IETF Logo Mail Archive

Re: [Lake] (+ref [1] now) Re: Ways forward on MTI cipher suite text (was: Re: Ambiguous text on Mandatory to Implement suite)

Rene Struik <rstruik.ext@gmail.com> Tue, 25 January 2022 16:35 UTC

Return-Path: <rstruik.ext@gmail.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B27B63A1073 for <lake@ietfa.amsl.com>; Tue, 25 Jan 2022 08:35:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.811
X-Spam-Level:
X-Spam-Status: No, score=-2.811 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.714, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RA89ei-bETz8 for <lake@ietfa.amsl.com>; Tue, 25 Jan 2022 08:35:56 -0800 (PST)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 304983A1074 for <lake@ietf.org>; Tue, 25 Jan 2022 08:35:56 -0800 (PST)
Received: by mail-qt1-x832.google.com with SMTP id v5so9193630qto.7 for <lake@ietf.org>; Tue, 25 Jan 2022 08:35:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:content-language:from:to :references:subject:in-reply-to; bh=i0A018iD9en7Jtbp4az72/MVQQcyjMvvW6uxnvxDreQ=; b=H1TtYdgintYg36eOh9cB/2pFKw4EV3Ak8b0NPb2rVMDNnRMN9oLc2g5M4moni+zPG4 nJgVYXY8gG9E8Ce9jhKkCeT68SKRnx8OSZhdStYGyGUK/KpAHLGgtszvvEIcRxWqDryf Ie9swK1pOBs9EbXPYUY7ih+mZtPKeb6TvK3Lf+wkQxcRNZwmWopfG1fx5qlkc9vcu7nV YHZsnNM13QwyTL4C82+VydPLeaAqeYA2g8rvPZWRpPFB87D+6/Hs5A+rpby7nXgdMGp4 2Hr4sGYPwUIDb7LToM8CID28RDbhywAxrXzsTsu1bqRCXaFL680tNfWVydtaaP1JAcse W1dA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent :content-language:from:to:references:subject:in-reply-to; bh=i0A018iD9en7Jtbp4az72/MVQQcyjMvvW6uxnvxDreQ=; b=5027jOsI5j4HasQyvi+KT9EI+znkcnSgdXGFOGgJnL1+qt7n80k6tt3B3rtgGdc9hk oFWcuJrYhzCqeNElLDQAxOzt7LJ4scuP5nUuUQLJjbv9ZsbBIfWiAlqUY8rDRLvxMZoj 1olZoam9ReQ0+0XS/hj73m2D5RDpkBZBQXbA/wM8OXQDyGNvg/IJuX19d5MCVYjaGa4p jY55Y55o5Sbv/3nvmUibAxRXTfUdUa3HTdDGoyp1sK7YFMu8a0Ypktml/N5HGVyjf2VV pC/XA+eCd4g6s8hl42zO2HT5wN7Vbqu/5UWdmzr03xSd3EN3nLA8qFvqyz/mhCf/5GbR Jd9Q==
X-Gm-Message-State: AOAM531zyVAZQdpBhjUI8VSLocagYer21nXJ9XPlgpLF3GQoBVIYGbAY kT9gkYjuTlwWttTI3cOIpbeTiTgMw6E=
X-Google-Smtp-Source: ABdhPJyVdL5v75rlu7PAmyfIWwAZO3W+Nu6Dr+8UL4QKxxm8IkoqNfnW9Wkm+DwQ2s0gke9Yv41qow==
X-Received: by 2002:a05:622a:1748:: with SMTP id l8mr16758551qtk.558.1643128554058; Tue, 25 Jan 2022 08:35:54 -0800 (PST)
Received: from ?IPV6:2607:fea8:8a0:1397:c8e2:1d49:bb0b:1730? ([2607:fea8:8a0:1397:c8e2:1d49:bb0b:1730]) by smtp.gmail.com with ESMTPSA id n19sm8749583qtk.71.2022.01.25.08.35.53 for <lake@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 25 Jan 2022 08:35:53 -0800 (PST)
Content-Type: multipart/alternative; boundary="------------JGRjShF5qrjWU0J5J5cDYzTJ"
Message-ID: <bbf5a7cb-c31d-84fe-c2ff-1390d5f99740@gmail.com>
Date: Tue, 25 Jan 2022 11:35:51 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Content-Language: en-US
From: Rene Struik <rstruik.ext@gmail.com>
To: lake@ietf.org
References: <F2A9BC47-A179-43CF-BA02-18BCBD83FF2C@inria.fr> <487f30c8-392e-d2ae-1c6b-72e254c2b607@gmail.com> <a2dd61ce-c562-6783-3a58-3fc0cd148844@gmail.com> <1ff746ee-7c16-4d72-8588-7b5274755342@gmail.com>
In-Reply-To: <1ff746ee-7c16-4d72-8588-7b5274755342@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/c6CakdRuen36Sh3VzGpQEDILEkk>
Subject: Re: [Lake] (+ref [1] now) Re: Ways forward on MTI cipher suite text (was: Re: Ambiguous text on Mandatory to Implement suite)
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2022 16:35:59 -0000

