IETF Logo Mail Archive

[Lake] Re: EDHOC live debugging

John Mattsson <john.mattsson@ericsson.com> Thu, 20 February 2025 15:36 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DB29C180B7A for <lake@ietfa.amsl.com>; Thu, 20 Feb 2025 07:36:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6x5a5zWnvQJR for <lake@ietfa.amsl.com>; Thu, 20 Feb 2025 07:36:15 -0800 (PST)
Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazon11013030.outbound.protection.outlook.com [40.107.162.30]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AE54C1840DF for <lake@ietf.org>; Thu, 20 Feb 2025 07:36:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=mv07XpNUz4hkbo6PQGEZXpYYtjTPPeK0L06PipMg83fAovVJPPbiLyCFKdDdK8zqGno6mzJlcEaJmLMFjbMWdP/Ce1q2Wep80yQQdfjBFB1k+oSmR+/kmKWsbAhgOsdkPg33T6T0IihBB03VZZgTaYXIFNNWgVkkDyCJ2BGqQlIP+klFZQ04l5BRg+VaOx+fGuNHERpUF4LqF6tsbKZlB9xGZowXphYtILW9HdCboaOAkdCiOISCduNZssh0IXs8N+kgW6HfmB6voxouLMPguOerTBDCHLAUInnkvP8B0LH0gpXtKOddu5maWSqX7L8o6mF+gg765S7JLizam4ZGCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9QygOFFiH9NlTKV01wOIpLZvu0up+WlsSEDbu/R2tJE=; b=lwjzKpNSUj5uF/IFZQz80XkBO+EyfASyxj40n2pm/k/kkJM0bLEAE+XLswE1pA/xIQmP8UKzrJbAIXqqigaW/V04pj/uy/KbC/H08B7s9KIY4gH9gYC5YmLhZaMA6tIRUXqj63x/igcu8c7GTTxKcxfTuOU+THL0py8f5wySJqfEYkur5WDxHv9ckbjyrs975QDjL2qn+GyKVaidxfJ11pQddHNiR2ZytQKOW4Pto9CEocAO63WqJxtUrUoDqeYn8TmDuaJyB6d77X8ARbkiuV/0qevfYzt1hIik4n4Fh+rkuJuqE28R6QjaGAWQ1DoR/DA9DWwaN7UNPkc01jEcvw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9QygOFFiH9NlTKV01wOIpLZvu0up+WlsSEDbu/R2tJE=; b=trRCGg+EJrUpIDK9T5UDItrVU0DYc5+Qy55RieQvy8GisydZXxlV/UzT1tk0h1XNYKvro+4/OviVvUlJgpEBITsilYqt/Moif+K3YCQK7lrYqvT+nvSRTTQn20dLp/t63E4a5XXeBzzLH84OeTPAQ8anRQ0U6H3GR6P6WNwdgECutJA0VCcZm8Uajbu6zRYI2+7ByYwOQf7YUDMn+A+XMW0yVRkWfjHZ/bbHiR1ycJy7+VnDjONXwr1hTi2EUn0EBhaBBw/BfXcYh4KduXMzd9wgMXUSMOGKF/ROfBLTZSAIAHZBeBnYgvLM0maQW68l7j//ttVBuK9oI/gwi7vQIw==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by VI1PR07MB6718.eurprd07.prod.outlook.com (2603:10a6:800:18f::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.15; Thu, 20 Feb 2025 15:36:12 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8%6]) with mapi id 15.20.8466.013; Thu, 20 Feb 2025 15:36:11 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Brian Sipos <brian.sipos+ietf@gmail.com>, "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] EDHOC live debugging
Thread-Index: AQHbg6rU83qCpwZPr0Sj0L/0BD7AYLNQUZYk
Date: Thu, 20 Feb 2025 15:36:11 +0000
Message-ID: <GVXPR07MB9678A821BC65DB21D080896489C42@GVXPR07MB9678.eurprd07.prod.outlook.com>
References: <CAM1+-gii0RvsfwDbPq0KFCCc5SC6p4EivuE0Z+Zp4YEkHFB9OA@mail.gmail.com>
In-Reply-To: <CAM1+-gii0RvsfwDbPq0KFCCc5SC6p4EivuE0Z+Zp4YEkHFB9OA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|VI1PR07MB6718:EE_
x-ms-office365-filtering-correlation-id: f94b9c46-ea86-4fef-6fff-08dd51c44dda
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|8096899003|7053199007|13003099007|38070700018;
x-microsoft-antispam-message-info: vwjusRfqrUnAQzL0PAKPbA/+H2aMXISE+/mBAsmr2nTqwl0nideKR89zC1q9g0W8yU+N29rDAMCpkpcUb6aSaC7qjCvlEntibSQoE29QbT4l0vDsKLmy5DBCrKr4r24tEGiPdjE+ti0ssIggbrn+LPdl8KE5ioL8I8IldfiIoR+3ie8uVIplzIyR6LMELGuleWvigZXowVCtwzLk/HkrdL+VVmA02uIBwqiU5dhjt2p5dmc43Haw7AsKvcYHRa9pI5yFnZN010Af8Fa7klkhD/MN5qauCQUoWi+o7n9V1mMnN2RI+WZnGlNms9p8BdgQN/okfx9Hq71QNB/QTZspRPGiV5TkJnwe0I+6iqDLItvNBHLVIFngdCpRMksckNq0pSpYs+Cjol6vs8regQRHApkIhsSEKuvcTmhnnR6uhkYTLEGuDd6Yb065trseKap3xZmqaGnM6bYIa9ZlXE9ZGPe3RgmvifWjmpLsaa7yB6ZbThrPOu3qKkwViiImWlqaCztqEgvVAnoD0sJQtggfAVdIa2mVc4x3nr1ANEQM0Jq2VCE5Cfz58Q+rpJMXAcFOO+zM/cPeOYN0AZHcwma2y5Sw7hZ+xUuQhh5IPnY2Mky3iMzUJDIikoIr/7jlGVUuVqqbvKGmX14sAnBPLY+gdk6IedaqgNMhe6PFLY19K0UODy/uwxGHumZ95eMuy8Sh5ZGwQxrEI/ikQnlCBS7mX9UNc4geS540sUGA+PLrbtVL7uXX311d3kLbd+5dClr/f2z+CsQalNsg3z7IYUeGWs3pVtFacqcSn/I0sjhwdc1PwPAsXX2dWHabU2Xto2hs9W38sUC2gGVtQjfBqEIxrbwdMCjhKVDbPIEn8zZqldK4oTp4h0oICwj/FobsNWw/VtRHTalWdOnyqwq1QRe4XglD+0g01ElgWBFz1M9WkeeSrOjGOX00JzKJlHLb0wrEijPFfpWvo3CcLVQLjGTztJxyArUb/5lJ7drCDAGXqVRJofJYheScZf7Mv7wq7vXYIZBaU7Vr5972sl0sykoakmkqJMTdxvPkVtdWvCCsOErpqfxRIy/fLx+veZpW5VaXlxjsahd30exln4DlRMaPsz1vVSWUYiZyiI7dQUeWCoE3Lq5MqI034ckbXAtwH3bxzZlGDYHgF7jbf44oeKyYjSyytT+owJB2UnMz1uwaNs9XqtKXuQlh2HooO5Zk+ExbQPRUg2GcHgy1jb6yzCvNk0PKrs3NPmZaf8KZlTPAjbRrCTV5dzTekDfhSZgn0/TCbFBLYeeB39iH8i85R1i6U1fgW8YQ8WuZ/gs1b6M6Xrmmn0zT3gX6d9jD2yeUcQ3UfmhmfirkqLEPOT5NX1URnHnTvuNbGQY+4UFGyvtOd3zUlp+EZqoTEO8vkVTTbz6C4TxW5eRpQRTZ9hUhJ9aGZA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVXPR07MB9678.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(8096899003)(7053199007)(13003099007)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: mFBc9KR1WdcSZNbPiZv3Jg9ja7iwmJfyBGDPYc19yWvNguj0oN/TBdaqF2YfD6PWNQldcmy2xCTYpCO5CmZkOdiH4WuJdJ4ndRCOhtlmBDtJaiCpXyscGlHOLn/3mEvQ51dOfmOlFCSmOEE7YM6CwE8o57uirONs+Prg9OU9l1nTpe8EBIiQL9z6UjPGrsN4JpH8TVXsHtH0uCe43L9Bylh+dk7PddTRiKt4A6pxE/euSYG13uE7y/jTvXrXFfPi+i90qNKq5Ts8WuCcE4cGlE8q8M8O6t/j0jZs1ikCn7HMJR5D3BCsk1SbEsRROZBRHA/63OwPZ6ubQPuHuaXLDOtPBV3iBvHekHiXuAi3TvK3Gfkk5stj6QOLNgNznQfvd7tfkOOaRQDo6klO57vRmjfHh8fBiFLazRobYZyCbzcN6D8r9JUWuGLErXRpvMQhTjyenjM5Tt5y08PVrDtTEZMIFqY4EtuXX8bSCl5PiIMdfCesDsIZJZCMTj88078YTBqquF2rJN1A7JBrct0rC4x1J7awUkj+HiuqAAtRAgPzrmGOqxbpCFPnX8xvaCUTZkTpTuxKh0+t0EcK5v5IMhKIKVk583BBkxrfKvnOCRx9O02bisqiyIQSSpdqhce8E1wq9nUzu7WQrqu8mWoIeIQhauno+3d3fXTs4nPBpqJS6YxznQ49mXN8jvV9Bqitwt/EJaEup/WyZjAHblJyG6y8rx+kHvivy1GfsDMAxA2mV9KfzwAiAqTn2N0yVrPf2BWgH2LSztSV54G51Md+a5xu1u//Mjm+uEfwxJlqmLP++XfacGHhqQEILH6i9w3Ge8SMah5gb5mhUCZLo1eBVdVNenEdm6uh6LgTm100QWiyr1+rQs7gVrFAlx5xNFG9YmCeN6Axzal0pnG1Fc1BhugOhDPMpt1NYi3wpJy91P+a+XgkEAhRjmO8HF0y8XkyfaOksXhiW2w4/PYC6bIH+4zjOlp4ohGE0aHbdRhMq6SHTY7uixAoqTQMGsB9ezRRToHocVuiovGP7kcAjpBNI1jDHrW8ClNLdqvwEtXwZYQK7wratOmo3RRkx2IRb3aHRGWnOqbqKTdepgNboesRDsOcKn5yN72GnQS0iOeHvc1svMdLTfmJ9v4mSfFw3z3yBtuk9qDi3dxpdGideUbgAVmqrUmG8UEB/NgMocLVvWj0gxvl5VldJgWItINvv/nvfAJyUOr7HiQZBmykgP3ngmSXEHQRj/hTWB7w2kKkycG3E4B9vTQRFNyrhUWrSwunn9T19qZXk4Bbn1L6APCZ4x6F7DmgLuGdeAJqZ4L3zKOEzjOIfYrX/tSACB1AF65xdYPvfpzuNt1Sd+Ziz3ozy+UaydMmCSh3PJ4IA7bDsS9RlR0OWreuE8m3ZGDRgrB6iKNd4OUK7hyfaHF9RN1GveMemlS30H08t0sCZHzS3mtocGyTtsV/tao6tByBb3fq7WHqGFPKX94B2wUg0Dxl+Clp5ubEdfxdppTY+CN2ggHDleE/q7T6TWXe8fXOmONpQJit6yL7TYwJ5hnvYAEZvHoto+cFGy47wDh2lCrG7SJxpPI60yPFFDcgXhLVVPOWP6PhggONFVtWXZfiEEfzRWzxRLeg1CPDC/1FXLV3QwA=
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB9678A821BC65DB21D080896489C42GVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f94b9c46-ea86-4fef-6fff-08dd51c44dda
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2025 15:36:11.7523 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cbmkVGVQn7VX3RlHmpPzOHpHrf9kLM/L6xq0IisL6qS01USufpWldmIA5pBxT7oOiylFcnxewvHLLd/9V4/fAJex7YVmMulToSCpG9DBojk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB6718
Message-ID-Hash: QMHDLONBA7QEQRNMWONCN2VSA2DEPAHS
X-Message-ID-Hash: QMHDLONBA7QEQRNMWONCN2VSA2DEPAHS
X-MailFrom: john.mattsson@ericsson.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Lake] Re: EDHOC live debugging
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/DTcWxgdGh1R2EoJPqh_eXpY_GSI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Owner: <mailto:lake-owner@ietf.org>
List-Post: <mailto:lake@ietf.org>
List-Subscribe: <mailto:lake-join@ietf.org>
List-Unsubscribe: <mailto:lake-leave@ietf.org>

Hi Brian,

>EDHOC already includes a C_I which can be assumed unique under specific conditions as an analog to the keylog >"client_random" correlator.

The analog to 'client_random' would be G_X. C_I would be a bad choice for this, as the client can reuse it as soon as the old connection is no longer needed.

John

From: Brian Sipos <brian.sipos+ietf@gmail.com>
Date: Thursday, 20 February 2025 at 16:19
To: lake@ietf.org <lake@ietf.org>
Subject: [Lake] EDHOC live debugging
WG,
Is there any general interest to enable the same type of live or offline traffic inspection and protocol debugging for EDHOC as currently enabled with TLS and DTLS using the SSLKEYLOGFILE secret storage technique [1]? EDHOC already includes a C_I which can be assumed unique under specific conditions as an analog to the keylog "client_random" correlator.

The internal key schedule for EDHOC is more complex than [D]TLS, but some simplifying assumptions about which messages are available to decode would narrow down the minimum need for EDHOC shared secrets. I think using a file-based input to diagnostic tools is more hands-off and automate-able than using manual export/entry of secret fields such as what is used for IKEv2 in Wireshark [2].

Any thoughts on or support of this idea?
Brian S.

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/
[2] https://www.wireshark.org/docs/wsug_html_chunked/ChIKEv2DecryptionSection.html

v2.31.3 | Report a Bug | By Email | System Status