IETF Logo Mail Archive

Re: [Rats] 3 Use cases

Thomas Fossati <Thomas.Fossati@arm.com> Mon, 15 July 2019 10:36 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7CF012008F for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 03:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o56-i_JPbUic for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 03:36:07 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30064.outbound.protection.outlook.com [40.107.3.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 276281200A3 for <rats@ietf.org>; Mon, 15 Jul 2019 03:36:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hS1EjZvdrU4ZaGw1GUVZ61C2woOYvowcghyk8duPqwO0RoOb7izWFSMh2UTRm0NYqBd1HT6quN/4pAU4bTq4USBq51V/35SSdv49uYuqPSpxCHGL9Km6VMMZUm4S54k5YOFmSArNv7zAFahMNJjOBsoPDyvNch74YApm0FuifLXYrVmqNG3okQHqYXBE8aROn2AMvYI5mXyxWJtOimOgvu8c2qRrjqlceMxwf9e4NUCCvCyODdYPpMFKkao6aS5cgxd+a4HcRZCorPV8HmaxyFIffC4uTxHp+HNUeSGJuAnqFPTwumN+LHrxfDANgHTY6K4SS5ZGCIMP7RYcpVUuBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZlEuqeN5q2yWJm136Mk08d7G4p0b1EvR9HYv7ggDnZ4=; b=igiq+ChCVTt9SO8RL9gvGI3z5V5oyDb2AE1DQNn74CV0u4YsMq2WHBBNK6GXrr18X4MI9YSIW3rah78XRcDqqhmAzUvHj5PXlPyp+GZb3inW9u3ZLIz0jGeRXVz230qgTZxuDwm12rffG/FK1qj72sm4xW/QYnnSZbDYKAq2ITvNNTONOBREMwAc+g+Y2YLrT72KAE6bOQ0TOiiAqD/fajKv15x+PRAYHskWVYagdkaof4BwAjTBTncEWN5T0jq+rH02GRPly02DUQJ2/JC6sIwigdg+Qec6ZCgSrTjgANZnMls9MhAh+K2FJ6sj9FS1ezas+3YemR0i8/coibsJSA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=arm.com;dmarc=pass action=none header.from=arm.com;dkim=pass header.d=arm.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZlEuqeN5q2yWJm136Mk08d7G4p0b1EvR9HYv7ggDnZ4=; b=Yieg+cmmX8sdq2lUV5p8FnPapBZyBT7tfahf167XDr00d3QZzP/c9yc9V7UlX0izuWNmOmucuUdQxy6zsV+WP7o4p7K4jD2N0G5GHAF6IAIqdB9N4Y4WAZLNsMmfiE2JC1KtGNxSuK7Y5SvDuzfmzYMhLpV6w3lr4a/QWcKA+eM=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (20.179.4.202) by AM6PR08MB4293.eurprd08.prod.outlook.com (20.179.5.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Mon, 15 Jul 2019 10:36:04 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::a0cb:7d43:97aa:b4fa]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::a0cb:7d43:97aa:b4fa%7]) with mapi id 15.20.2073.012; Mon, 15 Jul 2019 10:36:04 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>, "rats@ietf.org" <rats@ietf.org>
CC: Thomas Fossati <Thomas.Fossati@arm.com>
Thread-Topic: [Rats] 3 Use cases
Thread-Index: AQHVOvkaN/pItfsd6kmtXa1E7oGE/w==
Date: Mon, 15 Jul 2019 10:36:04 +0000
Message-ID: <6756BB60-C0E7-424F-B191-0BD0A06D1D06@arm.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
x-originating-ip: [217.140.106.54]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7b2527df-0caf-498c-6652-08d709103d3a
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:AM6PR08MB4293;
x-ms-traffictypediagnostic: AM6PR08MB4293:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <AM6PR08MB42938B89DFC750A61BCA6A109CCF0@AM6PR08MB4293.eurprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00997889E7
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(39860400002)(366004)(346002)(396003)(189003)(40434004)(199004)(110136005)(6246003)(86362001)(4326008)(8936002)(6116002)(3846002)(229853002)(7736002)(81156014)(316002)(81166006)(99286004)(6436002)(66946007)(66446008)(64756008)(2501003)(6486002)(76116006)(66476007)(66066001)(91956017)(66556008)(8676002)(53936002)(2906002)(33656002)(236005)(68736007)(606006)(71200400001)(71190400001)(6512007)(54896002)(6306002)(14454004)(478600001)(53546011)(486006)(25786009)(36756003)(476003)(256004)(2616005)(14444005)(5024004)(966005)(5660300002)(26005)(186003)(6506007)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4293; H:AM6PR08MB4231.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: SKzdErkWZp76+Nc/LrKMZ/IKw/TiZSRtEhaqgUzxbHt8n64r5b1jdWr483N8KcpYVK1ElhJbrM00wNqnByS26UkrSMADmqDp0ZFXdCyqyOtoZGD2AUVjThJiLEJKXJWxoJn59K4miFXgLu50SbHDuQYb9jop64eQzKN6E72VfwQzKC6gWZGPnj7Hizu9YV9xXUZFxhCrN0MPa3lWwdpN30zBgms04wsxE/YN+Z5WP1opvQDwsnSp90YC+v1eKftot0Ht9F3StBrXnh9bjq67jOTRna/24Tw/VFEgfY7HsoKpukOlVTyFeyqkXh+FAODPhdLz5Qg9deRkt2QhxEa49p2NYB6N/EmSsdtPvHM2VlEa1gOv/Rgg8tdkswdeCoGX5Q9n6063WgSQhuKu4UGChHjfvkdy4uycw+1HRQatDU8=
Content-Type: multipart/alternative; boundary="_000_6756BB60C0E7424FB1910BD0A06D1D06armcom_"
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7b2527df-0caf-498c-6652-08d709103d3a
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jul 2019 10:36:04.6409 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Thomas.Fossati@arm.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4293
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/6kfEfPy35SW1OgU08jT0fcyAoEI>
Subject: Re: [Rats] 3 Use cases
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 10:36:11 -0000

HI Oliver,

Thanks.  A few comments inline.

Cheers, t

From: RATS <rats-bounces@ietf.org> on behalf of "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>
Date: Monday, 15 July 2019 at 09:57
To: "rats@ietf.org" <rats@ietf.org>
Subject: [Rats] 3 Use cases

Supply Chain Attestation

A device is shipped from an OEM via some delivery mechanism and is received by a customer. The customer requires assurance that the device has not been tampered with. This differs from the usual attestation scenarios between a device/element and attestation server/verifier in that this requires knowledge of the partial or full configuration of the device being shipped and configured before introduction into the customer's environment.

This use case then requires interaction between two attestation points to ensure that the integrity of the device has not changed with regards to a) the device, b) the original [possibly partial] configuration, c) the device manufacturer's measurements and d) the receiver - customer's - measurements.

It's not clear to me what you mean by “usual attestation scenarios” and therefore why this should be different from those.

I also don’t understand what are the “two attestation points” you mention?

ISTM that in the scenario that you are describing above the OEM has all the information regarding the installed software and its configuration upfront, i.e., before shipment.  If so, it can just communicate the expected values to the Verifier, and that’d close the loop.  (I think I might be missing something crucial?)


Dynamic Systems

All current integrity mechanism assume a certain degree of fixed properties, eg: TPM's CRTM/SRTM, and known configurations. A case exists where a set of, say, IoT devices each with integrity measurements are attested by some Edge node. The Edge node may combine the IoT device measurements into a single measurement (eg: Merkel Tree). If the configuration of IoT device changes, particuarly in relation to availability of device, then this combined measurement will change. This changed measurement however may be a valid configuration.

For example, in a medical case, the set of measurement devices may be rapidly changing due to necessity of network provisioning, device availabiltiy etc, but the permutations of devices may still be valid.

This looks similar to https://tools.ietf.org/html/draft-richardson-rats-usecases-04#section-5.1.3 except it spells out the “continuously changing topology” trait.

Do you envisage this needing something more than the application of a local policy for aggregating the measurements, or could it be treated similarly to the “Proxy RoT” use case (e.g., by defining a claim that specifies the used aggregation mechanism to the verifier)?

Data Attestation

A piece of data received from a trusted element may itself contain information about the configuration of that device when that data was received.. This might be a single measurement or a combination of measurements over time bounded by a session or transacition.

In this use case we continue the chain-of-trust up from the device firmware/operating environment to the data. This enables that once a data packet is received, it's integrity can be checked (cf: JWT) and this information also be traced to the device that produced that data. The data and device then can be attested together..


--

Dr. Ian Oliver

Cybersecurity Research

Distinguished Member of Technical Staff

Nokia Bell Labs

+358 50 483 6237

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email