Re: [Panic] notes on Panic Draft

"Diego R. Lopez" <> Sun, 30 July 2017 20:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D588F131CE1 for <>; Sun, 30 Jul 2017 13:21:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lZJ9IWktn3-T for <>; Sun, 30 Jul 2017 13:21:06 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id DFDB4131C3A for <>; Sun, 30 Jul 2017 13:21:05 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.10; Sun, 30 Jul 2017 20:21:02 +0000
Received: from ([fe80::25:7eac:7ccc:f78d]) by ([fe80::25:7eac:7ccc:f78d%13]) with mapi id 15.01.1282.023; Sun, 30 Jul 2017 20:21:02 +0000
From: "Diego R. Lopez" <>
To: "Panos Kampanakis (pkampana)" <>
CC: Jessica Fitzgerald-McKay <>, Guy Fedorkow <>, "" <>, "Iluminada Baturone" <>
Thread-Topic: [Panic] notes on Panic Draft
Thread-Index: AdMCY8IYY6zBEz8yT9uERQZ0qXAFnQD26z4AAF4VMoAAblODAA==
Date: Sun, 30 Jul 2017 20:21:02 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6PR0601MB2167; 7:TX8+LyvuD+hX5Pc47QuGF6vgOQxk3uflYI6XZxvUf159Dgqo54rE4ZLm3gi2/c6MhRWeH6F/t6q7bXLV0iBC64flOffGdjXVGelvbi7nUb1zfGeFk8pCUhV8T1dL7o9IXQDO4h1XZG0217MIIV/zuabkdbkr7I73AfVPloC3GGcY3VLpRr5jvloOx1dLXO8eERHva9C7pmldYzSbNYZt6z4UNvyfM+P+jh5ge2KNNkdRsOtqCi8d5R8WOU0HX2XMnKE3tAvZ7ogzOKjcChiUHL4NpHjMDVI1pauaX/1hwomOKOOtfsSsJUDz2WIesTh968nyt1uftN4Oj8nB20/eWqMsZM/tgTWLJeYnuaQNHMMxO36735yhwGK5ofP9X+MaGCJ+8B5t1qIFM0W+DAs9I3reeDJV/ocBBn38HGDZQAMGPJ9lURLwmKcNFDw6gnUd0ewXm/1h5im/XXG6W5lUH6cR9jpQHYYtjjxMYfnmOJctlaYRakWoVFJK5807NbgtFJ+qVNXxyW3ik6XPfOaHYRQT7GA1nr9VgjnhiN36c5Ca9w/h+jeun91tizno768CeGP4HaHf7o10pevhQx0WGZv1p54Xsj0MOBnJLZceqtdLzISiyIUvzoQOGLY+ah+mXXZFQwDimQS9RMYzFoHw5ic8rN8penubccEwLnWkwIjBlJHglbroZ7fh7XZrxnqpkmljBsTI6H5KR+AUwvb15rou/MrzT310IlJg+gBKFp59EfF7XqtvgZwJT0T1ilQuAgiE8mgDvridn1dC8MwpITIAHvhI/8ogTHbIW+dq5nc=
x-ms-office365-filtering-correlation-id: eb53dda6-b33b-47d7-70ed-08d4d7887fdc
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(48565401081)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DB6PR0601MB2167;
x-ms-traffictypediagnostic: DB6PR0601MB2167:
x-exchange-antispam-report-test: UriScan:(40392960112811)(158342451672863)(65766998875637)(278428928389397)(72170088055959)(192374486261705)(271806183753584)(138986009662008)(95692535739014)(155532106045638);
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3002001)(920511095)(6055026)(6041248)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123564025)(20161123555025)(20161123558100)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DB6PR0601MB2167; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DB6PR0601MB2167;
x-forefront-prvs: 0384275935
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(39840400002)(39450400003)(39400400002)(39850400002)(39410400002)(377454003)(199003)(252514010)(25724002)(85664002)(51914003)(189002)(54094003)(24454002)(40134004)(40224003)(76176999)(50986999)(3280700002)(7736002)(2906002)(3660700001)(102836003)(3846002)(6116002)(105586002)(54356999)(6512007)(53936002)(6246003)(36756003)(2900100001)(5660300001)(6306002)(8666007)(53946003)(39060400002)(54906002)(54896002)(6436002)(110136004)(236005)(478600001)(53546010)(606006)(66066001)(6486002)(6506006)(14454004)(229853002)(2950100002)(82746002)(83716003)(966005)(189998001)(38730400002)(99286003)(86362001)(97736004)(5250100002)(6916009)(101416001)(8936002)(68736007)(4326008)(81156014)(81166006)(33656002)(25786009)(8676002)(106356001)(12290500005)(15398625002)(17260700007); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR0601MB2167;; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_B885448B4ACA4830905745BF4FD36BB4telefonicacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2017 20:21:02.5041 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0601MB2167
Archived-At: <>
Subject: Re: [Panic] notes on Panic Draft
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Posture Assessment Through Network Information Collection \(panic\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 30 Jul 2017 20:21:11 -0000


There is some work on hardware fingerprinting (derived from circuit noise) that could be applicable here. It would require an initial trustworthy access to the device, or a trusted database of fingerprints, but could address almost all cases, in special when dealing with constrained devices.

