IETF Logo Mail Archive

Re: [Lake] Ambiguous text on Mandatory to Implement suite

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Sun, 19 December 2021 02:25 UTC

Return-Path: <prvs=8987d1c525=uri@ll.mit.edu>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FEFE3A13C6 for <lake@ietfa.amsl.com>; Sat, 18 Dec 2021 18:25:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aVc4SQrJLtiS for <lake@ietfa.amsl.com>; Sat, 18 Dec 2021 18:25:19 -0800 (PST)
Received: from MX2.LL.MIT.EDU (mx2.ll.mit.edu [129.55.12.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEF6D3A13C4 for <lake@ietf.org>; Sat, 18 Dec 2021 18:25:18 -0800 (PST)
Received: from LLEX2019-1.mitll.ad.local (llex2019-1.llan.ll.mit.edu [172.25.4.123]) by MX2.LL.MIT.EDU (8.16.1.2/8.16.1.2) with ESMTPS id 1BJ2PFVX418745 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for <lake@ietf.org>; Sat, 18 Dec 2021 21:25:15 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=aFuYBz6lUN6z9r4HXj88/GExP+7yeouwHCs+jdHhEWwbsdyJT5Da2CCdpBna81Wnk3/VaXIv/mJLLd2mB8K/X/4xCITUvZ8Ec1fLr+cYjI/NSj+ol8f2VkAvyBAmiKlYlyV1MAWg2Yp5wmpYgiH1BuLu/qpaipwNgx3sqHc5ULe0KK2BLlVXPW8AecIak0qBexQpQdVcz3dlTXK8bua6jBHhhTFG2BJ0xbaK07FQQ4gNVXivYuQ2NTx2h99eYG4BPlSLhN3E3qGbDtvBsSsp/3uROcphKoyFCbcvS9RUVPr2qQxtR4Nb+k7CG1aoSbMikpfpveZWE0K0vka7dDXadg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BT5NceA8uM2xJddqt38qtJQX+649KvlfInZBU3Xoi0k=; b=PTgFvckUpLHnlAGhkiMPPq8t5X3xeGd4wMP8+knYyfuJqIPEQHlREZbBsG0koOR9I+VkiIRmZrbBnWM3uH01GsZA2LgtmE+lMQR9zv323cGBmydlYOG0nA1AJZ/bMpP7WnyZE9YPaBOJ0zSO3cCaj0yLWtxwjIwm8q9Au6uO9y0Yogt/1rsndUt+jeBChJ6bAMZ5vXs6YDF1IBDILcP4a5VL4q8LM5VcVITmBcYP+7nW+UDM+TiVbGzv2JlQbdsoxGrfMFiEd5loLq0WxgeAgDu8/bTVLwP9FYqdI1EKklCnPQ5iuxZqO1X5xVv36QsEiYkLJmGftrpmckVb95jJBQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] Ambiguous text on Mandatory to Implement suite
Thread-Index: AQHX8l4ifJvzqXdSI0a5MKRvRKOSqqw07yMA///R8YCAAIGUAIAAD1GAgAAInYCAAbFwgP//wx+AgAB81wCAAONogIAAl1eA
Date: Sun, 19 Dec 2021 02:25:10 +0000
Message-ID: <C4DF4ADB-3D62-4743-9FA6-8FC4E0C9D3E1@ll.mit.edu>
References: <A5F9F7ED-7131-42BC-99E3-D442E9C90EB7@inria.fr> <07072A66-FFC2-47B8-B02E-46CC90BC96F1@ll.mit.edu> <4F36291F-D798-44FA-8AD1-AB954CCEAC7F@tzi.org> <48074.1639767639@dooku> <56ADA2B3-ACC1-496D-B51D-1107A31BF703@ll.mit.edu> <3819.1639781374@localhost> <HE1PR0701MB3050866F1EFEA411D8F2180B89799@HE1PR0701MB3050.eurprd07.prod.outlook.com>
In-Reply-To: <HE1PR0701MB3050866F1EFEA411D8F2180B89799@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.54.21101001
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3dcb8bb4-83c5-45a7-8737-08d9c296c836
x-ms-traffictypediagnostic: BN0P110MB1062:
x-microsoft-antispam-prvs: <BN0P110MB1062B0F5F7256BCD622E8EBD907A9@BN0P110MB1062.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /vmn0PaLCYK6mub0IZPKBwb12U2lVM+o2CTlN8f5tF0+w0xWNFJ5PqmGB2HdKa6GtEEwDCJir7YSDXWA1qCUhNsmsLnkhd2Lw0dsiAJ4Rbe24DU1AGDenOgK8zjaw0hElZrPnrluaQo0s09JHzs8nIIECcmjQ7x+88nKhYT9Cf9oCW9ZcQqPGv6XrHR81ndx4uPMy74XSmGfBPIsdpQNBz0oLSFDSrORVtHvHOjanwLeFlwmYZxEzOz++IqzQ0iezMLv8EWqGN/T1IzsSCjlccHgqFegaKwKEgmkETDIRQ+ZSo5o0kTsw3y7Rfb+ME3aU9iPKECWsPQWsTpCQ6m0M8jd3G4LtZDFGxn5Y6ox341mRnBb8Ez5OngjjEHl1UnaeQHmRqTgFS53fn6TQR2noePw7NPoURVJO001TgUMK0f28z9IZFo0QQIF87HhwOeLnpQOc6FLcJd6fLqA7Di8wdQKGNePs7wHRcTBYB9/6A/WFyh8k4bb3qPA/IZyqUQdPol1gZUz95gaLfAaeq2TS13PyjceTkoELRejqZyKm9RXb6PmDUx1UnV4zx8ifmdY405nKII7XAB/PZ4hlX5BwuDqxlluHSyeXgCjgqgzjfi1nLVkg3WCDTiVWAAqWjEiBgi1vuH+gqDYSAPop2GngyZ50XXHqlWR9AsPOtkd76C7Q2iKQxz3HLdKR39S8NcjeHls6pzVWB05qqenXhLdtIDQm/WCzgZrqJd7cPlm1VQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(2616005)(33656002)(66476007)(66946007)(64756008)(6916009)(66556008)(66446008)(186003)(8676002)(86362001)(6512007)(8936002)(5660300002)(71200400001)(83380400001)(6486002)(38100700002)(99936003)(6506007)(122000001)(53546011)(26005)(75432002)(38070700005)(498600001)(2906002)(76116006)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: y4ztZrFz/shlh8/aSArrdR6zuAA35esdwo8mrm8GiYKmPjqsLBTl11hs5QqbHQVywB4gyaIGQWXmRoaAz54dK14tMbkExEASwEwsjWTmNqSsLeXKJfXnnOXuXiVvUUO3WGuU8on+hntAOeuzhQvRIFZ8pJi0TRuT11VH4iE357rqfMFAjYi2LJ9XbluKzy+U8eRCyb4iADdr9ZFH3nvxBBIu3vS34JcyJw9XDYilXwnqbpWNLx3SU9TrtaJzRo6YWQTPWNEbRE6TAA8tH8upsGwVVdHNJtbe1qIk45O/TxkiJs3KMkJNhDvzoWs09+7kE67Mg+3rQt7EGjgxkUb9Gh0LEp0iXjEZOzrqUIgWInh7gTW7E0AZJMexkgGR5ycwxphQq5uACZJhsOzButGk9LpSrY5yOFKDus0MDuuzRKFIxbg7dwp5AimIo/ohl5m3y6hvNeLLvvfWrmm9iQojIvvH5X0Kc3EIyyXzaF5gfrlf9lYH1K5JYg1doFmW4hVfcMNzdNRzlDSC8mRuVrcHcEXiVavN500wQsPM8qO2/MTjLy7IOJbK2pnY4FfcdyAvX5bYlTnHyIVTR4JHis+/Y7jW8DiLkD+QtmJ+UXcqRbEXuL1PBOHAInZFuRr9tt3yVcNd9c9j8xoG52w3XSOFK5WWqoqrakVIYtLPEvslaX2z/4EmgknDgUu5x9OjiH5GZUn1IAy102TYYyBUGyhUFnTDrmy9Uu45wTj3J3CB15s8VxGWkxnCJBJ7E2JTJSHGP2Ld0/gjfYUcUemcSqDCFRWmm3l3LPH6Tk9nGiCXOJFKyzcQkHltp26FWiCW8/UGdvOPINUpHhcd8v/KqZjjfJXL80buCpvGZPs6LNCBAmptn4ADhPSsCAsmkhDb0GQ0eXCa730ADJLbdi9VgzB++F4DClvxcTMLm+RItbFL2cFP/vQ2CHTU0Yk0WNAl2bANQ0iXfaG72WhP8JB6KXGYU8JI+VSOPjcYlFALtYb1Z9nbP+6JbOIUtjMg0GyTkvFwIP9Dwg1D6ezJpi2zIeTUbc/sjG+cYWYuB/22nEOy35EVoJ7USJi8pwCHv9IwkZdT3tEmA99VT09D+dh+FZYYP9vSUmOc7g3Viuskdfb4X5I/tz02Z91lsloltDvW6Vl4eZB9TIDPbChmGp1wk8X7rEHHhw7RPCIKjV5+IeGl/Cxu6G36Hl9L4FQFvjQJ1elUl86uxzLbGTtAVsRQl4LUsKNHD7qoiunXI7Xe6VZ0ohXryNyN14Fe7uHj0jjRPuFy
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3722707509_140005052"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 3dcb8bb4-83c5-45a7-8737-08d9c296c836
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2021 02:25:10.8938 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1062
X-Proofpoint-GUID: AIa6KLKYVn_wdqLGPL5ggDwgOnyrWeQd
X-Proofpoint-ORIG-GUID: AIa6KLKYVn_wdqLGPL5ggDwgOnyrWeQd
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.790 definitions=2021-12-18_08:2021-12-15, 2021-12-18 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 mlxscore=0 phishscore=0 spamscore=0 adultscore=0 bulkscore=0 malwarescore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2112190012
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/1ifhkgxtqIHgt2AuQ6UMytkbY-o>
Subject: Re: [Lake] Ambiguous text on Mandatory to Implement suite
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Dec 2021 02:25:23 -0000

John,

 

You made a great point that I missed. Thank you!

 

Indeed, I wouldn’t want suites 0,1,2,3 enabled in my apps, so the MTI consideration is moot.

 

My apologies for taking everybody’s time.

--

Regards,

Uri

 

There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.

The other is to make it so complex there are no obvious deficiencies.

                                                                                                                                     -  C. A. R. Hoare

 

 

From: Lake <lake-bounces@ietf.org> on behalf of John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
Date: Saturday, December 18, 2021 at 07:24
To: "lake@ietf.org" <lake@ietf.org>
Subject: Re: [Lake] Ambiguous text on Mandatory to Implement suite

 

Hi,

 

My two cents:

 

- Interoperability: I don't understand this focus on MTI cipher suite and interoperability. EDHOC works mostly like COSE where different applications and deployments can choose from a smorgasbord of options to optimize what fits their specific environment. I think this approach has been very successful for COSE. Two implementations will not be interoperable unless they implement the same:

 

  -  1. Transport protocol

  -  2. EDHOC method (0, 1, 2, 3, ......)

  -  3. ID_CRED_R COSE header parameter (kid, kid_context, x5t, x5chain, x5bag, x5u, kcwt, kcct, c5u, c5t, c5b, c5c, ....)

  -  4. CRED_R COSE credential type (CWT, CCS, X.509, C509, ..... ) with a matching credential profile.

  -  5. Use and type of external authorization data (EAD_1, EAD_2, EAD_3, EAD_4)

  -  6. Identifier used as identity of endpoint

  -  7. If message_4 shall be sent/expected

  -  8. Subsequent application protocol

  -  9. Data sent over the subsequent application protocol

  - 10. Cipher suite.

 

Implementing the same cipher suite is just a quite small piece in interoperability between two endpoints. 

 

- Having a MTI cipher suite has significant drawbacks. TLS 1.2 mandates support of TLS_RSA_WITH_AES_128_CBC_SHA. This cipher suite has at least 3 major weaknesses: static RSA, CBC padding attacks, and SHA1. Each one of these weaknesses could independently warrant a must not support. This causes a lot of problems, as many industries are very keen on compliance with standards. With TLS 1.2 an implementation can be either compliant or weak. I personally think the IPsec approach is better: "The specification of suites that MUST and SHOULD be supported for interoperability has been removed from this document because they are likely to change more rapidly than this document evolves.". I don't see any reason to force local IoT deployments wanting to use EdDSA + X25519 or the CNSA cipher suite to also implement cipher suite 0. I can live with something like the current proposal from Stephen, but my personal preference would be to not mandate any specific cipher suite at all.

 

- 256 bit: There are definitely interest in using EDHOC with high-security cipher suites like 24 and 25. One reason is compliance with requirements such as the US CNSA. As TLS, DTLS, QUIC do not mandate high security cipher suites, it would maybe be a bit strange if EDHOC which has a strong focus on very constrained environments did so. I don't think it make sense to force e.g., 6TiSCH devices to implement cipher suite 24 or 25. AES-128 will provide excellent security for most deployments for the foreseeable future. We should also not force deployments using 24 or 25 to support, 0,1,2, or 3.

Cheers,
John

v2.23.0 | Report a Bug | By Email