IETF Logo Mail Archive

Re: [Rats] Comments on draft-birkholz-rats-architecture-01

Nicolae Paladi <nicolae.paladi@ri.se> Mon, 15 July 2019 11:14 UTC

Return-Path: <nicolae.paladi@ri.se>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38D75120098 for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 04:14:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q9nIQY4mzHRn for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 04:14:24 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on0614.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::614]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7DCA120018 for <rats@ietf.org>; Mon, 15 Jul 2019 04:14:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fPh9GsefvEthpQOgUPS7sW5S8PYjl/nHb6RYUeDOUCdK0YmuYmat08Tpd3pmEnMWiu9lmB6Bcpl3IhQKr7j121yM/Hkkq8YAMUGewKA6X772y69Laz29ojrbV5yOA4Oi2BcpemtkOoAcaKQhp6AErRvOSXmBdhVjfGlrsgC/RUkbyh+3gCIj8OKkxC2S1eNiCrvlv1lM5kWKx6yFEjBRdno7oKPnT2C5+1E637lCLkSeYZCGQ6ZBFu1i0hxKq80TUW7xUOc/iyjP+Yp/i3GL/5NUbfQ1iZwEJrf0J0ElSdNyIBy2rRxNtxOf5mZJLStolDiE/vc/OpALH3V14yQsCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sbyn6UYqlTv14QE+al141AE5TOMaduDyvKsBX9JDSno=; b=oaXI7tulSAmVZLexkDoeLR98b6hAL1TDiYr/CFmYp1ee22RWBxLXiGL2DCh/Cq1suNR7N4+FoiZBuxdbKy9MLoqsECQQgdCXgLrt3pJrJhXQPR5CYbbXPTyQunzPyd7tcM8Uki6yv9hqTUdNDmWsOfeEFooOqJXP38Gowgam0EArrp4HOJLStUAYh1q1CKon0deEd44oPOoMQEWqf/d+Bxhklhk5x4d+Jk25ErJuqAbwdowu5CBWHn5/OZQmcPv29Qy/RGmyhfbSu8+ZEyMhbm3ZgeV/Xy/2fKG01S81TMAw9DjkRp1RC5tqSYiehcC7rFyIPoDO77i1XOP/kwNiBQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass (sender ip is 194.218.146.197) smtp.rcpttodomain=island-resort.com smtp.mailfrom=ri.se;dmarc=bestguesspass action=none header.from=ri.se;dkim=none (message not signed);arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector2-RISEcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sbyn6UYqlTv14QE+al141AE5TOMaduDyvKsBX9JDSno=; b=WZVSW+DeOj0tx06cQmqfqfuA706Y7K6hdFv6ItdPmc6wozMd/a66rQow76SfrLrD+MXyp1E73EzE0AyCg90YwqFCYdMNRrbsgpUcqxgk1AgicUMYuOnQ4YsQZjguq/3MDMdz4UoEJzed05f612iwpHNYqv2NfFa8X3h72X2rico=
Received: from VI1P18901CA0013.EURP189.PROD.OUTLOOK.COM (2603:10a6:801::23) by AM0P189MB0753.EURP189.PROD.OUTLOOK.COM (2603:10a6:208:199::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Mon, 15 Jul 2019 11:14:21 +0000
Received: from VE1EUR02FT017.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e06::200) by VI1P18901CA0013.outlook.office365.com (2603:10a6:801::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14 via Frontend Transport; Mon, 15 Jul 2019 11:14:21 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; island-resort.com; dkim=none (message not signed) header.d=none;island-resort.com; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by VE1EUR02FT017.mail.protection.outlook.com (10.152.12.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.2052.19 via Frontend Transport; Mon, 15 Jul 2019 11:14:20 +0000
Received: from sp-mail-1.sp.se (10.100.0.161) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Mon, 15 Jul 2019 13:14:20 +0200
Received: from sp-mail-1.sp.se ([fe80::7d78:8db6:13df:8cc7]) by sp-mail-1.sp.se ([fe80::7d78:8db6:13df:8cc7%21]) with mapi id 15.01.1713.004; Mon, 15 Jul 2019 13:14:19 +0200
From: Nicolae Paladi <nicolae.paladi@ri.se>
To: Laurence Lundblade <lgl@island-resort.com>