We have been working with a research group looking at these issues (their head is in Cc:) and here you go a few references of what they are doing:

  1.  Device authentication by inclusion of dedicated hardware:

Hardware dedicated modules have been designed to authenticate the ASICs and FPGAs where they are included. They are based on Physical Unclonable Functions (PUFs), which are functions whose outputs to given inputs can only be generated by the genuine device. The modules implement security primitives particularly related to key generation, identifiers, and random numbers. Security against hardware attacks has been especially analyzed, particularly side-channel attacks such as differential power analysis (DPA).

Some related papers:

  *   “Hardware authentication based on PUFs and SHA-3 2nd round candidates”, by S. Eiroa, I. Baturone. Proc. ICM 2010, 22 Int. Conf. on Microelectronics, pp. 319-322, Cairo (Egypt), 20-22 December 2010. DOI: 10.1109/ICM.2010.5696149

  *   “Circuit Authentication based on Ring-Oscillator PUFs”, by S. Eiroa, I. Baturone. Proc. 2011 18th Int. Conf. on Electronics, Circuits and Systems (ICECS’2011), pp. 691-694. Beirut (Lebanon), 11-14 Dec. 2011. DOI: 10.1109/ICECS.2011.6122368

  *   “FPGA implementation and DPA resistance analysis of a lightweight HMAC construction based on PHOTON hash family” by S. Eiroa, I. Baturone. Proc. 2013 23rd Int. Conf. on Field Programmable Logic and Applications (FPL’2013), Oporto (Portugal), 2-4 Sept. 2013. DOI: 10.1109/FPL.2013.6645605

  *   “A VLSI Module To Authenticate Unclonable Things”, by I. Baturone M. A. Prada- Delgado, S. Eiroa. Proc. 19th IEEE Int. Symp. on Consumer Electronics, ISCE 2015, pp. 1- 2. Madrid (Spain) 24-26 Junio. 2015. DOI: 10.1109/ISCE.2015.7177831

Chain-of-trust for interconnected devices via firmware reprogramming:

A highly secure software platform is being developed that, once injected in the devices via firmware reprogramming, will provide cryptographic and physical authentication techniques, avoiding counterfeit of the devices in a network. No dedicated hardware is needed.

Some related papers:

     *   “An unclonable token for a secure document management system”, by I. Baturone, M.A. Prada-Delgado, S. Eiroa, J.A. Prieto, Demo Session (Invited). Intel Workshop on Cyberphysical and Mobile Security: Intelligent Things, Vehicles and Factories, 2014. Darmstadt (Germany) 10-11 June. 2014

     *   “Robust Unclonable Identifiers and True Random Numbers from off-the-Shelf SRAMs” by M.A. Prada-Delgado, S. Eiroa, I. Baturone. Demo Session. Proc. DASIP 2014, Conf. on Design & Architectures for Signal & Image Processing, 2014. Pages: 1 – 2. Madrid (Spain) 8-10 Oct. 2014. DOI: 10.1109/DASIP.2014.7115613.

     *   “Improved generation of identifiers, secret keys, and random numbers from SRAMs”, by I. Baturone, M.A. Prada-Delgado, S. Eiroa, IEEE Transactions on Information Forensics and Security, Vol. 10 (issue 12) pp. 2653 - 2668. Dec. 2015. ISSN: 1556-6013. DOI: 10.1109/TIFS.2015.2471279

     *   “SRAM-based Physical Unclonable Keys for BLE Smart Lock Systems”, by M.A. Prada- Delgado, A. Vázquez-Reyes, I. Baturone, L. Acasandrei, D. Fernández-Barrera, J. Prada- Delgado. University Booth Demo in DATE 2016, Design, Automation and Test in Europe, 14-18 March, 2016, Dresden (Germany).

Be goode,

On 28 Jul 2017, at 17:39 , Panos Kampanakis (pkampana) <<>> wrote:

Hi Jess,

To try to address two questions:

> I would like a sense of how widely implemented they are for network device software and operating systems. Anyone have any insight there?

I am not aware of any network vendors that use SWID tags.

> 802.1ar requires installation ​
​of an IDevID, from which many LDevIDs can be created. I'm happy to geek out on the added security of cryptographic IDs, but, can we talk though the workflow of getting the initial IDevID installed (who would be responsible for that? Do network equipment vendors use IDevIDs today?

