IETF Logo Mail Archive

Re: [Pqc] [EXTERNAL] Re: [lamps] CMS Kyber: include PK and CT in the KDF?

Mike Ounsworth <Mike.Ounsworth@entrust.com> Thu, 11 April 2024 22:03 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EC39C14F71A; Thu, 11 Apr 2024 15:03:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.795
X-Spam-Level:
X-Spam-Status: No, score=-1.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FONT_INVIS_DOTGOV=1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9tSTHb6l0kpQ; Thu, 11 Apr 2024 15:03:51 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 767B1C14F5FC; Thu, 11 Apr 2024 15:03:51 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 43BHQBYK015632; Thu, 11 Apr 2024 17:03:46 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=76RSftcgRL8eqhdp+fD9WRwz UQG7OBepplUUf1slU6E=; b=C47jdqqg/Sqk9NvlpAWpYz8qfuYZBQmcWpd48HJr q6lHiFrh9F270V9PW7ExKMiNml3s11nSB58FjVKTlQAy9RSToF8Dnt5ZdML+B/cm heYfyUUKkVcR8lv2qRWYWdqYB0iegWb6Nm5CHkJP7z571fyiRLP7ZmllYt+8MWR0 3G1W8+KotHJ3ITJgMwlW1AMGD7X8Pw8kudMblOcdp0FHnJlqFpxYdqtKpPrGxKOX 6t5fzg/HduLbU6mKmEEBt2IrFYpKG0GFy1hVEGRuAgJRV7MUTO7EZMSWvsXclkK0 E/NIVYU8d1Mv/iCBo09XKGBHPBkfA5s/7sIR4Q2jMEu06g==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2101.outbound.protection.outlook.com [104.47.58.101]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3xb1cn0t5b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 11 Apr 2024 17:03:45 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ir/sqnvVgtON8OA3C59dHAb0jlB6fzom03f+IPSBYZGbkgz3giTLSSyA5m5LYznb87B/zX91uhtZiMhTDmSF7++TeATBDtvh72riVmbufbJg6lW8g0HLeLYuA5AcR8iw3uSWjeetLM6jGNKpoEBI9f7qvuRmrZJotlPmtu0wWDgOzVM2Zm4Ogl9hIWGZGHYVIjW+9uGttOgfqwnDiEgl2DHDf85S53o6R8TnUGi+UzekOp24DzY8SDpMmefeUEH5GfPfYphU/GccOjoYG8qGGQzxUP2Px/6qphBe44KCZDNNFHT+NsAIOxgLy+99004sNTN/2Jw8C/hyO7jWA2TyTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WjBSsChQgTxls2hzKUHCB4dt0uNs8Ag0DfG3AxNsuzg=; b=KomIbvFRUqT7jayxRgpcS0VZ1GzRYhUmRR0ALSsRfBNAt2Fhc5ODEpEoDU4Kk7ECpSrt0mtZjfQKXzc6KFxHZ1+izzFMcpLxJm+xdKYCfHfzbRW2qtntV5FCFP7f2Zk11QLn8fVQjIv78EjpQwtedLtNqZVEft9DZPn6jCxLBdF2AlK4kio38mZql6q+msUWAWKTIyaevmLKMXPEaZUXCXPHyzw8QJU2HTrfaEDhgHvKxxxiBqumYEWq8TTH9t1PT6BdsV9+Bng1nBbWciU56ftI34FTrQoad5bvR9485Iohm+mN2evyiQv3e2vxJNCBUp18xlW4LdbOnOWAtI57Hw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by BY1PR11MB8077.namprd11.prod.outlook.com (2603:10b6:a03:527::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7430.46; Thu, 11 Apr 2024 22:03:41 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::11f2:792f:10c4:f173]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::11f2:792f:10c4:f173%5]) with mapi id 15.20.7452.019; Thu, 11 Apr 2024 22:03:41 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Russ Housley <housley@vigilsec.com>, Deirdre Connolly <durumcrustulum@gmail.com>
CC: LAMPS <spasm@ietf.org>, "pqc@ietf.org" <pqc@ietf.org>
Thread-Topic: [EXTERNAL] Re: [lamps] CMS Kyber: include PK and CT in the KDF?
Thread-Index: AQHajFecyOveaJvkukqK1xgplDsCj7Fjm1Yg
Date: Thu, 11 Apr 2024 22:03:41 +0000
Message-ID: <CH0PR11MB57391B1E18D87AEB8D9519EE9F052@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <CAFR824w0rBfxGzCJrSZ3f45Lyn7SEVLZK6cM9ZaZVHVPujs-5g@mail.gmail.com> <A31C1C09-297F-4C4A-837E-FD2A703AD96F@vigilsec.com>
In-Reply-To: <A31C1C09-297F-4C4A-837E-FD2A703AD96F@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|BY1PR11MB8077:EE_
x-ms-office365-filtering-correlation-id: ca6eefce-c865-4524-3752-08dc5a733f5f