CC: Ira McDonald <blueroofmusic@gmail.com>, Benjamin Kaduk <kaduk@mit.edu>, "Ned Smith (ned.smith@intel.com)" <ned.smith@intel.com>, "henk.birkholz@sit.fraunhofer.de" <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>, "monty.wiseman@ge.com" <monty.wiseman@ge.com>, "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, Thomas Hardjono <hardjono@mit.edu>
Thread-Topic: [Rats] Comments on draft-birkholz-rats-architecture-01
Thread-Index: AQHVNM6n08a7P12bmUyVFL6zYsL3BKbArEYAgAcQooCAAMI5AIAB7VMAgAEFTIA=
Date: Mon, 15 Jul 2019 11:14:19 +0000
Message-ID: <445FA39B-2ABF-4FAF-B82D-903FCC8AF5AB@ri.se>
References: <0189ed44bcf749c18e9b6612b2728553@oc11expo23.exchange.mit.edu> <8C52026F-A4D1-4CA5-901A-C20CC2396DF5@ri.se> <20190713023817.GU16418@mit.edu> <CAN40gSuge3=-dKTtUz2bWVTzBDX0rqmr1sj=NT_-OVRH90o=9A@mail.gmail.com> <A5E5E10D-D423-4EA6-B99B-6BE925FB8DFD@island-resort.com>
In-Reply-To: <A5E5E10D-D423-4EA6-B99B-6BE925FB8DFD@island-resort.com>
Accept-Language: en-US, sv-SE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.9.1)
x-originating-ip: [10.100.0.67]
Content-Type: multipart/alternative; boundary="_000_445FA39B2ABF4FAFB82D903FCC8AF5ABrise_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(39850400004)(396003)(136003)(2980300002)(199004)(189003)(2906002)(14454004)(7736002)(14444005)(356004)(66574012)(33656002)(40036005)(606006)(4326008)(22756006)(3846002)(44832011)(86362001)(69596002)(486006)(446003)(50226002)(2616005)(126002)(476003)(11346002)(6116002)(68736007)(26005)(6306002)(186003)(966005)(6246003)(54896002)(102836004)(70206006)(19273905006)(33964004)(336012)(81166006)(81156014)(57306001)(8676002)(8936002)(53546011)(71190400001)(76176011)(6916009)(236005)(316002)(53936002)(36756003)(106002)(53416004)(16586007)(54906003)(30864003)(5660300002)(70586007)(478600001)(229853002)(563064011); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0P189MB0753; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; A:1; MX:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 37086975-05c2-41e7-a595-08d7091595ef
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(4709080)(1401327)(2017052603328)(7193020); SRVR:AM0P189MB0753;
X-MS-TrafficTypeDiagnostic: AM0P189MB0753:
X-MS-Exchange-PUrlCount: 6
X-Microsoft-Antispam-PRVS: <AM0P189MB075334F3A32693AAF7113DF085CF0@AM0P189MB0753.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
X-Forefront-PRVS: 00997889E7
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: L8a/6Vb7Xoxt3ih9S4PULU8Sfu0w83OI+bsHFbQsMiMeqPS2/yFCSo6EGRR9TZr9pCcH8bG26a4lC1snXoEdWL2pzI8Ejc/Ka3YnAtn6jVi0t3QXyxmG6DRNO2Q/slEc8FAFWTJfg40/J9LlsD8nVSVfpQWw9+b5yz08cFYHkybKV+ePtIXE/UlNId/T21c2xR9hfrK7tcAQahEIDYiPEmWcd+ejvcUV5FePQYZ0L8pnIFLtU04yPzPUeSSnrRHbPzPUwjXyhhDyRIwbwYf88A8SAZmEq8ktST5XgJhdA1JEeFe4fRDwcO4Kiaxoy02Wu/V5bjfON9VueaDNhCnPjzVQvK3UtyodhUaZX3CL7ms7e1RYyPlONRdNeVUToIkNU7N8/uCWmwBsCwfxu/3COYqDsVjA43LA8VulUzU77uo=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Jul 2019 11:14:20.7786 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 37086975-05c2-41e7-a595-08d7091595ef
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P189MB0753
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/TRT5kAyCzMr8DKytMNzgg-Urwwc>
Subject: Re: [Rats] Comments on draft-birkholz-rats-architecture-01
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 11:14:29 -0000