I can’t speak for all vendors, but Cisco has been using IDevIDs in their products for some time and more platforms are adopting it. The private key for the 802.1AR cert is stored in a secure storage chip (similar TPM) so the IDevID cannot be compromised. I applaud adopting a secure immutable identity or better a subsequently acquired LDevID to authenticate the reported data from the endpoint. Fallback or additional auth mechanisms will also be necessary for other usecases though.


From: Panic [] On Behalf Of Jessica Fitzgerald-McKay
Sent: Wednesday, July 26, 2017 2:46 PM
To: Guy Fedorkow <<>>
Subject: Re: [Panic] notes on Panic Draft

Thanks for the feedback, Guy. Responses in-line. I have more questions than answers, and I'd like others on the list to weigh in. Looking forward to hearing from everyone.

On Fri, Jul 21, 2017 at 5:18 PM, Guy Fedorkow <<>> wrote:

Hi Dave, Jessica,
  Thanks for updating the PANIC draft…  I think it’s starting to take shape!

  It seems that the next step in moving this forward might be to outline the kind of information we want to retrieve from the endpoints.  I’d assume you’d want some kind of info to identify the device – manufacturer, serial number, etc, plus something that shows the software revision of the relevant modules.  Could that be something like a set of SWID tags?

​Personally, I would be delighted if software load could be captured in a SWID tag. Failing that, I would like to be able to collect a swid-like set of information from​ the network device. I took a look at NISTIR 8060 (which you can read here: and it looks like-- ignoring data about the tag itself, like tagID, entity information about the tag creator, etc--  required fields for a primary tag are:

  *   software name and
  *   software version,

which should be easy enough to collect on their own.

But, SWID tags offer additional information that could be useful to us. Evidence and payload fields, for instance, can be used to communicate file hashes that comprise the software. Tag signatures could allow us to have move trust in the entity that created the tag (for example, a tag from the software vendor is potentially more trust worthy than one created by a third party). And SWIDs allow us to easily communicate what patches are installed on the product, which is necessary for vulnerability and compliance assessments.

All things considered, I'd like to use SWID tags. I would like a sense of how widely implemented they are for network device software and operating systems. Anyone have any insight there?

  It might be good to pattern the device information on IEEE 802.1AR.  Using a cryptographic ID might not be a ‘must’, but it’s probably a desirable option, so making sure it would fit might be helpful.

802.1ar requires installation ​
​of an IDevID, from which many LDevIDs can be created. I'm happy to geek out on the added security of cryptographic IDs, but, can we talk though the workflow of getting the initial IDevID installed (who would be responsible for that? Do network equipment vendors use IDevIDs today? If not, could the device owner install one without a lot of hassle?)​.

Also, secure though 802.1ar is, it often has no relation to any observable device identities on the network. I'm thinking about a behavior monitoring use case here, in which I notice a device behaving in an unexpected manner, and want to investigate it's posture while I figure out what is going on. Is there a way to gather many identities from an network device using netconf/yang?

  It might be good to add a note saying whether the draft should extend to virtualized devices, e.g., NFV instances.  I’d assume that it should, but that might make identity a bit more complicated.

​In section 3 of the draft, we say "​Virtualized network functions are currently considered in scope". Of course, I worded it that way because I, too, am concerned about whether their inclusion makes our solution overly complicated. Are there any netconf experts that can speak to this concern?

  On the topic of scope, I suppose it might be good to say if “Things”, as in IoT, are in scope or not.  I can’t guess if that has an impact on the technical spec, but there certainly could be an impact on implied scaling needs, and it might help remind readers that figuring out what’s running in the IoT is a getting to be a big problem.

​Agreed that IoT is a problem. Do many "Things" that compose the Internet of Things implement netconf?​ It's such a broad space, I worry that some "Things" could handle netconf, and others (things like "smart dust", etc.) couldn't handle the added weight.

  The diagram in the front of the draft shows an interconnect between Posture Server and Data Store…  seems like there could be some complicated transactions across that link…  Do you think there’s existing practice that could be used for this?

​Sadly, I know of nothing we could easily point to and say "that is the protocol we will use for server-datastore communication". But, what I do not know could fill volumes. Maybe others have ideas where we can start?
  The draft also mentions methods that Endpoints can use to find Posture servers.  I wonder if Zeroconf or some kind of DHCP trick might work for this?

​Zeroconf is an option. TCG has some prior art here ( I am happy to consider all viable options.​

  Finally, in Security Considerations, I wonder if there should be something about how much we do or don’t trust the endpoint to report its Information truthfully. The combination of 802.1AR and signed SWID tags might help with a way to assess the reliability of the information.

​Agreed, I will add that to the next revision. ​

  Great start, let’s try to start breaking down some of the top-level topics to get to the next level of requirements.

Panic mailing list<>

Panic mailing list<>

"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D

Tel:    +34 913 129 041
Mobile: +34 682 051 091


Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição