IETF Logo Mail Archive

Re: [Mud] how to increase trust in MUD URL

Michael Richardson <mcr+ietf@sandelman.ca> Wed, 22 January 2020 21:35 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: mud@ietfa.amsl.com
Delivered-To: mud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EB45120045 for <mud@ietfa.amsl.com>; Wed, 22 Jan 2020 13:35:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UzOYMMQw43pD for <mud@ietfa.amsl.com>; Wed, 22 Jan 2020 13:35:10 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9398612001B for <mud@ietf.org>; Wed, 22 Jan 2020 13:35:10 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 5E9D23897E; Wed, 22 Jan 2020 16:34:36 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id E40A0C69; Wed, 22 Jan 2020 16:35:08 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: mud@ietf.org
cc: "M. Ranganathan" <mranga@gmail.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
In-Reply-To: <CAHiu4JOXOAt2U5soxrHB2D8EMxwkQ-tKv62F2vxAVPdvqAgfzg@mail.gmail.com>
References: <157918044299.26236.8163535356477976451.idtracker@ietfa.amsl.com> <CAFpG3gehp98VB2RpL6LenRJsV=RRQ=1jCTX7mcrmd27pzkYqfg@mail.gmail.com> <CAFpG3gek8qrHjN5LNQUrRrS9+zFuVQQ4y+XorRrr5xySs2fP1g@mail.gmail.com> <20570.1579314460@localhost> <30267.1579654985@localhost> <9b50e4ca-d516-3f3b-5992-1695f8147d18@sit.fraunhofer.de> <30626.1579713687@localhost> <CAHiu4JOXOAt2U5soxrHB2D8EMxwkQ-tKv62F2vxAVPdvqAgfzg@mail.gmail.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.1.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Wed, 22 Jan 2020 16:35:08 -0500
Message-ID: <428.1579728908@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mud/IbQhS9IL6pUU22FPw4lJimMxu4M>
Subject: Re: [Mud] how to increase trust in MUD URL
X-BeenThere: mud@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Manufacturer Ussage Descriptions <mud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mud>, <mailto:mud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mud/>
List-Post: <mailto:mud@ietf.org>
List-Help: <mailto:mud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mud>, <mailto:mud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jan 2020 21:35:13 -0000

M. Ranganathan <mranga@gmail.com> wrote:
    > On Wed, Jan 22, 2020 at 12:21 PM Michael Richardson
    > <mcr+ietf@sandelman.ca> wrote:
    >> 
    >> 
    >> Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote: > On 22.01.20
    >> 02:03, Michael Richardson wrote: >> But, updating the URL in IDevID is
    >> difficult to do. Quite reasonably it might >> be impossible without a
    >> device recall.  The IDevID version is much easier to >> invest trust
    >> into.  And it clearly links back to the manufacturer.
    >> 
    >> > This is one of the biggest issues that came to my mind ad-hoc. Is
    >> changing > the URI really an option? I would assume this type of
    >> encapsulation is > trustworthy, I think.
    >> 
    >> Changing the URI in an IDevID is not, in my opinion, feasible.  While
    >> I can imagine ways for an IDevID to be renewed online, I would prefer
    >> that it be buried so deep into the TPM that it can't be changed in the
    >> field.

    > I see some words to the contrary in
    > https://tools.ietf.org/html/draft-richardson-opsawg-mud-acceptable-urls-00

    > i.e. I see the following:

    > "The DHCP and LLDP mechanisms are not signed, but are asserted by the
    > device. "

    > Why can't the MUD URL emitted by the device using DHCP be signed with
    > the device private key?

It could be. Bud:
a) we haven't defined the MUD DHCP extension that way.  We could probably
   sign the entire DHCP request with RFC3110. I've done this in the distant past.

b) it doesn't gain us anything. It's not a signature from an IDevID (or
   LDevID) that is interesting.  The malware, having taken over the device
   could do that. That could be as easy, on a *nix machine, as dropping
   a file into /etc/dhclient.d/ with the new MUD URL, and the DHCP
   mechanism would sign it for you.

What we want is a signature from the manufacturer, or possibly, as Eliot
suggests, from a TEE/TPM.   But, how does it know what the MUD URL for this
firmware is?   And, if you've got all that, then you have remote attestation
anyway, so why not just have the RATS Verifier provide the MUD URL as part
of the Attestation Results?

Since remote attestation is not going to be common case for home appliances
in the near future (not because the devices are incapable, but because the
homes are ill-equipped [%]), what we can do do today to easily keep the
MUD URL from changing too much, without locking it down completely?


[%] - the lack of equipment to do remote attestation also means that
    probably also has no secure controller to do onboarding, or evaluate the
    IDevID.   So, MUD will be TOFU.

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote:
    Henk> If you do not allow for a MUD URL to change, you avoid a lot of
    Henk> complexity. The simplicity of MUD is one of its main selling
    Henk> points.

Eliot had previously convinced me that updating the MUD file in place was
probably workable, and this was not that big a deal.  
The TLS profile convinces me otherwise.
The need to pin the manufacturer signature probably deals with a lot of the
changes that we might need.

Eliot Lear <lear@cisco.com> wrote:
    >> This is one of the biggest issues that came to my mind ad-hoc. Is
    >> changing the URI really an option? I would assume this type of
    >> encapsulation is trustworthy, I think.

    Eliot> To me this is something that TEEs can really assist with, but we
    Eliot> may need to think about how the URL is communicated.  Should it be
    Eliot> in an idevid long term or in some other signed object?

I think that you really mean a TPM-enabled secureboot environment, which a
TEE can implement.   If the firmware (update) comes with a signed blob that
the boot environment can interpret, then that could also contain a
manufacturer signed URL.  
The SUIT manifest pretty much satisfies this requirement, but we still need a
signed thing to put into a DHCP (or LLDP) package.  That would likely need to
be a simple CoseSign0 object.


-- 
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.23.0 | Report a Bug | By Email