IETF Logo Mail Archive

Re: [Rum] [EXT] RUM security model

Paul Kyzivat <pkyzivat@alum.mit.edu> Tue, 20 October 2020 15:34 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: rum@ietfa.amsl.com
Delivered-To: rum@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83D663A10FF for <rum@ietfa.amsl.com>; Tue, 20 Oct 2020 08:34:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.248
X-Spam-Level:
X-Spam-Status: No, score=-2.248 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.247, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eJCDyTbKhDyQ for <rum@ietfa.amsl.com>; Tue, 20 Oct 2020 08:34:26 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2077.outbound.protection.outlook.com [40.107.93.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE1D3A10FB for <rum@ietf.org>; Tue, 20 Oct 2020 08:34:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V9P8Wh9NAVsFFr4eDFETbPpTCAFxoT8+wVgtF9WuwL8iBYbDPwLaavKexML1kqaWc6DCJB+1udUBpVdoSTA58WkE2i2Qpabztar5cKmQ7vSiFSUtoF66+5ZzRzmrblpjZUsCPQojd5t+Y7BKOveXLPh2g1rSIfI/4nDFxLZKXUaJjtbqKE65vUPXgSXkD12WYfrt87y4rUFJke3xN1FwniojzPNaXhXGAa4xpjDql1WwplFWax13PnnBMqYm7tKjfWPAk7WyiH7TWFskg0F9tBSIU0xD412gdyNNM1l8DqQmgX276gvVRby/WJiGSUho3oKONFi2cOpnAoDyoUrTzw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=garVt1Y30gU3ioGWbAt9yWTy69BLbohpioQ49GFiTok=; b=L56MygORh0WZsEUMKYYqW1sK2DFTGpULzLBx0XH1fIM/mKxPfUaneuCvLmdA3yt8KDsadc6lsCY1lYpKtOq1QXNzNXaTV9Ro3JFAhJ8XHgUTZ52dXTE55kfU0sbQcvTO1W+s8lnQX+kawwLd/BAe6QW7En49He4ABa1JXNkhT2SL2t7H+9LEhXdHCG9yqIj0QXpWciJUr/bRc9RGgcCLoWH6mLQ3CDs5MINgMQX2urhSgnwbYGxr1nso7Knj2LS1/jWklYnVhptrXmufs3jMdnZAQL9BeTjuEZcfvic5PCFwSkwm2qH9BNxV3e45UybRTWAtfwQ5YeRwcIcNurZ3pA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 18.7.68.33) smtp.rcpttodomain=brianrosen.net smtp.mailfrom=alum.mit.edu; dmarc=none action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=garVt1Y30gU3ioGWbAt9yWTy69BLbohpioQ49GFiTok=; b=HVDRbYgSeVK6VQZV5PHgrY9uJl75Br27UFbKgvurdVdN8OYbl5F7l0guz5v3Mhx4adyEVZztAOT3G2fZjSiCJFDEojpzljh3B1LOcMVqMexlaHh7RMAtIgV70l9kp+eMIW0ZWoNKFMe33b/Hc+UeNu6qvLBGqIiSr+O/UV0/7FQ=
Received: from SN4PR0201CA0024.namprd02.prod.outlook.com (2603:10b6:803:2b::34) by BYAPR12MB3029.namprd12.prod.outlook.com (2603:10b6:a03:ab::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.25; Tue, 20 Oct 2020 15:34:24 +0000
Received: from SN1NAM02FT032.eop-nam02.prod.protection.outlook.com (2603:10b6:803:2b:cafe::d) by SN4PR0201CA0024.outlook.office365.com (2603:10b6:803:2b::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.18 via Frontend Transport; Tue, 20 Oct 2020 15:34:24 +0000
X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; brianrosen.net; dkim=none (message not signed) header.d=none;brianrosen.net; dmarc=none action=none header.from=alum.mit.edu;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of alum.mit.edu: DNS Timeout)
Received: from outgoing-alum.mit.edu (18.7.68.33) by SN1NAM02FT032.mail.protection.outlook.com (10.152.72.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.21 via Frontend Transport; Tue, 20 Oct 2020 15:34:22 +0000
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id 09KFYId9029559 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 20 Oct 2020 11:34:18 -0400
To: Brian Rosen <br@brianrosen.net>
Cc: rum@ietf.org
References: <4d6ba97f-a83d-3d36-14a9-c6e84dd5b874@alum.mit.edu> <7A11F680-9EA6-4477-9BD8-6A7755AD0054@brianrosen.net> <7fdb95e6-e954-7275-60f7-462cf07eff0e@alum.mit.edu> <CAOPrzE1ONDUcGwvcfRhpyu9YM5JJJD92AsLKaeXvXqH4fmNbBw@mail.gmail.com> <92b5d34b-2fbf-0e2b-8562-8f7d11c5123b@alum.mit.edu> <F03944C6-0C19-4964-94A8-658B338526D4@brianrosen.net>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <5e6d8446-c267-5113-aff1-fc87576b1317@alum.mit.edu>
Date: Tue, 20 Oct 2020 11:34:18 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.3.3
MIME-Version: 1.0
In-Reply-To: <F03944C6-0C19-4964-94A8-658B338526D4@brianrosen.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 81b5ae37-dced-41c2-8dbc-08d8750d9ea2
X-MS-TrafficTypeDiagnostic: BYAPR12MB3029:
X-Microsoft-Antispam-PRVS: <BYAPR12MB30299F3BAD991E943D25807AF91F0@BYAPR12MB3029.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 9TbBvX2OBiwRAzeyXNCckdxSk0e3quqOY9w4uPMG+4VhrqvWA4HPLnPr7CwDOWRLUP2PeGCVWtGla7/v2S8ETq5KOGvEC4H/BGRQ8/kDFMTqE4MQcDP2bExBsrxaZjY05RWyTRzEly8TJTg+mTz0JOg/m4Azx/nxL2r+pY1TH+xUl/4MLdMLo0Xm/5drZFKuJ0RQZTvGCdrauXYioWHjty/VwFR5RzoMXBc9SINQd2n5nZaoMXBAg7/cIF77DwMMYDDna5w3hPaHVCpBQP0HnBRbS81IPClxXZn2wlAwBT9at8TQJMAzKybknRU1udwMVZiJoWt3S+T6Qj6xqs2lBxHbhZMK5UEydBogpH1y2/5tOP2rXJ4cQqElnMUPZbA97jZ7BDtICF+PpDFLMpOaXoHBDygeKViafKPul/EAdn/MK1X0lW8gMixkPwQRIlbMSLYLsLiIulILa8SsjrzQCDrFoIq0AgWHJS/F2ZqcrPbBG5ue8ZdXQhQLrSXkCf03
X-Forefront-Antispam-Report: CIP:18.7.68.33; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:outgoing-alum.mit.edu; PTR:ErrorRetry; CAT:NONE; SFS:(39860400002)(396003)(136003)(376002)(346002)(46966005)(186003)(63350400001)(2616005)(316002)(786003)(36906005)(478600001)(966005)(53546011)(956004)(336012)(6916009)(26005)(83380400001)(86362001)(8936002)(31696002)(82310400003)(31686004)(15650500001)(47076004)(2906002)(356005)(81166007)(82740400003)(4326008)(8676002)(5660300002)(75432002)(70206006)(70586007)(43740500002); DIR:OUT; SFP:1101;
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Oct 2020 15:34:22.7194 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 81b5ae37-dced-41c2-8dbc-08d8750d9ea2
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f; Ip=[18.7.68.33]; Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-AuthSource: SN1NAM02FT032.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB3029
Archived-At: <https://mailarchive.ietf.org/arch/msg/rum/NuBkB_w6ufeHeL9qHCLdAgfY2hA>
Subject: Re: [Rum] [EXT] RUM security model
X-BeenThere: rum@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Relay User Machine <rum.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rum>, <mailto:rum-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rum/>
List-Post: <mailto:rum@ietf.org>
List-Help: <mailto:rum-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rum>, <mailto:rum-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2020 15:34:29 -0000

I think this discussion highlights the need to first nail down the 
threat model that the providers want to protect against.

James: can you take a crack at that? Possibly pull in some of the other 
providers if you think they will be willing.

(I wonder if providers currently have any sort of robust protection 
against malicious impersonation of their devices? I'm guessing it is 
only security by obscurity.)

	Thanks,
	Paul

On 10/20/20 10:10 AM, Brian Rosen wrote:
> Yes, both apps, one app steals the credential from the other (same machine, same user).
> 
> I also don’t think a downloaded test would be particularly helpful unless we built in a bunch of mechanism that allowed automation of testing.
> 
> And then, what would stop an app from playing nice with a test, and then nasty when it wanted to?
> 
> Both of these exploits do assume that the app developer intends to flaunt approval in some way.  If that’s not a threat that is important to guard against then a simple magic number for an app is enough.  An app gets tested by a provider, and is given a magic number that it provides, securely, in some way.  As long as the providers trust the app developer to not misuse the magic number, it’s an indication that the app (at a particular version presumably) was trusted.
> 
> As long as malicious actors can be ignored, I think we could do something.  I don’t think that is worth much, but if it is, I can write text.
> 
> If you want to protect against malicious actors, then I don’t know how.  TPM won’t work - doesn’t work in Android/iOS.  It’s mostly a PC thing.  Even with TPM, what you need is something like a digest of the code.  You can’t get that.
> 
> Brian
> 
> 
>> On Oct 16, 2020, at 11:17 AM, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:
>>
>> On 10/15/20 8:24 PM, Brian Rosen wrote:
>>> Nope, it just takes a hacker to create a piece of code that patches an app to look like another app.
>>
>> I don't follow.
>>
>> A user gets a device capable of passing the tests. He requests to enroll it with is provider as one of his devices. As part of that, a test is run between the device and the provider's enrollment server. Then the provider gives the device some sort of cert that can be used when registering.
>>
>> Next, the user decides to try out some other rogue device on his account. Normally he would repeat the above, and the device would fail the test. Instead, he might cause the rogue device to steal the cert from the device that passed. I think he can't help but know he is doing something illicit.
>>
>> I guess if these were both just apps, then a remote attack on the device could install a rogue app that impersonates the valid one and steals its credentials. Is that what you had in mind?
>>
>> Perhaps we need to spend some time with the providers enumerating the attacks they are concerned with.
>>
>> 	Thanks,
>> 	Paul
>>
>>> On Thu, Oct 15, 2020 at 8:19 PM Paul Kyzivat <pkyzivat@alum.mit.edu <mailto:pkyzivat@alum.mit.edu>> wrote:
>>>     On 10/15/20 7:52 PM, Brian Rosen wrote:
>>>      > I don’t think even that would work because there isn’t any way to
>>>     know that the app that was approved is the app that is being used.
>>>     Yes, I guess you are right. But at least it would require the end user
>>>     to enter into a conspiracy with the app developers, and be able to get
>>>     the credential out of one app and into another.
>>>              Thanks,
>>>              Paul
>>>      > What systems like iOS does is rely on the fact that you can’t
>>>     download and run an app that hasn’t been vetted. The code is signed
>>>     and the signature is checked every time the app starts. We don’t
>>>     have an environment like that.  We can’t control what is downloaded
>>>     and we can’t check signatures.
>>>      > I don’t think there is a reliable way to do this. If someone has
>>>     an idea, please explain it, but we can’t be in a “you do something”
>>>     position without a clue as to how.
>>>      >
>>>      > Now, if the app was an iOS app, then the right thing happens.
>>>     There are few other systems that are wired down like that. Android,
>>>     for example, allows you to download and run from arbitrary sites if
>>>     the device is configured to allow that.
>>>      >
>>>      > Brian
>>>      >
>>>      >
>>>      >> On Oct 15, 2020, at 6:30 PM, Paul Kyzivat <pkyzivat@alum.mit.edu
>>>     <mailto:pkyzivat@alum.mit.edu>> wrote:
>>>      >>
>>>      >> Eugene,
>>>      >>
>>>      >>> On 10/15/20 3:30 PM, Eugene Christensen wrote:
>>>      >>> Brian,
>>>      >>> Admittedly I do not fully understand certificates and
>>>     authentication but would client certificates or mutual
>>>     authentication with a shared secret work here?
>>>      >>
>>>      >> I'm also not a security expert. To my understanding, the key
>>>     problem is that you want a proof that an implementation has passed
>>>     some sort of test. That is more or less equivalent to having a
>>>     special certification authority that is able to assign a certificate
>>>     based on the passing of a test. But for the system to work that
>>>     certificate needs to be bound to the entity (hw/sw) that passed the
>>>     test. It can't be possible to transfer that certificate to a
>>>     different device.
>>>      >>
>>>      >> A possible alternative would be for each provider to have its
>>>     own test service. When a user gets a new device/application, as part
>>>     of the initial registration of their device with the provider, this
>>>     test would be run. Then the result of that would be granting of
>>>     credentials for that device to access that provider's system.
>>>      >>
>>>      >>     Thanks,
>>>      >>     Paul
>>>      >>
>>>      >>> Thank you.
>>>      >>> Eugene
>>>      >>> *CONFIDENTIALITY NOTICE.*This e-mail transmission, and any
>>>     documents, files or previous e-mail messages attached to it, may
>>>     contain confidential and proprietary information. If you are not the
>>>     intended recipient, or a person responsible for delivering it to the
>>>     intended recipient, you are hereby notified that any disclosure,
>>>     copying, distribution or use of any of the information contained in
>>>     or attached to this message is STRICTLY PROHIBITED. If you have
>>>     received this transmission in error, please immediately notify me by
>>>     reply e-mail at echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com> <mailto:echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com>>or by telephone at +1 (801)
>>>     287-9419, and destroy the original transmission and its attachments
>>>     without reading them or saving them to disk.
>>>      >>> *From:* Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>      >>> *Sent:* Wednesday, September 30, 2020 5:47 PM
>>>      >>> *To:* Eugene Christensen <echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com>>
>>>      >>> *Cc:* rum@ietf.org <mailto:rum@ietf.org>
>>>      >>> *Subject:* Re: [Rum] [EXT] RUM security model
>>>      >>> [EXTERNAL]
>>>      >>> I think we understand why you want it. What we don’t understand
>>>     is what mechanism would provide it. I am generally aware of this
>>>     class of problem and I’m not aware of a solution that will work.  So
>>>     what we need is a suggested mechanism that provides the assurance
>>>     you want that is technically sound.
>>>      >>> Brian
>>>      >>> On Wed, Sep 30, 2020 at 6:30 PM Eugene Christensen
>>>     <echristensen@sorenson.com <mailto:echristensen@sorenson.com>
>>>     <mailto:echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com>>> wrote:
>>>      >>>     Thanks for considering how we might implement this security
>>>      >>>     mechanism.  May I add my voice that it is essential that we
>>>     find an
>>>      >>>     option for providing this desired security, whatever it is.  It
>>>      >>>     could be detrimental to the VRS providers to have UAs out
>>>     there,
>>>      >>>     with the ability to register with VRS providers without
>>>     first being
>>>      >>>     fully vetted.  It is our practice anytime we make updates
>>>     to our UAs
>>>      >>>     to test how they work with our UAS before we ever release
>>>     the new UA
>>>      >>>     software into our production environment.  We only want UAs
>>>      >>>     registering that have undergone this rigorous testing with our
>>>      >>>     systems and then only with users which we have awareness of.
>>>      >>>     Thanks,
>>>      >>>     Eugene Christensen
>>>      >>>     CONFIDENTIALITY NOTICE. This e-mail transmission, and any
>>>     documents,
>>>      >>>     files or previous e-mail messages attached to it, may contain
>>>      >>>     confidential and proprietary information. If you are not the
>>>      >>>     intended recipient, or a person responsible for delivering
>>>     it to the
>>>      >>>     intended recipient, you are hereby notified that any
>>>     disclosure,
>>>      >>>     copying, distribution or use of any of the information
>>>     contained in
>>>      >>>     or attached to this message is STRICTLY PROHIBITED. If you have
>>>      >>>     received this transmission in error, please immediately
>>>     notify me by
>>>      >>>     reply e-mail at echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com>
>>>      >>>     <mailto:echristensen@sorenson.com
>>>     <mailto:echristensen@sorenson.com>> or by telephone at +1 (801)
>>>      >>>     287-9419, and destroy the original transmission and its
>>>     attachments
>>>      >>>     without reading them or saving them to disk.
>>>      >>>     --     Rum mailing list
>>>      >>> Rum@ietf.org <mailto:Rum@ietf.org> <mailto:Rum@ietf.org
>>>     <mailto:Rum@ietf.org>>
>>>      >>> https://www.ietf.org/mailman/listinfo/rum
>>>     <https://www.ietf.org/mailman/listinfo/rum>
>>>      >>>     <https://www.ietf.org/mailman/listinfo/rum
>>>     <https://www.ietf.org/mailman/listinfo/rum>>
>>>      >>
>>>      >> --
>>>      >> Rum mailing list
>>>      >> Rum@ietf.org <mailto:Rum@ietf.org>
>>>      >> https://www.ietf.org/mailman/listinfo/rum
>>>     <https://www.ietf.org/mailman/listinfo/rum>
>>
>

v2.23.0 | Report a Bug | By Email