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5GEAFBMxoyteiqBepKvYQcibXiM9+HOsEM2DXsFf4yXn/UfhpJ762MMBhQtT2iRPzOBraMb3JeWPqKF0p2+u3KONVu2Glwqpj27NcWCnq+Kbh2XnKKwmQ+3cjEK0nGAUOUmKckMWQyrhyTdcL5lZolnwzYPn3dNVHzxFeVQtZjZ4O8eUynBAkpzW4Md+ZigCu39o7pSLtubUPVcOlPht4XOUzF7dETBmqswCawiweljh0LTpiXazTk1pTnNFRrlW3ntwjXnz4zrHF6dPHRlSuXi0Q97AlqANRLF+SL/7LH99L/8cY45sJL/2UoeHnwtJWDnm0Xt5HGHGFWGiyVAfQKl6IcQdVZ2g5UG9W5iZFokVHsYIQ8H2hHN0r1Gh+8EGNnCAnkyWHQMXhtx8J0RGnVrkpm6UMx9zJuGTTha57Dy8LALg5Q6tLBNEpGfZmQb8FZXksyd5A/lEYOfeJmXX2mxMsRDvkUy9VSxtmxhhg2g1p4H85mpCP99PZIFG4s8m/oZO3Q9ZvRGQMY+EcmuVILsu7lTeyiN7yRe/DT1JTDkV6rHknKV1BJtjdA+53tch+y/xesTSYcKQHi+dxO3KMpgPtjn9xvNgHfwu13XntitU2/X2EqYh0mPDubNhjHXgNViP6z2ecMLtuGEGa9V/CDVo8UuOmrXZ0OfJOaDn1dI=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007)(38070700009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: rmQScxWvSU+G8zbwj6OuKtrfJX9MdvSRZCedRgSE0Fo0cwj+ovXpjqA7oK8bG61Zbl0XM9QUWc1xM52gg1gj8rp2HNSjhOEmO4WJSYnNJopQ7n8l2MsdSEesvWK1sJdfDWg87R3Lsfdt+d0sacaegBA/MZyZGS5hXUpF1g1yM/6KACHCIWUHR2+AKPwo1KAc2O12wrqP0PYfWPVtcTafEYynt9WK951nDw4FxbwlX/KI4jnkSYLLJw5K2oE5+mTCDedvYyJ/3EfQyMdUwXGGNmp8tUk8RLzriq0Q6rrvdWI7548oDkZP75DdvLO+TyDmftHeGj9kNoCvx6CXQHriwRGEmL8ftHtnzj/s7ePEuRV0NTvISlyTc0mdhwUMC5oIWEyUySyeGz+qJSVUNPr1j8f2MkRVqSAB9t2EpWrpWIKDWKy7SF9n6QlQAlD0L/iKdFL97sGGqiHnwYwvU8bVW3SsWFfjFI0hYJzajJIRx9SAykuYfYcC41GhXDVUoGSISnwHUMmCcHscEsQyk5Wv9ongsWVbe3Bvv2qIhSKoJpglClURzWjg8dgsPbu2BQxTYB2o4LYmwAt+5qmrzX0hU2ZS/vr4iqHvsateDLiulEsZ66qrL0rGiW1w36c1Yrq4bDOT/upjtVWuMWm3DxqZPTEVzxGkBw+KycaEoSSJmFIpWkIr2Pm5aCrrqIUnUuFXfU5RmUMw3nXZjES3itmxArahCp7OD7zyr9PyItrmMB+B96n6RCyNWfwO7Xnm7EwMKuHsGi7O+Gv9yapHawnqKW64OreBoiJa7czlNntu6ZHGLnhwyl7m3OCgQ50/XD94c7B0UyHdgxYBtHQ8TPio5WJt/6qr+CZ/QZ6NIXVNhG7ylS7GHKPXvNplJOUQAJcF0S0c2mtI0VD9EE0hHVLOEattHHERYRhi3fd4QnCcKax+pNmZ/4B27r1jsaoOmF2sotrxubpJFHx6CnbWnk79Q1yxEmCGeTwF/EgT6VmFAKroiUKaF6Gvf+kDO+U7f4BcKyaq8sBZsuc0ZYTzPfDHaqJf4qWJxmmhdrzqUD66p7HPkplbDknUJbKy+AetTVrNaczErGbxGVusA7Bv13nYv3zJl/PzZulCktuCi9pjxGatasVhivgP6nXGLe8S/8BY3hHHhQZq2wDuDYNZFtXEnd0Sml2H+Xrt2Hy07Ji1yvc+/dCvliJfmValm2NnsRaxhArnnZXZ2/PIaSUzHAcLAtSVRwCkxJ72AMhku53h79Ss9zr76zNsnfeVdjRLaF8Sig6mRKsAywa+SEGCCN4UYTJqZqN/nPnn0AwWMHSyNX+ZJKEfJ5RbuTEqBNxbhowBaJylfqcZ29VCD1PyiyU33Yp/QsSv7Sg4dQHj8I9S8Iq9mVeRQ9QOjvjsSgI7ojmeChNzet6cl3jmXsMqn3pUg7k5Ei8IsjBke2MD2MpyqMac051UkvQV+/KC/9bH5L5e7EepN59NF1ItPLNl3y7FpiYPMyVnkUnYH1OwOh1VS/PMRiZDWZLU0jDZvxeoUHj/UIvuAXp1VVaLAjhYJXACDJOg29mQmltQlJBcBAuJf/2a7hoSOOnA5uZw6deVxSTQ
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0224_01DA8C32.3335D3B0"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ca6eefce-c865-4524-3752-08dc5a733f5f
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Apr 2024 22:03:41.0201 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7rua3k/BYL+hDtBKv9k8+UPOJg6S11spOeP/vGwgHaiUJuh7HIA2OXuw6wEBSoI3SlEXdv3MliHcIRmzVkyznqgenVr3JtoI0UybEP41teg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR11MB8077
X-Proofpoint-GUID: 7K9wYPzPhUPNByJfpVqPRYy07wWiBRzw
X-Proofpoint-ORIG-GUID: 7K9wYPzPhUPNByJfpVqPRYy07wWiBRzw
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-11_10,2024-04-09_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 mlxlogscore=934 mlxscore=0 spamscore=0 phishscore=0 malwarescore=0 lowpriorityscore=0 bulkscore=0 suspectscore=0 clxscore=1011 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2404010003 definitions=main-2404110159
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/7Dsy7cx22mboQu2vlcRx_fI6T0U>
Subject: Re: [Pqc] [EXTERNAL] Re: [lamps] CMS Kyber: include PK and CT in the KDF?
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 22:03:56 -0000

> It is _very_ important to me that one ML-KEM labrary be able to support
CMS, JOSE, COSE, and so on.  so, whateve happen in one WG needs to be
aligned with others.

 

Agreed, hence cross-posting to PQUIP.

 

 

> If there is consensus to do so, the CMS kyber draft could address this in
the algorithm-specific layer.

 

+1 to this suggestion.

We're on a deadline to get these RFCs out in short order after FIPS 203, and
have to act on what we know now. Given the analysis at this point, it seems
prudent to bind the PK and CT, and it seems like draft-cms-kyber (and
equivalents in other protocol WGs) is the right place to do it.

 

I still would like to see an analysis of whether the PK is always available
at decryption time. I would like to hear from smartcard, HSM, IoT, TPM type
people about whether it's fair to assume that the CMS / JOSE / COSE / etc
layer of a decryption routine will have access to the public key at
decryption time, or whether that will force some folks into awkward
re-architecturing exercises. For example, if someone has a TPM architecture
where only the wrapped private key is stored locally (cause why would you
ever need to encrypt for yourself?), then I could see that being an annoying
architecture change to also keep the public key. On the other hand, ML-KEM
is greenfield, so maybe it's ok to say "When ML-KEM; your private key object
MUST contain the public key".

I'm asking whether there's an engineering architecture concern here that
overshadows the security gain. Maybe I'll stop rambling here.

 

---

Mike Ounsworth

 

From: Spasm <spasm-bounces@ietf.org> On Behalf Of Russ Housley
Sent: Thursday, April 11, 2024 4:31 PM
To: Deirdre Connolly <durumcrustulum@gmail.com>
Cc: LAMPS <spasm@ietf.org>
Subject: [EXTERNAL] Re: [lamps] CMS Kyber: include PK and CT in the KDF?

 

Deirdre: There was a discussion of this a few months ago. Inside ML-KEM, the
public key is included in the KDF that computes the shared secret. There was
discussion ot addint a hash of the ciphertext to the KDF computation, but no
one thought 



Deirdre:

 

There was a discussion of this a few months ago.  Inside ML-KEM, the public
key is included in the KDF that computes the shared secret.  There was
discussion ot addint a hash of the ciphertext to the KDF computation, but no
one thought that should be done in cms-kemri since that would be an
algorithm-specific detail at a algorithm agile layer.

 

If there is consensus to do so, the CMS kyber draft could address this in
the algorithm-specific layer.

 

It is _very_ important to me that one ML-KEM labrary be able to support CMS,
JOSE, COSE, and so on.  so, whateve happen in one WG needs to be aligned
with others.

 

Russ

 





On Apr 11, 2024, at 10:30 AM, Deirdre Connolly <durumcrustulum@gmail.com
<mailto:durumcrustulum@gmail.com> > wrote:

 

Looking again at
<https://urldefense.com/v3/__https:/www.ietf.org/id/draft-ietf-lamps-cms-kyb
er-03.html__;!!FJ-Y8qCqXTj2!ZlXBL5zdkVBiGN9kO1SGzVWESjCU-Qx4JhNBJbo6Rc_mqMsr
e90MkvNPbifOgYG0NQ5JvsFw6syNRc5LwlFfawt_J-kL$> CMS Kyber, it seems to not
bind the encapsulation key or the KEM ciphertext anywhere in the CMS scheme
or the KDF. To mitigate the less-than-ideal
<https://urldefense.com/v3/__https:/eprint.iacr.org/2023/1933.pdf__;!!FJ-Y8q
CqXTj2!ZlXBL5zdkVBiGN9kO1SGzVWESjCU-Qx4JhNBJbo6Rc_mqMsre90MkvNPbifOgYG0NQ5Jv
sFw6syNRc5LwlFfa-WRFsEg$> binding properties of ML-KEM, I would consider
including the encapsulation key and ciphertext along with the shared secret
`ss` as input to the KDF. 

 

ML-KEM, as currently drafted as
<https://urldefense.com/v3/__https:/nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS
.203.ipd.pdf__;!!FJ-Y8qCqXTj2!ZlXBL5zdkVBiGN9kO1SGzVWESjCU-Qx4JhNBJbo6Rc_mqM
sre90MkvNPbifOgYG0NQ5JvsFw6syNRc5LwlFfa6TeNnwB$> FIPS 203 IPD, is
<https://urldefense.com/v3/__https:/eprint.iacr.org/2024/523__;!!FJ-Y8qCqXTj
2!ZlXBL5zdkVBiGN9kO1SGzVWESjCU-Qx4JhNBJbo6Rc_mqMsre90MkvNPbifOgYG0NQ5JvsFw6s
yNRc5LwlFfa2woeUJG$> LEAK-BIND-K-PK and LEAK-BIND-K-CT at best. To safely
use the shared secret output from ML-KEM without opening it up to r
<https://urldefense.com/v3/__https:/cryspen.com/post/pqxdh/__;!!FJ-Y8qCqXTj2
!ZlXBL5zdkVBiGN9kO1SGzVWESjCU-Qx4JhNBJbo6Rc_mqMsre90MkvNPbifOgYG0NQ5JvsFw6sy
NRc5LwlFfa5CF-wTk$> e-encapsulation attacks, including the PK and CT
concatted with the `ss` as the preimage to the KDF is a secure and easy way
to maximally bind the resulting KEK to the KEM public values. This
construction is also a secure solution for any KEM with even the weakest of
binding properties, so it would be a safe pattern for other KEMs:

 

- KEK = KDF(ss)

+ KEK = KDF(ss || ct || pk)

 

The ML-KEM standard may change between the current draft and the final one
later this summer/year, but even if so, this change would be basically
bulletproof either way in terms of security.

 

Cheers,

Deirdre

v2.23.0 | Report a Bug | By Email