How not to address security issues (just in case people think everything 
goes):

The curious circular reference with some handwaving between the current 
Lake WG edhoc draft and RFC8152bis-algs is *not* a way to address 
implementation security issues. I also do not think that any RFC should 
refer to an expired doc that was never adopted by a WG, since it has 
zero status, except as a blog post.

for details, see below:

Source:https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-12#section-8.7
Recent research has however found that implementations of these signature algorithms may be vulnerable to certain side-channel and fault injection attacks due to their determinism.
See e.g., Section 1 of [I-D.mattsson-cfrg-det-sigs-with-noise  <https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-12#ref-I-D.mattsson-cfrg-det-sigs-with-noise>] for a list of attack papers. As suggested in Section 6.1.2 of [I-D.ietf-cose-rfc8152bis-algs  <https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-12#ref-I-D.ietf-cose-rfc8152bis-algs>] this can be addressed by
combining randomness and determinism.

Source: Section 2.1.1 ofhttps://www.ietf.org/archive/id/draft-ietf-cose-rfc8152bis-algs-12.txt
There have been recent attacks involving faulting the device in order to extract the key.  This can be addressed by combining both randomness and determinism [I-D.mattsson-cfrg-det-sigs-with-noise].

Source:https://datatracker.ietf.org/doc/draft-mattsson-cfrg-det-sigs-with-noise/
Status: expired and archived; no CFRG document; personal blog status


On 2022-01-25 10:31 a.m., Rene Struik wrote:
> Ref [1] fell off my email; my apologies. This is 
> https://datatracker.ietf.org/doc/draft-mattsson-cfrg-det-sigs-with-noise/
>
> On 2022-01-25 10:19 a.m., Rene Struik wrote:
>> Dear colleagues:
>>
>> I would like to come back to my earlier email of Dec 16, 2021, in 
>> which I suggested that EdDSA is insecure in the environments this WG 
>> targets.
>>
>> Implementation security concerns related to deterministic 
>> discrete-log signature schemes (such as EdDSA [RFC8032] and det-ECDSA 
>> [RFC 6979]) are reasonably summarized in [1], as mentioned in my Dec 
>> 16, 2021 note (and had been known well before RFC8032 came to be!). 
>> Here, a single-fault attack on EdDSA, where the same message is 
>> signed twice and where a computational error is caused during the 
>> second signing operation, would often suffice to be able to 
>> reconstruct the entire private signing key (essentially by solving a 
>> system of two linear equations in two variables, which are trivial to 
>> compute efficiently). With IoT-style devices, such errors can be 
>> quite easily created (via so-called glitches). Moreover, these errors 
>> can be created in such a way that, even if one were to only release a 
>> signature that was just produced after first checking this via 
>> ordinary signature verification (at ~3x the signing cost)), this 
>> would still not help: the attack can be tweaked to foil this 
>> countermeasure. The culprit here is the determinism in the signing 
>> operation. There are non-fault attacks as well, but single-fault 
>> attacks are the most lethal, since do not require any SCA-attack 
>> expertise except putting a computational error spoke in the wheel.
>>
>> While most fault attacks described in the literature assume physical 
>> access to the device, some can be carried out remotely (e.g., 
>> spin-offs of the so-called Rowhammer attack). Most attacks are 
>> non-destructive, i.e., can be carried out without destroying the 
>> device at all: in other words, equipment users would not necessarily 
>> notice.
>>
>> It will carry too far to try and summarize implementation security 
>> research to-date (I have 500+ papers on the topic on my machine), but 
>> the message should be clear: one should not ignore this issue.
>>
>> In my mind, the Lake WG cannot really use Ed25519 as is and can 
>> either abandon any CFRG curve (i.e., use P-256 and ECDSA 
>> w/P-256/SHA-256), use Wei25519 and ECDSA25519 (i.e., still have the 
>> speedier Curve25519 under the hood, but use ECDSA instead of 
>> Ed25519), or fix the specification of Ed25519 with CFRG and, after 
>> reviewing whether this is a real fix and getting this sealed, still 
>> consider Ed25519. To me, it is puzzling that the last option was not 
>> taken for over two years now, so - right now - the path of least 
>> resistance is either going for slower NISTp curves or for ECDSA25519.
>>
>> I do realize that some people have a strong desire to use Ed25519 no 
>> matter what. This is fine, except the "no matter what": if so, stop 
>> pretending, roll up your sleeves and solve security issues that have 
>> been known for over 5 years by now.
>>
>> Best regards, Rene
>>
>> On 2021-12-16 10:23 a.m., Rene Struik wrote:
>>> Hi Malisa:
>>>
>>> If one has to implement both Suites #0 and #2, one has to implement 
>>> both SHA-512 and SHA-256 (since EdDSA uses SHA-512 under the hood).
>>>
>>> I still do believe EdDSA is insecure in the environments this WG is 
>>> targeting and should be ditched. How can one still possibly defend 
>>> including a deterministic signature scheme in a specification that 
>>> clearly contravenes the stability and side-channel resistance 
>>> stipulations for MTI algorithms of BCP 201/RFC 7696, despite dozens 
>>> of publications about trivial implementation attacks? Please also 
>>> see my email of  a year ago, Dec 18, 2020, on Guidance on MTI 
>>> algorithms [1].
>>>
>>> It is too bad that nobody ever pursued attempts to rectify this 
>>> (such as in 
>>> https://datatracker.ietf.org/doc/draft-mattsson-cfrg-det-sigs-with-noise/, 
>>> originally suggested two years ago, on Dec 17, 2019). Pretending 
>>> that the issue is going away is without action is, however, not 
>>> credible. {Of course, one could still try and stick an RFC 8032 
>>> label on something that isn't, but I wonder whether IETF would then 
>>> devalue to simply a marketing label issuing body, where an external 
>>> shadow spec would have to redefine things to make specs work. }
>>>
>>> Currently, the only secure signature scheme that uses Curve25519 
>>> under the hood is ECDSA25519, as specified in the lwig curve 
>>> document [2]. This scheme also uses SHA256 as hash function, thereby 
>>> obviating the need to implement two hash functions if one were to 
>>> have to implement both the "NIST" suite and another one.
>>>
>>> Side question: whatever happened with the suggestion in John 
>>> Mattson's Feb 11, 2021 email re including ECDSA25519 in the formal 
>>> analysis [3]?
>>>
>>> Ref:
>>> [1]https://mailarchive.ietf.org/arch/msg/lake/_sy7LSHk8idGAV_408JQOafi6LQ/ 
>>>
>>> [2] 
>>> https://datatracker.ietf.org/doc/html/draft-ietf-lwig-curve-representations-22#section-4.3
>>> [3] 
>>> https://mailarchive.ietf.org/arch/msg/lake/UYaV56yxz_zUWOqU32SoVozSw4I/
>>>
>>>
>>> On 2021-12-16 4:19 a.m., Mališa Vučinić wrote:
>>>> All,
>>>>
>>>> (chair hat off)
>>>>
>>>> As discussed during the interim yesterday, the current text in -12 
>>>> on MTI requirements (Section 7) reads as follows:
>>>>
>>>>>     For many constrained IoT devices it is problematic to support 
>>>>> more
>>>>>     than one cipher suite.  Existing devices can be expected to 
>>>>> support
>>>>>     either ECDSA or EdDSA.  To enable as much interoperability as 
>>>>> we can
>>>>>     reasonably achieve, less constrained devices SHOULD implement 
>>>>> both
>>>>>     cipher suite 0 (AES-CCM-16-64-128, SHA-256, 8, X25519, EdDSA, 
>>>>> AES-
>>>>>     CCM-16-64-128, SHA-256) and cipher suite 2 (AES-CCM-16-64-128, 
>>>>> SHA-
>>>>>     256, 8, P-256, ES256, AES-CCM-16-64-128, SHA-256). Constrained
>>>>>     endpoints SHOULD implement cipher suite 0 or cipher suite 2.
>>>>>     Implementations only need to implement the algorithms needed for
>>>>>     their supported methods.
>>>> I see two issues here: 1) imprecise language; 2) normative text 
>>>> that implies interoperability only in case when both peers 
>>>> implement both suites 0 and 2.
>>>>
>>>> When it comes to the devices and their capabilities, we have so far 
>>>> been using the precisely defined terms from RFC 7228. This is not 
>>>> the case here and we use terms such as “less constrained devices”, 
>>>> “constrained endpoints”. This is all very confusing. Why endpoint 
>>>> and not device? What does “less constrained device” actually mean 
>>>> in terms of RFC 7228?
>>>>
>>>> Assuming that the “constrained endpoint” is a typo and instead 
>>>> means “constrained device”, the normative statement in this text, 
>>>> i.e. implementing 0 OR 2, implies that we can achieve 
>>>> interoperability only in the case when both peers implement both 0 
>>>> and 2 cipher suites. Requiring the implementation of two cipher 
>>>> suites on each device to achieve interoperability is far from the 
>>>> lightweight aspect of LAKE, so I would like to hear what are the 
>>>> working group’s thoughts on this.
>>>>
>>>> Mališa
>>>>
>>>
>>
>

-- 
email:rstruik.ext@gmail.com  | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 287-3867

v2.23.0 | Report a Bug | By Email