Re: [Secdispatch] [EXTERNAL]Re: Clarification Question for the Comment from Eric Rescorla (

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Fri, 13 December 2019 02:56 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A88112081C for <secdispatch@ietfa.amsl.com>; Thu, 12 Dec 2019 18:56:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=knE0F/Ja; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=o1hnP6Tg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zkQ-Ip5KF6LM for <secdispatch@ietfa.amsl.com>; Thu, 12 Dec 2019 18:56:29 -0800 (PST)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 562CD12010F for <secdispatch@ietf.org>; Thu, 12 Dec 2019 18:56:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=27198; q=dns/txt; s=iport; t=1576205789; x=1577415389; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=/PbeFPO2tLM3Y0VaYbqu63FfRxgkIWB+k4sgegQAhss=; b=knE0F/JakasZ3oRRm9njKSOs2qb9PfuPS5jH5NcDVTdZWVyWmQp11K8T k/vF/EHl8rtZnL6vJDvPntL8t3iL6kuwrkR9ouhe5zQAyvVm2izxxB56B 63SxLn29yLhmdgXamnstxGfdG57cRvvlLhTRYxx76f0mwCZuMi15QlDk2 o=;
IronPort-PHdr: =?us-ascii?q?9a23=3A6aiHcBZts+Jz6Ic3mJy3l+L/LSx94ef9IxIV55?= =?us-ascii?q?w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn?= =?us-ascii?q?1NksAKh0olCc+BB1f8KavybCU/BM1EXXdu/mqwNg5eH8OtL1A=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DrCADy/PJd/4oNJK1lHQEBAQkBEQU?= =?us-ascii?q?FAYF+gRwvJAUnBWxYIAQLKoQDg0YDiwyCX5gGglIDVAkBAQEMAQEYAQ4GAgE?= =?us-ascii?q?Bg3tFAheBcyQ4EwIDDQEBBAEBAQIBBQRthTcMhV4BAQEBAQEBAQEQCwYKEwE?= =?us-ascii?q?BLAQHAQQHBAIBCA4DAQMBAQEdCgMCAgIlCxQDBggCBAENBQgTB4MBgXlNAw4?= =?us-ascii?q?gAQIMoxYCgTiIYXWBMoJ+AQEFgTUBE0GDAxiCFwMGgTaMGBqBQT+BEUeCTD6?= =?us-ascii?q?CZAEBAYFVDwUHCRYJgloygiyNKiMgA4I+hVSYcQqCMIckjnCaQY5LiEyRcQI?= =?us-ascii?q?EAgQFAg4BAQWBaSIqgRoMCHAVO4JsUBEUV4w7CwEXFW8BAYJKhRSFP3QBC4E?= =?us-ascii?q?cjDSCPwEB?=
X-IronPort-AV: E=Sophos;i="5.69,308,1571702400"; d="scan'208,217";a="683093019"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Dec 2019 02:56:27 +0000
Received: from XCH-ALN-007.cisco.com (xch-aln-007.cisco.com [173.36.7.17]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id xBD2uR6s018986 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 13 Dec 2019 02:56:27 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-ALN-007.cisco.com (173.36.7.17) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Dec 2019 20:56:27 -0600
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Dec 2019 21:56:25 -0500
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 12 Dec 2019 21:56:25 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F/E/JbVHVWexmPUgPkTYyOtfUL/XlRAr/gSXLnOWk/Sm3Qjx/MuIbjymCYOCh0At/I1o/WlI9+UCaMnhYB2WCV9WN2oPEppjJV+Oa9nAN+UypO+F8KCkflLJ/iz+vAFW+bHkyaaYGQchuiFjoJNjT+SrER7v+UIwhtFZdwXRbS4yLMzyx6GnCnLfU5Wl57xNZaFPn5sfV37YFiLoxw/oX7+A174EWt9CP9Kdug+xkBCI4Dn0HKM6d1k9n0D5308JmHMRHBMz5q6TdIicke9XzjxX1jNPfR6KasKNoAVxw934PIOlgQoEVI+zYnHujxe+eN3nYUG1ioKFcJ7UOdyLLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/PbeFPO2tLM3Y0VaYbqu63FfRxgkIWB+k4sgegQAhss=; b=RBARADt8fM8Vop9LHJxgDrmX8trzfuveRKkwLFpb5KIZLjZhnel69d7XufZeT46jNmnC2HWfHWEMA/UBp21IUp5qn2EuCqHkQvqDDyVXVr4V9f8+AWvTp5L0ZqgbemFpZCYDzde4xv8Bj/LRk5H+pWnrGH8xTNI2aULMUyn9DvhlnYLI8MwkIUwd1qCfpXfAcqEObCDd76NWOvI2wuYnW9ldStcUNEeBgxL8aMUrDIz76iS/kgor8hZpHGI5I+0RIjy4pukqEvN5j2OnL/40rluk4WKKeYgsdIaMALBpdc8Qxlpstq+jWKlIsTiR1l0kKEZNArq/qFX5i94YKITQBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/PbeFPO2tLM3Y0VaYbqu63FfRxgkIWB+k4sgegQAhss=; b=o1hnP6TgD7u8kZj6yl128kivwJPqh1itNWkgC7+f3UmuNt9A8UrlWE32ceiXQQr4M1qouZy3KHed+IqFLEFrT0s5tHS5AaiL69luKIQq7vIj8TaLAnaybHkYC3p7kja3V0y3uXEQ4I5qJb6tP+/DIqnisSiWYKYb4tLgudM1w1k=
Received: from DM6PR11MB2555.namprd11.prod.outlook.com (20.176.98.161) by DM6PR11MB4331.namprd11.prod.outlook.com (52.132.251.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.13; Fri, 13 Dec 2019 02:56:25 +0000
Received: from DM6PR11MB2555.namprd11.prod.outlook.com ([fe80::8daa:f960:32db:8b77]) by DM6PR11MB2555.namprd11.prod.outlook.com ([fe80::8daa:f960:32db:8b77%6]) with mapi id 15.20.2538.016; Fri, 13 Dec 2019 02:56:24 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Eric Rescorla <ekr@rtfm.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: IETF SecDispatch <secdispatch@ietf.org>
Thread-Topic: [Secdispatch] [EXTERNAL]Re: Clarification Question for the Comment from Eric Rescorla (
Thread-Index: AQHVrjKMrM9madKCMEWb+FBPgD9H8KexDWsAgAFDtLCABGuCAIAAALpg
Date: Fri, 13 Dec 2019 02:56:24 +0000
Message-ID: <DM6PR11MB2555C062D7FC31DC30A6357DC9540@DM6PR11MB2555.namprd11.prod.outlook.com>
References: <12eed4ff-edd2-7f70-9460-fc86dcbab927@openca.org> <CABcZeBPbAgBfC6Et+OKQi2=GwsyeyKEKfW5GG=StUepQwy+f0g@mail.gmail.com> <7999ebac-c9c1-eb4f-d9f7-2ba814a3b331@cs.tcd.ie> <78997490-c5ae-c856-6e26-0f79c7733ca3@openca.org> <CABcZeBM5WgpcBP4axBvzWaxKU=JA-K-4qiVxhhO1+HzFf246aw@mail.gmail.com> <MN2PR11MB3710195708AAA808B3D08EC29B580@MN2PR11MB3710.namprd11.prod.outlook.com> <2feb1778-7770-8a09-2066-a84663ff6b2e@cs.tcd.ie> <BN7PR11MB2547EA5F6DF70BC2B9C21E64C9550@BN7PR11MB2547.namprd11.prod.outlook.com> <CABcZeBMu5fRazr3KS8fqAc8c9O3heBY73OfHSCYNyvrKyFrtCw@mail.gmail.com>
In-Reply-To: <CABcZeBMu5fRazr3KS8fqAc8c9O3heBY73OfHSCYNyvrKyFrtCw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c4:1006::5b]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f92ea56d-c184-42e5-17dc-08d77f780ac9
x-ms-traffictypediagnostic: DM6PR11MB4331:
x-microsoft-antispam-prvs: <DM6PR11MB4331E7F0BE82F298643B3EA1C9540@DM6PR11MB4331.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0250B840C1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(136003)(396003)(346002)(39860400002)(199004)(13464003)(189003)(76116006)(5660300002)(71200400001)(186003)(66556008)(64756008)(316002)(66446008)(81166006)(81156014)(8936002)(55016002)(478600001)(8676002)(4326008)(966005)(110136005)(66946007)(86362001)(7696005)(33656002)(2906002)(66476007)(52536014)(9686003)(6506007)(53546011); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB4331; H:DM6PR11MB2555.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: iUuG9T4zNvHGXU3woHIbzAUx+QlG99DbbEpvWNzgput1iYoy5VzKF+tDMiutHUEkaGWZ7+xp3da+W13AVHxEeF9k4ZJQJU7WKOh9ptie2e2ZjISR/1F2E/4xmv4lDOPjxFoGr1VNkcDelp6LtlOlTj9mrYDmWrZrKawHb3amHqA+AnVAyQWdAH6DJVbF1Acrgez0Zxgg9WyAr7yVo4jtk1kRTpzInFRzpsb1H8VvDb/YAtxLDdMXqOM+L0ux2Ipg8wsWf6+iB7XaVtV4hwYC7LN/wiuuQ8QSVkUxLy6sMiWn1WS3+t5bB+J8GPWKzFd+aQO+pLauZfe99vewXGe147Hk6JbJfdYR/VFyoBKGC1E7eWvaYZ+/uN/7S7Sh8xqMzIisORgRrUO5fPW2teMCl4HrOQWcjctYxCKDX4GuS3qp6IVLXqAxcEzRUQ1JfJY/Cg1PbVBOv5hOCodF0zUwYz+DL4yHa+Oi/u4v0Q39389pZgn0Bcri2QUgkPs55f6JgoyNEmXoJu0mNNeHpsWJskGg5Mky+TOiXGmMJWvyp8w=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR11MB2555C062D7FC31DC30A6357DC9540DM6PR11MB2555namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: f92ea56d-c184-42e5-17dc-08d77f780ac9
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2019 02:56:24.6810 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TedLV5ttrLUALZqjFrXNMOsA5sso+oKwxL8HqKZhL3ZuP2anNkgw3jsm1MLFL/J4sbXRdgd6dFxqkngNsqrF8A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4331
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.17, xch-aln-007.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/ML6znIdn7lKLMEcQ3DJFSVS3vwA>
Subject: Re: [Secdispatch] [EXTERNAL]Re: Clarification Question for the Comment from Eric Rescorla (
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Dec 2019 02:56:33 -0000