Hi and thank you for the feedback on the point about trustworthiness.

I agree that in case of complex systems or decisions trustworthiness depends on the context.
Indeed, in the finance industry, decisions about the trustworthiness of a customer or transaction are often based on many inputs that together are used to compute the likelihood of the transaction or customer being acceptable or not.

However, I was referring to the trustworthiness of a specific device as defined in draft-birkholz-rats-architecture-01:

A trustworthy system is a system "that not only is trusted, but also warrants that trust because the system’s behavior can be validated in some convincing way, such as through formal analysis or code review" [RFC4949].

In my understanding, a formally verified component (hw or sw), considered in a specific threat model is either trustworthy or not trustworthy, NOT “ X % trustworthy "

Note that I do not discuss whether it is “secure”, only whether it is trustworthy in the sense of RFC4949

Nicolae


On 14 Jul 2019, at 21:39, Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote:

My framing for this is not binary, in this day and age of risk engines and machine learning. The relying party receiving the attestation is going to take whatever data is attested in as part of a decision that will probably involve other data such as transaction history and type. For example:

- A payment might be allowed if it is tiny and the risk of losing the customer is high even if the attestation seems wrong. Or vice-versa, the payment is large and the customer expects best protection. I’m pretty sure PayPal, VISA, Mastercard, Experian and such operate this way.

- a biometric authentication may not be allowed even though the attestation is excellent because the risk engine recognizes a pattern of fraud based on other non-attested data.

- A bad attestation from a router might be considered an isolated event until more evidence is accumulated. No one is went to the wire closet.


I also consider the security technology used to protect the signing key and attestation creation subsystem variable in security. And it needs to be considered in relation to the capacity of the attacker. A TEE (little defense against chip probing) might be consider quite good for small to medium $  payments backed by a risk engine. An EAL 6 secure element may be the only thing considered OK for access to a nuclear facility with no risk engine back up.


I prefer to never characterize something as trustworthy or as secure in any RFCs we create.  CWT and JWT don’t seem to go down this path either.

(Correct me if I’m wrong, but I think maybe TCG does use the secure/non-secure framing. If so, I do NOT think we should bring it in here.)

LL



On Jul 13, 2019, at 7:13 AM, Ira McDonald <blueroofmusic@gmail.com<mailto:blueroofmusic@gmail.com>> wrote:

Hi,

About binary "trustworthy".

This is a fundamental fallacy.  Neither "trustworthy"
nor "secure" are *ever* binary.  That's basic to the
security by design approach.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Co-Chair - TCG Metadata Access Protocol SG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic@gmail.com<mailto:blueroofmusic@gmail.com>
PO Box 221  Grand Marais, MI 49839  906-494-2434



On Fri, Jul 12, 2019 at 10:38 PM Benjamin Kaduk <kaduk@mit.edu<mailto:kaduk@mit.edu>> wrote:
Cherry-picking one point...

On Mon, Jul 08, 2019 at 02:44:56PM +0000, Nicolae Paladi wrote:
> Hello,
>
> Some comments on draft-birkholz-rats-architecture-01<https://tools.ietf.org/html/draft-birkholz-rats-architecture-01>
>
[...]
> 7.1.1<https://tools.ietf.org/html/draft-birkholz-rats-architecture-01#section-7.1.1>.  How the RATS Architecture Addresses the Lying Endpoint Problem
>
>
>
>
>
>  RATS imply the involvement of at least two players (roles) who seek
>    to overcome the lying endpoint problem.  The Verifier wishes to
>    consume application data supplied by a Computing Context.  But before
>    application data is consumed, the Verifier obtains Attestation
>    Evidence about the Computing Context to assess likelihood of poisoned
>    data due to endpoint compromise or failure.  Remote Attestation
>    argues that a systems's integrity characteristics should not be
>    believed until rationale for believability is presented to the
>    relying party seeking to interact with the system.
>
> “Likelihood” implies a probabilistic approach to trustworthiness (e.g. 42% likelihood of poisoned data”). Is that really feasible? And if so, is it actually of any use? IMO trustworthiness is binary (“trustworthy or not trustworthy”), or binary and conditional/contextual (“trustworthy if used for certain actions”).

My personal thinking here is along the lines of "this data makes me
confident that only someone who was able to subvert my supply chain and
surreptitiously replace the TPM chip in the sealed device delivered to me
would be able to forge the attestation evidence; I don't think I'm the
target of such an attack, so there's a low likeliyhood of endpoint
compromise".  Or, as James Mickens put it more glibly in
https://www.usenix.org/system/files/1311_05-08_mickens.pdf there's a
Mossad/not-Mossad distinction in the potential attackers, and if the Mossad
is a threat, you're gonna be Mossad'ed upon no matter what you do.

-Ben

_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats
_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email