[MLS] AD review of draft-ietf-mls-architecture-09
Paul Wouters <paul.wouters@aiven.io> Tue, 22 November 2022 01:39 UTC
Return-Path: <paul.wouters@aiven.io>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6399AC157B42 for <mls@ietfa.amsl.com>; Mon, 21 Nov 2022 17:39:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DS11QYR3kkMe for <mls@ietfa.amsl.com>; Mon, 21 Nov 2022 17:38:56 -0800 (PST)
Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9659BC14CE31 for <mls@ietf.org>; Mon, 21 Nov 2022 17:38:56 -0800 (PST)
Received: by mail-wr1-x42f.google.com with SMTP id bs21so22564268wrb.4 for <mls@ietf.org>; Mon, 21 Nov 2022 17:38:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=G8Pdq/605pUKg+QaecF4HboQaxrMyIrTwJ/9F2R+vFo=; b=NnrmBMM63mjxrgj4QmMVKvG5lxwnVS28yyRVkSq82q8Z4P+/tWV5xLTzOD0gOgWMKa OkXXVC9y3p2WNk1yYib9Hm2sdGzigcvjScDXlE8zSrKV1WGVSQ7qCM78KsOjHtx81pRo b9GdL2vcRDfiJ8kPZSTNEI6ebKzTb7BpfOxx8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=G8Pdq/605pUKg+QaecF4HboQaxrMyIrTwJ/9F2R+vFo=; b=UnZcJy+QY+eHMKQOMS0KXMOm7W7dRpmEYy+UNTv9Adr6XNKGwWiT0W3hDmKVWRvO/B Ns1+eAPF6G8BqroKTPOhiy1+B/woi6t4oBEouR/GEyJZu6c52e38m9U6Eb0bzS9jNZ3z 85/7DZFfTM0EZ5P/ujyvpDE/fFDl/OYKEpAO8RrWvMCWgD95fNk056OMs5QieW2Vc9TN lIjuxgsmwk+IfeT1eViJNEChdVKdz4X1DXob+KmM3PfmyrBh0vmom9GEOII3ZAF8MHWg vGYUU0sOS3HKBpnLqaKE8UPd4JAOOQzap6I1BCtFOzd3KVxti9ZZFvqsZ8XeMy53zONE UFAQ==
X-Gm-Message-State: ANoB5pm2JV/QpPSqNuREXnuqpEpUX8Wi6sc7lqKjXD5SMzSqm0oVsEu/ Qc2mNCh0BaeDYBI+nAI4qddko4oLizcWBaB+YSURg58fJ8El1g==
X-Google-Smtp-Source: AA0mqf5cGVQsyaF+/K1lhvP1DZJvnT6AeN47zFDeeqSEj/CzxrOntlewiGbIK+h0jDF065DLPFmd1KVp4XrWiJL80ec=
X-Received: by 2002:adf:e6c4:0:b0:241:dae2:431f with SMTP id y4-20020adfe6c4000000b00241dae2431fmr3187745wrm.261.1669081134316; Mon, 21 Nov 2022 17:38:54 -0800 (PST)
MIME-Version: 1.0
From: Paul Wouters <paul.wouters@aiven.io>
Date: Mon, 21 Nov 2022 20:38:43 -0500
Message-ID: <CAGL5yWawaN-dZs9dY2VP=f66TUKJbPODJCXMyDMCZ5V5WN6Cgg@mail.gmail.com>
To: mls@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001cd9b805ee053c44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/o7P9NvYPSgtNKVOUjHRDhSx2aTI>
Subject: [MLS] AD review of draft-ietf-mls-architecture-09
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Nov 2022 01:39:01 -0000
# Sec AD review of draft-ietf-mls-architecture-09 CC @paulwouters Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. I have used the same categories as if I was balloting as AD. That means, I would like my DISCUSS items resolved. This could be as simple as saying I misunderstood something (although then perhaps clarified text could be useful). Comments and NITS are items that would be nice to see addressed but aren't blocking. Note that I have gone through this document and commented, before ever reading the mls-protocol document, on purpose. So some questions might be answered there, but I wanted to see if this document can stand on its own as much as possible. When the MLS WG started, I wasn't sure why such a formal and complex system was being proposed. Having now read the architecture document, and especially Section 7, I understand why. Many attacks I had not thought of are covered and countered where possible and where not possible at least defended as best as can be. So I do want to say kudos to everyone involved. It made me an MLS enthousiast! My AD review of the mls protocol document should follow in the next day or two. Paul ## Discuss ### Each client is its own entity A user with multiple devices becomes a member of the group multiple times. This implies that group members can detect which of the user's clients was used for a specific message. Can this property be eliminated or at least reduced in the possible cases (eg if the user's devices are all online, could these work together to hide the information from which device/client the user sent the message? eg by always picking one of them to relay?) ### possibly detect? ``` The protocol is designed such that this only results in a group no longer being functional and the group members possibly detecting this and requesting reinitialization. ``` It scares me a bit that this could possibly not be detected at all? What is the scenario where it cannot be detected? ### Signed confirmations? ``` Other forms of Delivery Service misbehavior are still possible that are not easy to detect. For instance, a Delivery Service can simply refuse to relay messages to and from a given client. Without some sort of side information, other clients cannot generally detect this form of Denial of Service (DoS) attack. ``` Would it not be possible for clients to report a signed receive receipt? While that might take forever for an offline client, it would allow tracking that a specific user hasn't confirmed receiveing messages for a long time? (receive receipt being different from a read receipt. I guess it is a privacy leak to know a user's device got the message...) ### ``` External joins do not allow for more granular authorization checks to be done before the new member is added to the group, so if an application wishes to both allow external joins and enforce such checks, then the application will need to do such checks when a member joins, and remove them if checks fail. ``` This seems rather risky? What could such a member do in the short time between getting added and getting kicked? Would they see message history? Group membership? How many devices a user has? When members were last online? Why support such a group type? Wouldn't it be better to not support this and have an automated "special member" being a bot that handles member addition? ### encrypted meaning object, not transport? ``` Additional authenticated data, sent unencrypted in an otherwise encrypted message. ``` I assume this means object encryption, and that the unencrypted part of the message would still be encrypted with a TLS transport? Can that be written more explicitely ? ### Padding is mentioned but not noop packets and/or iptfs style constant byte streams that would hide whether there is any communication at all. Is this considered only as part of a transport security (eg TLS layer) or also something that should be considered at the MLS layer? ### Deniability I assume that some thought has gone into this, and a decision was made not to provide this as a core feature, likely due to the limited usefulness in eg a court system, when logged messages (deniable or not) are recovered? I assume it was not easy to add this property and it was therefor mostly left out? Because of course it would be nicer to have it than to not have it. ## Comments ### Section 1 ``` Clients may wish to do the following: ``` It is not really a client who wants this but a user (who can be using multiple clients). I also find "member" confusing, because I keep thinking of a user and not a client. Perhaps using "member client" would clarify this? ### Section 2, bullet list ``` Clients may wish to do the following: [bullet list] ``` It is a little unclear whether this is the entire list of operations supported, or a subset. Maybe make that more explicit? ### Section 2, use of client and member The use of client, member and someone/everyone is a little inconsistent, eg see: ``` For instance, any member can add or remove another client in a group. ``` I assume a member is identical to a client, but is a member of the group. But then the above "clients may wish to do the following:" should not be used with "remove one or more members from an existing group;" Perhaps just adding a line saying "a member is a client that is within a group" might be useful? Or say that client and member are used interchangably, but that a client could be no member of any group ? I guess this is further explained in Section 2.1 afterwards. It might be better to bring this up a little earlier? ### Served to who? ``` The Delivery Service is responsible for ensuring that each KeyPackage is only served once ``` It feels I am missing some context here. Who or whom is this KeyPackage served too? ### Are different extension lists supported ? ``` Clients may also want to support multiple protocol versions and ciphersuites. ``` What about different extensions? One client might be able to display images, while the other cannot ? Is that not possible, or was it just not listed here? ### What is a request? ``` The Delivery Service should provide the minimum number of KeyPackages necessary to satisfy a request. ``` Similarly, I feel I am missing context here. Why is minimum important, why need more than one? What is the definition of request? ### members or devices? ``` Regardless, MLS does not allow for or support addition or removal of group members without informing all other members. ``` It might become clear to me later on how the difference of member vs device of member works? I assume in this case it should be "informing all devices of all other members" ? Otherwise, one might be able to tweak a removal/addition if one knows of a member who lost access to one of their devices? For consistancy, probably this should say "informing all other clients" (or "member clients") ### ``` Membership of an MLS group is managed at the level of individual clients. In most cases, a client corresponds to a specific device used by a user. ``` This should have been told to the reader WAY before in the document, before it starts mentioning clients and users and devices. ### ``` Messages sent during the client's membership are also secure as long as the client has properly implemented the MLS deletion schedule. ``` Is this the equivalent of proprietary IM clients "auto delete" or "view once" type messaging? "MLS deletation schedule" has not been defined before it is mentioned here. What is this? ### ``` External signers can submit proposals for changes to the group, and new joiners can use an external join to add themselves to the group. ``` Is there a method for always denying these? This seems like a DoS vector where a group is spammed with change proposals or join requests? ### lost state and PSK ``` Group members whose local MLS state is lost or corrupted can reinitialize their state by re-joining the group as a new member and removing the member representing their earlier state. An application can require that a client performing such a reinitialization prove its prior membership with a PSK. ``` Wouldn't this PSK that is the result of a membership be part of the "state lost or corrupted" ? What is the exact kind of failure mode one would address with this? Also, how often would such a PSK get updated as it needs to be known to add group members (and doing this too often would I assume lead to long dormant group members from losing access?) If one could remove once's old self without the PSK, than everyone could delete any member? ### WireGuard but not IPsec? It is a bit odd to mention a non-IETF VPN protool, but not the IETF VPN protocol. Especially since IPsec also has constant byte stream support via IPTFS that WireGuard does not have :P ### 7.1 reads odd It states any "secure channel" can be used, but it is kinda says any insecure channel can be used too. It also feels a little odd to describe these properties of MLS in the Security Considerations section, and not like in the introduction. ### 7.1.1. recommendation ? ``` *RECOMMENDATION:* Never use the unencrypted mode for group operations without using a secure channel for the transport layer. ``` Seems like a MUST NOT downgraded to RECOMMENDED ? ### In scope or not? ``` *RECOMMENDATION:* If unidirectional transport is used for the secure transport channel, prefer using a protocol which provides Forward Error Correction. ``` Is this saying a protocol within MLS, eg some application protocol? Or is this saying in this case, do not use MLS but another protocol at the messaging layer? ### 7.2.1 padding but not constant stream chatter ? 7.2.1 says there is support for padding but does not mention anything about generating a (constant) flow of traffic that looks like messaging and is expanded/exploded to all clients but is a NOOP. It would be good to have this - or at the very least ensure the design allows for this to be specified later. This would also hide changes in online status being reported. ### offline clients ``` any client which is persistently offline may still be holding old keying material ``` Should there be client recommendations to delete old keying material even if offline for some long amount of time? Can the document recommend some? Is 4 weeks reasonable ? The risk seems to be like "old phones" kept in a drawer, likely depleted of power, but still likely to be powered up without disassembly of flash storage, where it could still wipe the content based on a (large) timer. I feel not giving ANY guidance is a hole in the specification. ### 7.3 AEAD reference ``` Recall that the MLS protocol provides chains of AEAD keys ``` This "recall" is misplaced. It is not mentioned before until this point. ### 7.3.2 PCS, but ... ``` If the adversary is passive, it is expected from the PCS properties of the MLS protocol that, as soon as an honest Commit message is sent by the compromised party, the next epochs will provide message secrecy. ``` It feels a bit odd to think of a compromised user sending an honest Commit message. If the user doesn't know they are compromised, they will still be compromised and this new Commit message won't help. If the user did know they were compromised and undid that, then sure this honest Commit message helps. I think perhaps "honest Commit" should be expanded and say something about de-compromised client sending a Commit message. My issue with "honest" is that compromised user with a passive attacker is still "honest". Similarly confusing is: ``` an honest update from the compromised client happens ``` ### Section 7.4.1.1 ``` In all these cases, the application will often connect to the device via a secure transport which leaks information about the origin of the request such as the IP address and depending on the protocol the MAC address of the device. ``` Why would a MAC address of a device ever be a part of the MLS protocol or the transport security around the MLS protocol? ``` More generally, using anonymous credentials in an MLS based architecture might not be enough to provide strong privacy or anonymity properties. ``` This all come down to interpreation of "strong privacy or anonymity", but if the only leak is the source IP (and MAC?) then I would argue that the protection of the MLS based architecture IS enough to provide "strong privacy or anonymity". Sure, if I connect from my home DSL perhaps that reveals it is me talking, but it would still not reveal what or to whom I am taking, if I am right? That's pretty strong in my interpretation. ### Section 7.4.2 ``` This threat can be mitigated by having initial keys expire. ``` Again I wish there would at least be some advise on the expiry period, even if it is a ballpark. Are we talking 1h? 1d? 1m? If it depends on things, what things? (perhaps this is explained in the protocol draft) Maybe a *RECOMMENDATION:* ? ### Section 7.4.3 ``` Infrastructures that provide cryptographic material or credentials in place of the MLS client (which is under the control of the user) have often the ability to use the associated secrets to perform operations on behalf of the user, which is unacceptable in many situations. Other mechanisms can be used to prevent this issue, such as the service blessing cryptographic material used by an MLS client. ``` This seems a bit of gloating about the MLS protocol/client. Why not just state why the attack is impossible and require that MLS clients do this? I don't see other features being compared to other/older/worse solutions? ### Section 7.4.3.1 ``` Beware though, the link between the cryptographic identity of the Client and the real identity of the User is important. With some Authentication Service designs, a private or centralized authority can be trusted to generate or validate signature keypairs used in the MLS protocol. This is typically the case in some of the biggest messaging infrastructures. ``` Why allow this in the MLS protocol? How can this "typically" be the case of some of the biggest messaging infrastructures? Clearly those don't run the MLS protocol? Perhaps you meant to compare a similar function to the AS in other messaging protocols? That is, I would clarify what is the issue, what is possible in MLS and how it compares to non-MLS existing deployments. ### ``` Often, expectation from users is that the infrastructure will not retain the ability to constantly map the user identity to signature public keys of the MLS protocol. ``` Again I am confused there are users with expectations of the MLS protocol, which is still in a draft form only? Is this mixing MLS and non-MLS? ## NITS ### RECOMMENDATION in txt rendering I find *RECOMMENDATION:* not friendly to read, the "*" distract from the actual capitalization of the important of RECOMMENDATION: I understand this is a tooling issue, perhaps it can be addressed later? ### ``` Clients may also want to support multiple protocol versions and ciphersuites. ``` Maybe: Different clients of the same or different user might support different protocol versions and ciphersuites. ### CAPBR [CAPBR] is not a proper reference ### t and t' Reads a little odd, why not use t1 and t2 ? ### this hurts my brain ``` authentication is not affected in neither of these cases ``` I cannot confirm neither deny that I don't not understand this ### an legitimate client -> a legitimate client ### ``` by additional security mechanism ``` either "by an", or by mechanisms (plural) ### a DS can mount a variety of DoS attacks -> a malicious DS .... ### This sentence does not parse for me ``` If real time notifications are not necessary and that specific steps must be taken to improve privacy ``` ### pet peeve: vis-a-vis This is not a friendly language construct, especially for people whose first language isn't English (or Latin, but those should all be dead by now) ### to extract the top-level signature key. -> to extract the top-level signature private key. ### One thing for which the MLS Protocol is designed for is -> One design feature of the MLS protocol is ### ``` The Authentication Service is facultative to design a working infrastructure ``` Please rewrite this without using the word "facultative". Maybe use "essential" or "key element" or something? ### TOFU Expand on its first (and only) use. ### fanout Not a fan of the word fanout, but at least it is explained in the draft ### parse error ``` it should be stored encrypted at rest and during the execution ``` Missing the word "decrypted" ? ### another hard to parse sentence ``` This can benefit an adversary that has compromised the AS (or required access according to regulation) the ability of monitoring unencrypted traffic and correlating the messages exchanged within the same group. ``` Perhaps "to gain the ability of ....." ? ### avoid double negative ``` Always use encrypted group operation messages to reduce issues related to privacy. ``` Maybe "to limit privacy risks" ?
- [MLS] AD review of draft-ietf-mls-architecture-09 Paul Wouters