Re: [OAUTH-WG] Formal analysis of draft-ietf-oauth-pop-key-distribution
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Tue, 07 May 2019 08:30 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2916F12001B for <oauth@ietfa.amsl.com>; Tue, 7 May 2019 01:30:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id duYFSuy9pWyN for <oauth@ietfa.amsl.com>; Tue, 7 May 2019 01:30:40 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150070.outbound.protection.outlook.com [40.107.15.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 596FA1200A2 for <oauth@ietf.org>; Tue, 7 May 2019 01:30:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=seGlP4JZ94oKIgDVl29KzzPzbxIs3YxrKj467NVKoLQ=; b=Uyq+oamoJmwslbqQWw//jnqCAqPq16TPMj5bhVc5BYX6++NxJJgpTQ5lFOK3pXEmmJ9Ka/t+xRPXDSAFAIVZ6RQ5QggmuPHJ4w+2/UENLnEP9oIAB6qWGPRK1WuLq5q+NeRfCHsaKYNr80McDS7LX2TZaAx+DUwVq/zO3CrVmyI=
Received: from DBBPR08MB4539.eurprd08.prod.outlook.com (20.179.44.144) by DBBPR08MB4378.eurprd08.prod.outlook.com (20.179.42.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1856.12; Tue, 7 May 2019 08:30:37 +0000
Received: from DBBPR08MB4539.eurprd08.prod.outlook.com ([fe80::3803:e042:abea:cd93]) by DBBPR08MB4539.eurprd08.prod.outlook.com ([fe80::3803:e042:abea:cd93%5]) with mapi id 15.20.1856.012; Tue, 7 May 2019 08:30:37 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Benjamin Kaduk <kaduk@mit.edu>, Luca Arnaboldi <Luca.Arnaboldi@arm.com>
CC: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Formal analysis of draft-ietf-oauth-pop-key-distribution
Thread-Index: AQHU/BpqKPkcnHWaK0OaLJqnsHk3QKZQ9M4AgA5v8mA=
Date: Tue, 07 May 2019 08:30:37 +0000
Message-ID: <DBBPR08MB4539C73C403BAC56ACC8AB1BFA310@DBBPR08MB4539.eurprd08.prod.outlook.com>
References: <DB8PR08MB39801EF8D75849CE0BC571678E3E0@DB8PR08MB3980.eurprd08.prod.outlook.com> <20190428035731.GE60332@kduck.mit.edu>
In-Reply-To: <20190428035731.GE60332@kduck.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.123.90]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a5492282-7415-4f3f-c1d4-08d6d2c6482c
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:DBBPR08MB4378;
x-ms-traffictypediagnostic: DBBPR08MB4378:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <DBBPR08MB4378F1F130EE9B1D81B5E131FA310@DBBPR08MB4378.eurprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0030839EEE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(366004)(376002)(39860400002)(396003)(136003)(78124002)(189003)(199004)(13464003)(40434004)(11346002)(476003)(4326008)(72206003)(3846002)(6116002)(478600001)(8936002)(446003)(186003)(33656002)(8676002)(26005)(6246003)(2171002)(6636002)(25786009)(81166006)(66066001)(486006)(2906002)(5660300002)(14454004)(73956011)(102836004)(6506007)(86362001)(256004)(55016002)(966005)(53546011)(5024004)(14444005)(110136005)(81156014)(64756008)(66446008)(76176011)(66556008)(316002)(76116006)(66476007)(7696005)(53936002)(229853002)(68736007)(71200400001)(71190400001)(6436002)(66946007)(6306002)(74316002)(9686003)(99286004)(52536014)(305945005)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:DBBPR08MB4378; H:DBBPR08MB4539.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: b81uBH9Fdwwob3np19c9B6qBQw1fIkA1mZ13KNWM/JohSvIxAmM/G37s2YDWUDRxSWUnuN/4piCi4311RsfABAHjop86aTpa2jQJGyxCBYJCdNeZFB23hJIOXPRSB83oSbpr/Bxq4OGxuV6hOoSifKZEZXOwW123lna4rtmWcPTUjsjRRxS8+22sG3afLXV9mEpyKJeXmGgGn14KJpfVK14DrramEp3GJ2rihAygWTh18xaQU/rths6ZkR4XnK528CWYTaM08SHutdFfPNp2LNSrC5z8xlFoUpsUDMBWZV3drrJi70cLlxOfOXSuBa1BPROwBDIJc0J0oUs+c/jpcdJVu50awfqEjsRyKOJbfeTFPgCKPFpMkae/ch2NxFsWFtytSoP7WSPMTi+GZQsXrTtpNhDK/jPLdjzG9Gp8C7I=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a5492282-7415-4f3f-c1d4-08d6d2c6482c
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 May 2019 08:30:37.4533 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB4378
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ADGRmsHycjWGcNoFN57kttVr86o>
Subject: Re: [OAUTH-WG] Formal analysis of draft-ietf-oauth-pop-key-distribution
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 May 2019 08:30:43 -0000
Hi Ben, currently we don't seem to have an indication that there is an attack possible. It would be interesting to see whether we could still construct one. Maybe you can dig out other protocols that have tried to accomplish similar goals (and failed). Ciao Hannes -----Original Message----- From: OAuth <oauth-bounces@ietf.org> On Behalf Of Benjamin Kaduk Sent: Sonntag, 28. April 2019 05:58 To: Luca Arnaboldi <Luca.Arnaboldi@arm.com> Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] Formal analysis of draft-ietf-oauth-pop-key-distribution On Fri, Apr 26, 2019 at 10:51:53AM +0000, Luca Arnaboldi wrote: > * I spoke with Hannes after the IETF meeting in Prague and he expressed the need to enhance our formal analysis (as presented at the OAuth Security Workshop) to verify whether it is necessary to demonstrate possession of the private key by the client to the authorization server. > > > * The analysis checked whether it was necessary for a proof of possession to be performed between the client and AS to ensure security. The result was that even without verification by the AS the client would not be able to access the resource from the RS without possessing the secret key associated to the token (assuming the check is done correctly by the RS). My apologies for not checking the model directly (I'm on a plane), but I'll note that we have seen similar PoP scenarios in other protocols where a misbehaving client will deliberately try to bind the (valid) key from another party to a token it authorizes, which can sometimes result in the other party taking actions different from the ones they intended. So I'd suggest being careful about what scope of attacks are considered. Thanks, Ben _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [OAUTH-WG] Formal analysis of draft-ietf-oauth-po… Luca Arnaboldi
- Re: [OAUTH-WG] Formal analysis of draft-ietf-oaut… Benjamin Kaduk
- Re: [OAUTH-WG] Formal analysis of draft-ietf-oaut… Hannes Tschofenig