IETF Logo Mail Archive

Re: [Lake] Ways forward on MTI cipher suite text

Peter.Blomqvist@sony.com Wed, 26 January 2022 08:50 UTC

Return-Path: <Peter.Blomqvist@sony.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BF3D3A2BB4 for <lake@ietfa.amsl.com>; Wed, 26 Jan 2022 00:50:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.57
X-Spam-Level:
X-Spam-Status: No, score=-2.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sony.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gWKAjpTcBOpe for <lake@ietfa.amsl.com>; Wed, 26 Jan 2022 00:50:04 -0800 (PST)
Received: from mx07-001d1705.pphosted.com (mx07-001d1705.pphosted.com [185.132.183.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5C6C3A2BB3 for <lake@ietf.org>; Wed, 26 Jan 2022 00:50:02 -0800 (PST)
Received: from pps.filterd (m0209328.ppops.net [127.0.0.1]) by mx08-001d1705.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 20Q5gnUr026728 for <lake@ietf.org>; Wed, 26 Jan 2022 08:49:58 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sony.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=S1; bh=uET9Wdz32YJGT6yZ01K8tt7AQf8xTHpwRRDTNgz1Dsw=; b=pxpRarpjWwXLl95jeVh+CC1dAY0896H+dYd685PLXY9wD50yWUOP6oGyCjziIUUnDLoF 1gF6rrfVtLyB2qV3q0hsgiaGlcAot6xcl23Ef8okO4fNoumi2isaJf8FKM7oSug1TahZ GxqykOrbV3o8rAfRD10goVjRMNN8JGTwRDW29+SUhmMyyf8priIpMPwxEnV0hNdyLlXu 3Owo+3icE+/bSkcPjJWWwcWP0SBFHq+W7xRpDvVRjf4pZg4+/i2pdPXsccpcVVx8ybtn l5e4tW0OT86sazno7MCYBw+EcMIUpPL4p8phXgZKF9g3S5ksj1XGT346MIj9odXH3Lz7 hg==
Received: from eur01-ve1-obe.outbound.protection.outlook.com (mail-ve1eur01lp2058.outbound.protection.outlook.com [104.47.1.58]) by mx08-001d1705.pphosted.com with ESMTP id 3drb3kd20e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <lake@ietf.org>; Wed, 26 Jan 2022 08:49:57 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dmFfIGKaKCe+ONOmqkDEZ24Paa0GQZNr/owtS/n8CuXkA5LqECZAKRW7J3mSeUbX0R/w5Ze+dA3SmcJ7XQxmqrmvuLAPYwr9rUgWXhQg7jFA52qdwSxAMsm32omT+krBXLVTshNKJeS9JP57aEbYmfOlL3xHzSaA/uTXsle/qnh+/UDsu3fzyEf0Bopi1W+v+ScbHiTq4PjyZbiIPlusQg1A2e5GCsOdeVO5YCWW/4m7UhA/POwAIb7W9BMP3KqmwprMxMaPMVb1WM0zNw/BNvpUVrH9n76Ugl2IVz3FYZez/DRzewsKNHMaKUyVzd9VyfTRoroy6WaihT8vYR9iBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uET9Wdz32YJGT6yZ01K8tt7AQf8xTHpwRRDTNgz1Dsw=; b=JRLbu1zqza9xsZxuTTP/IbaQEUI6QxvL23ZS4pkre5WR5LUo43cAr7TQUBUYwRfeEWe4PIr0DwrHILhhQowcKmcUl1oyzv6tPliXozc1Ko+sJpom/nkmRYI4C1UcoyPN/1it3u/yi03jGitwoZIxPKZDdtNnF/Vx6mKxtqcWdTKkGMKme9Bm9ZTnftSLza8fAtYOkN9FEGShlohZX1nkobUqq43iCx5lx+0lbg0vLZ2yZ+iO//LWBDJQttFLCIPdZUIZ4k1yoRPuE2UDm1w7CJlvYEbgAVO5chqO5nvpLAuaNHVWR/TBvVxigTsxj0rps90ItOzIYvaTeE8dA/r2Eg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
Received: from AM8P193MB0979.EURP193.PROD.OUTLOOK.COM (2603:10a6:20b:1ea::23) by PAXP193MB2140.EURP193.PROD.OUTLOOK.COM (2603:10a6:102:221::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.15; Wed, 26 Jan 2022 08:49:55 +0000
