can think of no reason using the HSM for public key
operations.

regards,
Nikos

v2.23.0 | Report a Bug | By Email