[saag] Side channel resistance, threshold signatures, etc.
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 07 January 2020 14:23 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB73B12008C for <saag@ietfa.amsl.com>; Tue, 7 Jan 2020 06:23:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.397
X-Spam-Level:
X-Spam-Status: No, score=-1.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XHDQKruBBt_2 for <saag@ietfa.amsl.com>; Tue, 7 Jan 2020 06:23:12 -0800 (PST)
Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com [209.85.167.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E8D712001A for <saag@ietf.org>; Tue, 7 Jan 2020 06:23:12 -0800 (PST)
Received: by mail-oi1-f178.google.com with SMTP id a67so17816254oib.6 for <saag@ietf.org>; Tue, 07 Jan 2020 06:23:12 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=5vq4zq4Gs2wtC/ERFhn195yANzj4jZbTHEz9iSYC0dE=; b=YnrUQ4Gk+KtaV/yEL011fiHU+NCScxPem+Nl83IGa3tNyOYEc9ovwmKtTWC03+/F2X zjjfQ+fcl+2wbm9K1yyuewiCQmAS8jyy7IkAId+SCziepHSp5LWAjGAYtToySGYR2t0Q UPfyYc/owbvZZc3p2iFENmXRVVkF8pTt5SUz2c5NqXsYBsl3eLRZv92Xv99H4bAxHxty nWylPTQR43y1rsHAdM/lPGtXG9kHF7V92ZqMMc+UcXvptwlMqaaIE8/bpMQLg+FZN0hd DaavRAnHZv+8pF3SkZ5lWzMbGnZaSeb3tqnaVGI5qtFlfFhK37z7hUxiaj3Bi00bSrKd 7dBw==
X-Gm-Message-State: APjAAAXq0V559y12GBMha9nPFY/g1SupYKY51KWDHSqmO/NnuYvM+nYH SQCudlsn9T8iHCi3SYZKfnfCadBVFgfXmnsErE7RGQtxwq0=
X-Google-Smtp-Source: APXvYqwlZ5+N8UpNrcdNHoWmkK+qfohfbqe6vWOd5WNNZs9nI6+kMCG7j8G/m3gdw9mzjczHYmmDkb/iCQEa1sAGiss=
X-Received: by 2002:aca:3241:: with SMTP id y62mr6935367oiy.31.1578406991119; Tue, 07 Jan 2020 06:23:11 -0800 (PST)
MIME-Version: 1.0
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 07 Jan 2020 09:23:00 -0500
Message-ID: <CAMm+LwhZjecGAQwmZDQsw5C-ihjK-05_DMMN7mBarbeOOeOcPg@mail.gmail.com>
To: IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000044a4b059b8d84d1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/0jbaWgW0LI-ItiQiAZnXxtiA1pg>
Subject: [saag] Side channel resistance, threshold signatures, etc.
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2020 14:23:14 -0000
As promised, I wrote up the use of threshold schemes for key agreement, key generation and signature: https://www.ietf.org/id/draft-hallambaker-threshold-00.html https://www.ietf.org/id/draft-hallambaker-threshold-sigs-00.html The signature scheme proposed is a threshold scheme, not an aggregate signature. It is not possible to use the scheme as specified to sign documents using arbitrary sets of pre-existing keys. As with 'true' proxy re-encryption, this is a cryptographic capability that imposes significant demands (i.e. requires pairing) but does not provide compelling additional benefit. I think it is clear that notwithstanding the work on new public key systems that are threshold friendly (e.g. BLS), there is great value in extracting the maximum capability from our existing algorithms. The same algorithms will of course apply to other curves besides the CFRG ones. But if we are going to move forward with ECC, best to put all the wood behind the same arrow. One other point is that the first paper could be used to address the NIST objection to the deterministic RFC8032 signature scheme (which I endorse). It is my understanding that the Kocher side channel blinding patent expired last year and so it is now possible for all applications, including open source, to use key splitting against a random number and combination of the results to effect a degree of side channel resistance. It is my personal view that this should be employed for Montgomery curves as well because I do not believe the ladder is as 'constant' as people imagine. What I am trying to work towards here is the specification of a common cryptographic core that could be implemented at the hardware level on mid range CPUs and above to defeat the use of the SPECTRE class hardware attacks and to permit binding of cryptographic material to a specific host without exposing the users to compromise during manufacture (or manufacturers of being accused of the compromise). The basic idea is that the CPU has a single private key 'x' embedded during manufacture such that it cannot be extracted. Applications can get the public key X which is fixed for all the users on the machine. The built in key may be used in two different ways. In either case, the application generates its own key pair {Y, y}. It may then decide to perform all private key operations itself and combine the results or pass y to the coprocessor to be added to the result. The two operations the CPU module will perform would be limited to: 1) given a point P, return x.P 2) given a scalar k, generate a random value 0 < r < L and return {r.P, r + x.k} The smaller the requirements, the more likely it is we can get what we need. So it might well be that a hardware module only supported the Edwards or the Montgomery curves and applications were required to use the isomorphisms to map from one to the other. Two decades after I first attended my first (and last) 'Trusted Computing' WG meeting, deployment of the original TPM model is no closer. I suspect that a great deal of the opposition to TPMs was cleverly orchestrated to discourage proliferation of effective strong cryptography (the $250 million/yr on BULLRUN obviously went somewhere). But regardless, the achilles heel of that scheme was and is the need for a physical token (SIM card / TPM) to effect device portability. The threshold models I have developed allow those restrictions to be avoided. Alice can deploy keys to all her devices that allow them to encrypt, authenticate and sign and retain the ability to recover data from a broken machine, port data between her machines etc. without the need for the crypto processor to be on a pluggable daughter board. The only real limitations of this model come from conflicting requirements. I cannot design a key recovery system that only works when the 'good guys' are using it.
- [saag] Side channel resistance, threshold signatu… Phillip Hallam-Baker