Re: [Rats] Android attestations: Re: draft-richardson-rats-usecases-00 comments
Carl Wallace <carl@redhoundsoftware.com> Fri, 05 July 2019 19:19 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AC8A120105 for <rats@ietfa.amsl.com>; Fri, 5 Jul 2019 12:19:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbMy8MCuhPFO for <rats@ietfa.amsl.com>; Fri, 5 Jul 2019 12:19:40 -0700 (PDT)
Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61C551201B3 for <rats@ietf.org>; Fri, 5 Jul 2019 12:19:36 -0700 (PDT)
Received: by mail-qk1-x736.google.com with SMTP id i125so8644280qkd.6 for <rats@ietf.org>; Fri, 05 Jul 2019 12:19:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=aV5YA1LcsoM66lITgadGi0A5jPlm4RJ0J986/jlrjFI=; b=SUPFd2AURTvBgDDD0QefGA7+/vhLmAzqiYqkzs8E7vKJZ62sicOEnO+aZNdrJ+aS5G +O/pKvO7J4kFCfP39OC8JsChizaen2ysmYcGLOYUOHI8rjYqW1B4H8Lu/J5PU9abA6Mt Hqni7I596JqfNig8kKiTfkcnvJugbzxZtN+Fg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=aV5YA1LcsoM66lITgadGi0A5jPlm4RJ0J986/jlrjFI=; b=fGoa96hKQk+ugFUxBaGaE8icFJmnGwX6dtm329ZeGwQq8xTnK82QJuGMwatFRyoaxQ /JuMky3pGtNxoNBxtvfLmOyDvjOTlx7ZhVzecabPPZrR4Pjl2CRgOkcRS4ro8CS/ljWV CWNf/SZtG/xzsHBwui3CKAE1s4XJMcbPf81FUHqHuy+6NjHqRqnAlr3hcGmj+WUY+NqA uTodwFl4gRk+PTND4qMVB/v2PqanQaxpZAsbn381Hgkumn//Vh1c797Ey9PhvOkXds9u j4YUdRqdn6dax+k/NXoRoUQy7UFGp8BpNQ7NMZcLGn5HS7+TSPSrbXAbKVc34Md8Mcbl Nw8A==
X-Gm-Message-State: APjAAAUwj+ktjNZprwawi82LjvSLoftw92ffGfM3+SRW3oKsIjYftZ9D 1XkMD/rGIfJkasZAuLeVfIF3sQEg9qLtDWbfaUfB3Ewj
X-Google-Smtp-Source: APXvYqyafBLgyV/Us2dvGVwdMtbZaZZ2kU6FOlBk36JFFhFZ+8VMW9+FtTju6emNWsnSPyDv2zDzs7tC8KLJgkb7hfs=
X-Received: by 2002:a37:5d07:: with SMTP id r7mr4358051qkb.4.1562354375450; Fri, 05 Jul 2019 12:19:35 -0700 (PDT)
MIME-Version: 1.0
References: <MW2PR00MB03963ABEB87211AD28A16240A6490@MW2PR00MB0396.namprd00.prod.outlook.com> <12503.1552447661@localhost> <219648D6-188A-429D-A13F-ED6155DE9016@island-resort.com> <14288.1553710783@dooku.sandelman.ca> <4EB6FF13-2DAF-4BDC-AC90-C46720D61AF0@arm.com> <bf003513-209a-7d5f-a9a5-58ade6c23545@gmail.com> <21417.1560911502@dooku.sandelman.ca> <fbc05f84-232b-7ca6-47c1-9b23d73e47ca@gmail.com> <CAFyqnhUkVaYMtjpB9wa4h6hEwd=h3hXHkCr9w8bd8LSXEo0ckA@mail.gmail.com> <D93100A6.E0A23%carl@redhoundsoftware.com> <2294.1562352434@localhost>
In-Reply-To: <2294.1562352434@localhost>
From: Carl Wallace <carl@redhoundsoftware.com>
Date: Fri, 05 Jul 2019 15:19:25 -0400
Message-ID: <CAGNP4BmSwTvyQ7xVPEC=LizDbRfeG9PQsZGfmBuuq6Ewu52-kA@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: "rats@ietf.org" <rats@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ff7b7058cf3f9ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/mRYwxyI0S4Wc8f-Wa1mwQ8TZ5Mw>
Subject: Re: [Rats] Android attestations: Re: draft-richardson-rats-usecases-00 comments
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jul 2019 19:19:54 -0000
inline... On Fri, Jul 5, 2019 at 2:47 PM Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > Carl Wallace <carl@redhoundsoftware.com> wrote: > >> There's a tension here between enabling more use cases and > maintaining > >> increasing the security of existing use cases. We recognize that GP > >> and many others disagree with us on how to balance the issues, and > >> that perhaps we're wrong, but we have to respond to the Android > >> ecosystem as we see it. > > > Re: more use cases, the ability to encrypt a key attestation in > TEE/SE > > for a specific provisioning end point would be nice to have (to > conceal > > a challenge password while in transit, for example). > > You have asked for a specific ability/feature: the ability to encrypt > a claim using trusted code. I don't know if that's a symmetric or > asymmetric encryption. I don't know who you need to hide the claim from. > It > seems that it can't be done by an app. > > Can you explain this in terms of the problem that you are trying to solve, > or the threat you are trying to mitiate rather than a solution? > [CW] The problem that motivated the question is establishment of trust in a public key associated with a specific device (i.e., the device in my hand not any authentic XYZ device). The suggestion is to use an attestation encrypted for a given relying party to convey something the relying party can verify (i.e., a challenge password or TOTP value) along with the key attestation. This could establish trust more conveniently than more manual mechanisms like verifying hashes. An app could certainly perform this function given an attestation but there may be value in performing this step at a lower level, depending on whether the lower level validated the key at all (else just doing encryption in the app would be equivalent). > > When you say challenge password, I think you mean some kind of nonce > a relying party might send to the device in order to maintain freshness. > That also seems like a solution to a problem, the nature of which I'm > unclear > about. [CW] In the solution that motivated the question two TOTP values are used to establish trust in a device key. The first used to present a fresh key to a portal, the second used to capture affirmation of a person that the hash check was performed and the device key is trusted. If the first OTP was encrypted with an attestation, the second is potentially unnecessary. > -- > Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > >
- Re: [Rats] More use cases for draft-richardson-ra… Carl Wallace
- Re: [Rats] More use cases for draft-richardson-ra… Laurence Lundblade
- Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
- Re: [Rats] 答复: More use cases for draft-richardso… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- [Rats] draft-richardson-rats-usecases-00 comments Anthony Nadalin
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Laurence Lundblade
- [Rats] More use cases for draft-richardson-rats-u… Laurence Lundblade
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Anthony Nadalin
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
- [Rats] 答复: More use cases for draft-richardson-ra… Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Carl Wallace
- Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
- Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
- Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Thomas Fossati
- [Rats] Android attestations: Re: draft-richardson… Anders Rundgren
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
- Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Anders Rundgren
- [Rats] aligning the use case documents appropriat… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
- Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Shawn Willden
- Re: [Rats] Android attestations: Re: draft-richar… Shawn Willden
- Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
- Re: [Rats] Android attestations: Re: draft-richar… Anders Rundgren
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Laurence Lundblade
- Re: [Rats] More use cases for draft-richardson-ra… Thomas Hardjono
- Re: [Rats] More use cases for draft-richardson-ra… Benjamin Kaduk
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
- Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
- Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
- Re: [Rats] More use cases for draft-richardson-ra… Dave Thaler
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
- Re: [Rats] More use cases for draft-richardson-ra… Dave Thaler
- Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson