[openpgp] Re: pure vs. pre-hash in FIPS 204 and 205

Simo Sorce <simo@redhat.com> Fri, 30 August 2024 15:16 UTC

Return-Path: <simo@redhat.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE05EC151095 for <openpgp@ietfa.amsl.com>; Fri, 30 Aug 2024 08:16:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.253
X-Spam-Level:
X-Spam-Status: No, score=-2.253 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1YKcE-7nUiDS for <openpgp@ietfa.amsl.com>; Fri, 30 Aug 2024 08:16:15 -0700 (PDT)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09C39C151091 for <openpgp@ietf.org>; Fri, 30 Aug 2024 08:16:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725030973; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=S9dtSVbyeVClre9b7opnczWiD3oWrH20SD5XVHVxuoQ=; b=Sp7EmbpDLBW2oC+59VTDsQ2bvZXKjR4YPfRVy/KKPMCjt4W9L60kIJ6VWUEy+MGdBiYQnc eMtLrSvJ9D+g1aO2sG7AccjJlj0LGVjQ5Xm5fDFcrl3bHvkd1RmCCOzY3yLtEJRwpznd5t zDyRtkctv7Qszfoyf9/4HCQAbQoPMqs=
Received: from mail-oo1-f72.google.com (mail-oo1-f72.google.com [209.85.161.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-384-KOuhM6aGMGCU4jPLyN6ngA-1; Fri, 30 Aug 2024 11:16:12 -0400
X-MC-Unique: KOuhM6aGMGCU4jPLyN6ngA-1
Received: by mail-oo1-f72.google.com with SMTP id 006d021491bc7-5df9ac3042dso2003775eaf.2 for <openpgp@ietf.org>; Fri, 30 Aug 2024 08:16:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725030971; x=1725635771; h=mime-version:user-agent:content-transfer-encoding:organization :references:in-reply-to:date:cc:to:from:subject:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=S9dtSVbyeVClre9b7opnczWiD3oWrH20SD5XVHVxuoQ=; b=dR041VmrFJcd1p/WV3ZPguE9rudUstteKSU5wWqSyYugC/MV/mKzDCWaNg/vCNTATW 1KidzdaX0BLz8a9ekm/nMfkNthTMshY22OtsPt4LtXv3mWuPmzuRWS94AvqgdIMg2hwB 6KSmZbJ7RX2YAZPzJqZ0ijgM4o9HscNmRumbo84hI+U+InXj61N0QC8LQKrEEjFRnrxJ BRGBmd4vNPT57NeYzqm8bXq71buidwM7XIhNjhOCc1BebFfVpzJPSlUY44/Kkm3czkFN t/WcM6+NSx9pNREkXEYdXZSCvqUtJThbkUiUufdUABI4kJIaso2pvCiaEQbpJTNCsEP7 CXyg==
X-Forwarded-Encrypted: i=1; AJvYcCVMsagjxKLCEsHH+9s/NOIL2aeFep4z4gaaCrfnuJ1jpVD+YvngGDEKwTU2oWmoByqYprdS7l3J@ietf.org
X-Gm-Message-State: AOJu0Yz7doPyaHaV1vvQgSd2s0JjRW/ejteDX3H+ulDzdWuSSYdiB5HH HBgiLwlWEiG9UVBF+mPgByTBGPmzzjDEdM6r5CGeBWkiJ77Tr35bt4NawUPK7E6fhcxueD9fD19 WwIjPz5plc1OmBUpQ6ljcjc2gouoigdTl8VCy0wmfd8CtpA==
X-Received: by 2002:a05:6820:2297:b0:5dc:9800:a443 with SMTP id 006d021491bc7-5dfacddf48fmr2782458eaf.1.1725030971531; Fri, 30 Aug 2024 08:16:11 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGV1Hw+yKj5dZkMk3fXnZv8su8bufc3dHufPMhmZktAm1ftc3lucPqOH4c/TuIgrfigF6Dfvw==
X-Received: by 2002:a05:6820:2297:b0:5dc:9800:a443 with SMTP id 006d021491bc7-5dfacddf48fmr2782407eaf.1.1725030970933; Fri, 30 Aug 2024 08:16:10 -0700 (PDT)
Received: from m8.users.ipa.redhat.com ([2603:7000:9400:fe80::318]) by smtp.gmail.com with ESMTPSA id 006d021491bc7-5dfa047c118sm666982eaf.2.2024.08.30.08.16.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 08:16:10 -0700 (PDT)
Message-ID: <98f513368035f56052f8f524be41561ac9a89120.camel@redhat.com>
From: Simo Sorce <simo@redhat.com>
To: Daniel Huigens <d.huigens@protonmail.com>
Date: Fri, 30 Aug 2024 11:16:09 -0400
In-Reply-To: <4e9oBXl8Mu7-Fcj3fn0UssCr_qyeZFhmgvf9CzVEw4-ueyG5h678x4P3x04DrTznZQs88Mcqp5mzPIoumsdAQb7gqJc6SdsZuCWLU__ugdI=@protonmail.com>
References: <gp_qhnxiYq_pgzpw26Gw5lC53i2aOD1tik9Lrprf0yhURin012f3YvwxS-8mGXOX7ObRAiMqjBkyyxiC8vkwuMMg0Kng4dSOI4Edwww0v4I=@proton.me> <C248DA16-5642-4141-8561-108F157A0D97@andrewg.com> <nLeggcwwubArYMbVyxeaaGb3-QcrtILJob0uhfTjhbXRnCUQWJv0sjwhDuXvc705DhqW2XNEJHqagEFow2v0i5L1cRAv2ixFvqDIDp3lFiQ=@protonmail.com> <55c42efdaea1bd661f5d3607706a6d4d388cea61.camel@redhat.com> <fU3_9MgtQjRnA48uQszLXegERJDcKOLGHUssln9CZfamMwBNpbD6Wj5zVpCl_DrfaTqkuJpDGsI4-13uRDyBDZuHNMtcsD5wP376GsxSWSU=@protonmail.com> <b329a33a05f8dca61571ea049357c421c48f6927.camel@redhat.com> <4e9oBXl8Mu7-Fcj3fn0UssCr_qyeZFhmgvf9CzVEw4-ueyG5h678x4P3x04DrTznZQs88Mcqp5mzPIoumsdAQb7gqJc6SdsZuCWLU__ugdI=@protonmail.com>
Organization: Red Hat
User-Agent: Evolution 3.52.4 (3.52.4-1.fc40)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: K6ZBFH5UOZ6J5ZSMOUGWIYTKG54NI6NC
X-Message-ID-Hash: K6ZBFH5UOZ6J5ZSMOUGWIYTKG54NI6NC
X-MailFrom: simo@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Andrew Gallagher <andrewg@andrewg.com>, Akhil CM <akhilacm@proton.me>, "openpgp@ietf.org" <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [openpgp] Re: pure vs. pre-hash in FIPS 204 and 205
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SdylebKoTMM7buQ_HwPE5Q7JzOU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

On Fri, 2024-08-30 at 07:18 +0000, Daniel Huigens wrote:
> Hi Simo,
> 
> You're making an argument that goes roughly as follows:
> 
> - I don't understand the purpose of HashML-DSA as described in FIPS 204
> - Therefore I assume the purpose must be something else, and interpret
>   the text of FIPS 204 differently to fit that assumption
> - The purpose I assume is the one that would be relevant for OpenPGP
> - Therefore we should use HashML-DSA for OpenPGP
> 
> IMHO, this is faulty reasoning. If you don't understand the purpose
> of HashML-DSA, that's fine.
> 

I do not understand how you come to the conclusion I do not understand
the purpose of HashML-DSA given that purpose is clearly stated in
FIPS204.

>  I don't see it as my job to justify the
> existence of HashML-DSA for something other than being used in OpenPGP.
> For all I care it might be completely useless and nobody implements it,
> like what happened with the pre-hash variants of EdDSA.
> 
> In any case I prefer to take the text in FIPS 204 at face value, and
> the straightforward reading of the text says that we shouldn't use it.

Can you quote FIPS204 to substantiate this position? I quoted it
literally to support my position.


> 
> > The explanation in 5.4, the whole point of providing a pre-hash ML-DSA
> > version is to allow application to doh!) "pre" Hash the message.
> 
> That's not what it says. It says: "Like ML-DSA, the signing algorithm of
> HashML-DSA takes the content to be signed, the private key, and a
> context as input, as well as a hash function or XOF that is to be used
> to pre-hash the content to be signed."
> So it's the HashML-DSA function itself that pre-hashes the content.

I quoted the literal text that says (paraphrasing) "the application can
provide PHM", I do not understand how you can make this contentious. It
is written right there.

> > What would be the point of doing that, and then re-hashing the whole
> > thing a second time ? (and then a third time internally).
> 
> Indeed you wouldn't. That's why it says "If the content is *not* hashed
> at the application level, the pre-hash version of ML-DSA signing may be
> used." (emphasis mine)

Yes, and I think this is where you misunderstand the context I think.

This phrase allows you to use the pore-hash version *also* in the case
the application gives you a full message, if the cryptographic module
can use a much faster hashing mechanisms separate from the one used
within the internal signing function. It is meant as an enabling and
not an excluding condition.

IE you are not force to use Pure ML-DSA if your devices are constrained
and HashML-DSA would be a more efficient way to implement this.


> 
> > If you are still unconvinced look at the text at the bottom of Page 20
> > which says explicitly: "As with the pre-hash signature generation, 𝑀 ′
> > may be constructed outside of the cryptographic module that performs
> > ML-DSA.Verify_internal."
> 
> The text after your quote continues "However, in the case of HashML-DSA,
> the hash or XOF of the content must be computed within a FIPS 140-
> validated cryptographic module, which may be a different cryptographic
> module than the one that performs ML-DSA.Verify_internal."

And this is relevant how?

NIST sets the FIPS standards, all this is saying is that even if the
application is doing the pre-hash, the hashing function should still be
a FIPS validated implementation. They go to great length to specify
that this hashing function can be validated in an entirely different
FIPS module, exactly to avoid paperwork obstacles.

It just corroborates the interpretation I am giving you that you can do
that hash elsewhere, specifically by the application before passing PHM
into the cryptographic module.

> 
> Like I said, you might have a "core cryptographic module" that's on an
> HSM, and a different cryptographic module that computes the hash.

Yes, this is what it is saying, so how is this contradicting anything
about what I said about HashML-DSA and its appropriateness?

> > for the non-FIPS language versed "Outside the cryptographic module" ==
> > "The application"
> 
> So no, in this case they mean "in a different cryptographic module".

Your are playing with semantics, I certify software implementations of
cryptographic modules as my day job, In RHEL, we have 4 different
libraries certified that can do hashes, and all our applications
(including PGP implementations) use one of those *certified* modules to
do the Hashing. Certified cryptographic modules are not just *hardware*
modules.

> > I know that OpenPGP does not do that, but NIST puts down general rules
> > to follow that cover all cases. That is the spirit of the
> > specification, and yes if you "hold it right" you can be safe using
> > Pure ML-DSA, but why go against the spirit and the recommendation of
> > the spec when it is rather easy to actually follow the spec and use the
> > correct function which is HashML-DSA ?
> 
> You still haven't actually quoted a recommendation of the spec.
> The only relevant recommendation I see is: "In general, the “pure”
> ML-DSA version is preferred."

I am not sure why you insist quoting this sentence. YEs NIST prefers
Pure ML-DSA where possible, but "pure" Ml-DSA'a premise is tat you pass
the whole content you want to sign into it.

You are clearly do not want to do that, you want to pass in pre-hashed
content, so you clearly fall into the pre-hash category which is served
by HashML-DSA.


> 
> > They would not have made available HashML-DSA if there weren't
> > legitimate cases for it.
> 
> Like the text I quoted above says, "If the content is not hashed at the
> application level, the pre-hash version of ML-DSA signing may be used."
> So the exact opposite case of OpenPGP.

You are treating an inclusive or like an exclusive or here. This text
just says that even if the cryptographic module is given a full
message, the implementation can  still decide to use the pre-hash
variant instead of the pure one, for internal convenience reasons.

This text has nothing to do with application that use pre-hashing so it
is irrelevant to establish what is the correct function to use for
openpgp.

> 
> Btw, if your position is that you _disagree_ with NIST and/or FIPS 204,

I disagree with your interpretation, because I think your
interpretation is faulty. You are reading preferences and requirements
that are not there, and coming up to a conclusion which is the exact
opposite of what the spec would recommend you to do.

This is why I am debating your statements.

> like some parts of your email seem to suggest, that's perfectly fine,
> but that's something entirely different than claiming that the spec
> recommends something different than what it actually recommends.

So I think you misread the spec, and clearly you think I misread it.
Perhaps we bring the case to NIST and ask them what they think?

Simo.

-- 
Simo Sorce
Distinguished Engineer
RHEL Crypto Team
Red Hat, Inc