Received: from AM8P193MB0979.EURP193.PROD.OUTLOOK.COM ([fe80::e894:6cc4:bb9b:2d47]) by AM8P193MB0979.EURP193.PROD.OUTLOOK.COM ([fe80::e894:6cc4:bb9b:2d47%4]) with mapi id 15.20.4930.015; Wed, 26 Jan 2022 08:49:55 +0000
From: Peter.Blomqvist@sony.com
To: lake@ietf.org
Thread-Topic: [Lake] Ways forward on MTI cipher suite text
Thread-Index: AQHYDh+7dGT3LKZJvEyDUzfSJbWbxax06Z6AgAAJblA=
Date: Wed, 26 Jan 2022 08:49:55 +0000
Message-ID: <AM8P193MB0979A9D4407FB221A738BCB983209@AM8P193MB0979.EURP193.PROD.OUTLOOK.COM>
References: <2A2081E4-BAAF-4292-925E-0B683AA6CD23@inria.fr> <HE1PR0701MB30505089ECEB11415901D15789209@HE1PR0701MB3050.eurprd07.prod.outlook.com>
In-Reply-To: <HE1PR0701MB30505089ECEB11415901D15789209@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 50def368-b229-4311-50ae-08d9e0a8d377
x-ms-traffictypediagnostic: PAXP193MB2140:EE_
x-microsoft-antispam-prvs: <PAXP193MB214045351DEE4761C4FE509483209@PAXP193MB2140.EURP193.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: PiQDvg5C2EXNoHBpi+dSDYxEAKTd8VVRLBBLGQcxl47h59MSHH8rozZumAPHJWXKnaJYonzGk33hmWNwSvYTT1oCehoki1gk7qyYx850ycEwOUL0eO3F1yVY53kHH7TO4exsecpE1Glz9WXHIWOu8Ytb4RiqOsbJC4ItrxWRUhH4AUTpPbrYuL1J/WCL0pHmUt1acgk2feZl9v95ljVVA0bxuuVBfwgjCbDrfDJJcWNdyh1BQelBWnpRjI4ddQ/NpdYWsejAQZU/cr2yIOvQDqC93gzpCF4ojjLVSfWmsPrRC4ZO0EbK6eu0+ns4dkxSfV6zQQGl/QgZF20Z2tSW1tnqmx9HrQWgyto1L8Ga96PCBcNl04D4eNivHq+2h7uVoV7DC8hZSaUHLxsClZxALlDf2oH36EX5tASJBrO0f+spgHd4tNe5DdVQeEoAccXDqLIf89xiI9SoTCjX6b/CwqyDx0ITJ0u3HfUFy7aB8q56QJGKTfM0jjCoOrMRF4AZ19/RF4UPEGRY4RnQsaXFp/zzTltsPgr4QM8cy0lEePHb7mI2APL56GE5fNtZvbTTkFCb5stLWf7bRE+QLiDBPBk54vBNskJVovDYu990OerNwkWq6LWjCrEIyPlB3opT6VeVLwxpmPtn3crBi+wtc4PQtUv0wx7FFCi8uMAjH3F2utVhKWlfGO86Bbmdao2961CXRFqzhQPs+HUEuPLM4AItLcjUlmo7qf30J722e3QDWGBKXmSg6Ky2In4x5gwMVqWB2ym4PfrOQJ6CDZ3/8yeSHUecB6rY3mUX/wTVhQP1g9+Mb/zlBFFCVtWo8SkBsfAR32M3T14xhQjw6JRL3w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM8P193MB0979.EURP193.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(9686003)(966005)(83380400001)(53546011)(66574015)(508600001)(186003)(26005)(86362001)(2906002)(33656002)(8676002)(82960400001)(5660300002)(166002)(122000001)(38070700005)(71200400001)(38100700002)(52536014)(55016003)(7696005)(6506007)(6916009)(66946007)(64756008)(66556008)(66476007)(66446008)(76116006)(8936002)(316002)(20210929001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 8hT3w/tRcIZVncUgoL8xubbQMgICz9sihm7Zb7gDOkDe6KmVujhOSrfItZJWtA0solvCr18LfEOaWyqaXYZ8vcDRoEZdsURpeK1JUtOk9WUYsLqL1bUUh5qICVPfVrwpmOhSgiwZ/GFp2qmuf+6wPjLmoMQ/c4L9I85VMqO+zisiraqTDMRfybvS+J582C7WkjrXtOFmlzOk4As9s57EEGUfIbljm+TU1FsViuYGGiwAjFCO4WZZ+oQkwMzHHsULriNsdTljkBL3m2CWw4xbUkp2wiPHVosAmCvMmlgAe0cC9cTzFwYGYjsgaAjgNI65FJ1DRwgu5biXfIdGupBcTs0gDvRxy2SU+SHmypcIzyA15k5CNUg5ev7UOFiQXR5RlzylCMJcsKxOpgaoXl9cTB38QKIc3DjZzIi5qCI0tIMx05PyoZ8w+IpFWquoiue7kUdxMLxz9DXx4CsClYzQlse5VPTexaVcmLUePBjmEN/qT0GIQ2Hd/OE54//9x75ciEx7C9PnOeUlqYBys+diGuvs6/6VHznYKr+qx4tdlnIxLW5SjDCFQP1GCEymYbzNQPxpF6EvRVHLpuIFS4qS3zJlrfHEMhzwuMKeLj72j6NILNTeUejjF0DIA35e1OUSF2TumA5qjlstO7Mr+CxIswQqE56OqLcQknRnaj+EM4f5Wzo0HGtVHhumZD5C8NRZVm/z87UXiMpLeO8El40KwSypAH+Yd2GdGRk1qpi/mBymn2QCTUwVNNZ+Gw1lBLGATRCXfPxO+hpygqkK9qVjBti632R5kHA53IfNzcyTDLOCdkUDK23c9jdQIDXxjAByXDzg9dT8B5V+/9r/PP2SqROvK+XeAN/l81EiEwoFBqR2MvP7QX4QpnWs7aHMDBNDRt9iFPmgQaYQwGLWlqWy4ortMhIfx3noF+KPK95/eRCS/sEbPQnLM5E1X1UI+IalwzGSUoFgQRYjcloHJK/BocSDum1RHp1ST5YOoKyQGNoUGboDa8nuZLJIN7dfCuy+Hnq5UU4xEVSXDQrXrpNalebUWo1N5Ck6pWx1U7YQ5lspBtsuieM2Sb3YkqPaZnac4TKeY9DhPSepeUCBMCDXDjX2eu6IGTW+uGizF69+rM4VyvIeNquffZ3O1v1kCH5MXT9BQyH5RgvN3AQ953OcPJ0X0o2Lfq8SJDecEfX4E8eRbqPnhXisVAv382wM30iRz6bosVRArBcYBtG0QVsy5l3ByEcS5TCpOiy6Jrs/Hevr4cDbEaGFTWCNiJ2tKYzMHQhWOuycqlofX59DWyHpHw4241JnpSevp6npLX1T3/Omvk4RnXN6MscUdPKmWVe3qfR94HYNSK5yyvaTBreA3W/iZK/tFBEMWbGxZjpJQSG3VrX2N13l/EbY058wm/I+XClwA/RdOA56xAUujT4mdwzMynSBvrNFymr7P5wvqiZZdnAK6sPILCfRwNUwOR5BHBPC8hXKkaNo8DKbHsnJdkp55aPrHhT8CSqEbAg4MR3RHINgvQBmuSBTBKpqOYfVFgwHwUDOAZIYGvoQ0LbLNDapMZfh/K0AyvuQBsqRm361hty2F6nCCIzEClABIfH1rHWymxnwiVadUw/X8AF+XOrWcWDR3DV6og0ebKNbt0ngl3tR535Hhp1qzZJZUASabibEcmHCYKNEHkH0/dwfkQ==
Content-Type: multipart/alternative; boundary="_000_AM8P193MB0979A9D4407FB221A738BCB983209AM8P193MB0979EURP_"
MIME-Version: 1.0
X-OriginatorOrg: sony.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8P193MB0979.EURP193.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 50def368-b229-4311-50ae-08d9e0a8d377
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jan 2022 08:49:55.5794 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 66c65d8a-9158-4521-a2d8-664963db48e4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: aXVe+GVaLInpPP0QLhGMmB/XQclLDpbNPQnsLbl7D4AO9/xYZ6pOWKPx5Ruj0QDzK9IVsNeyjtTMn4rxeG4xgzipJBGK3ic6D6Laj9n9A6w=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXP193MB2140
X-Proofpoint-GUID: HZDR1RfEEo1OdTnEb5M5DamwXivq2FIQ
X-Proofpoint-ORIG-GUID: HZDR1RfEEo1OdTnEb5M5DamwXivq2FIQ
X-Sony-Outbound-GUID: HZDR1RfEEo1OdTnEb5M5DamwXivq2FIQ
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-26_02,2022-01-25_02,2021-12-02_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 priorityscore=1501 spamscore=0 malwarescore=0 mlxscore=0 impostorscore=0 lowpriorityscore=0 adultscore=0 clxscore=1015 mlxlogscore=999 bulkscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2201260051
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/hVLueWEXUbRzO1w94aoUFSfj2g0>
Subject: Re: [Lake] Ways forward on MTI cipher suite text
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jan 2022 08:50:09 -0000

I have had a preference to EdDSA, but In light of presentation from Rene I don't think it is reasonable to make EdDSA an MTI.



Best
Peter



From: Lake <lake-bounces@ietf.org> On Behalf Of John Mattsson
Sent: den 26 januari 2022 08:04
To: lake@ietf.org
Subject: Re: [Lake] Ways forward on MTI cipher suite text

Hi,

I noticed to nobody has argued for EdDSA in the recent discussion. One potential way forward would maybe be to reformulate the current text without cipher suites 0 and 1. There has been several people expressing that they want the requirement to implement one or more cipher suite to be stronger. This would lead to Option 3 below.

- Option 3: Remove cipher suites 0 and 1 from the current text. Reformulate according to current discussion. Make implementation requirements for cipher suite 0 and 1 stronger for some types of implementations such as maybe less constrained devices, software libraries, non-closed deployments....

People typically have strong opinions on details. It is sometimes easier to agree on nothing. Option 4 below would align with what COSE is doing.

- Option 4: Just remove current text and replace it with nothing.

(I ignored the "2, 3, or 2 and 3" issue above, that also need to be discussed)

Cheers,
John


From: Lake <lake-bounces@ietf.org<mailto:lake-bounces@ietf.org>> on behalf of Mališa Vučinić <malisa.vucinic@inria.fr<mailto:malisa.vucinic@inria.fr>>
Date: Thursday, 20 January 2022 at 18:03
To: lake@ietf.org<mailto:lake@ietf.org> <lake@ietf.org<mailto:lake@ietf.org>>
Subject: [Lake] Ways forward on MTI cipher suite text
Dear all,

During the last LAKE interim meeting, we discussed the issue
of an MTI cipher suite and we agreed for the chairs to open a
thread on the subject. As a reminder, the previous discussion
points on this topic are summarized in github [1] and in
John's mail dated 13 May 2021 [2].

We'd like to see if there is rough consensus in the WG on
this topic, at this moment in time. Knowing that the formal
analysis of the EDHOC-12 specification is under way, we
should keep in mind that additional input may arrive down the
road from teams working in the computational model.

As a reminder, the most recently discussed text for this
is in a PR [3] and states:

"For many constrained IoT devices it is problematic to support several crypto primitives. Existing devices can be expected to support either ECDSA or EdDSA. Cipher suites 0 (AES-CCM-16-64-128, SHA-256, 8, X25519, EdDSA, AES-CCM-16-64-128, SHA-256) and 1 (AES-CCM-16-128-128, SHA-256, 16, X25519, EdDSA, AES-CCM-16-64-128, SHA-256) only differ in size of the MAC length, so supporting one or both of these is no essential difference. Similarly for cipher suites 2 (AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, SHA-256) and 3 (AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, AES-CCM-16-64-128, SHA-256). To enable as much interoperability as possible, less constrained devices SHOULD implement all four cipher suites 0-3. Constrained endpoints SHOULD implement cipher suites 0 and 1, or cipher suites 2 and 3. Implementations only need to implement the algorithms needed for their supported methods."

The options we see at this moment in time are:

Option 1: Keep current text as-is unless/until more feedback
is provided that motivates re-opening this issue
Option 2: Proceed with selecting a single MTI cipher suite

We'd like to know if the WG can live with Option 1. Note that
doesn't mean you think option 1 is perfect, just that it's
something with which you can live. If you prefer option 2 or
some other option please suggest specific text.

Mališa and Stephen

[1] https://github.com/lake-wg/edhoc/issues/22<https://urldefense.com/v3/__https:/github.com/lake-wg/edhoc/issues/22__;!!JmoZiZGBv3RvKRSx!oMZFCrrtaAFUdL_LPHRBXf_uvG-p-6Y0b9jHb6jNGAPkgHq66wHpNbRb-twIjtmwJiui$>
[2] https://mailarchive.ietf.org/arch/msg/lake/75nRaD6czYG6RqLT06Qe8C_lsaM/<https://urldefense.com/v3/__https:/mailarchive.ietf.org/arch/msg/lake/75nRaD6czYG6RqLT06Qe8C_lsaM/__;!!JmoZiZGBv3RvKRSx!oMZFCrrtaAFUdL_LPHRBXf_uvG-p-6Y0b9jHb6jNGAPkgHq66wHpNbRb-twIjmVyYhuw$>
[3] https://github.com/lake-wg/edhoc/pull/225/files<https://urldefense.com/v3/__https:/github.com/lake-wg/edhoc/pull/225/files__;!!JmoZiZGBv3RvKRSx!oMZFCrrtaAFUdL_LPHRBXf_uvG-p-6Y0b9jHb6jNGAPkgHq66wHpNbRb-twIjjrL_38v$>


--
Lake mailing list
Lake@ietf.org<mailto:Lake@ietf.org>
https://www.ietf.org/mailman/listinfo/lake<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/lake__;!!JmoZiZGBv3RvKRSx!oMZFCrrtaAFUdL_LPHRBXf_uvG-p-6Y0b9jHb6jNGAPkgHq66wHpNbRb-twIjtnfowyW$>

v2.23.0 | Report a Bug | By Email