Hi Ekr, Stephen, Mike,


> As a variation of what EKR asked, you are asking for PQ-PKI, but your use case is image signing.

UEFI Secure Boot (in essence what I meant by image singing)  uses a PKI architecture. There is a Product Key PK (root CA) that establishes a trust relationship between the platform owner and the platform firmware. The PK signs KEKs which established a trust relationship between the platform firmware and the operating system. These are mostly in X.509 today. More in [2].

> Is there a reason why you don't want to do hash signatures?

HBS indeed looks like the best option for this usecase. Not necessarily stateful. We have some preliminary analysis on this is in Section 3 in [1]. More to come soon.

But we can’t go directly to pure HBS because already deployed machines in the field will not boot at all and upgrading BIOS is not simple. Also, we can’t go to pure HBS because it will not be FIPS approved even after we have a standardized PQ option. So, we have to do some sort of composite RSA+post-quantum (NIST has put out a statement that says that a composite will still be FIPS approved if the classical part is). The FIPS argument is important. Waiting for PQ standardization is one thing, but FIPS approval will take even longer and until then we (Cisco) want to do some sort of composite before then.

Note that I am not interested in getting an X.509 OID for RSA+HBS, I want a definition of how composite would work so I can establish the requirements for these future chips supporting composite verification.


> It's not at all clear to me that data integrity nor origin authentication in that timeframe ought be tied to x.509 certificates at all.

Stephen’s comment about not doing it in X.509 is valid. We could use a composite blob and use it in our own custom way. Two issues with that:

  1.  UEFI chains of trust have been moving to X.509 and to CMS/PKCS#7 for the sw signatures. I am not claiming there are no custom keys/signature formats nowhere, but most UEFI vendors have been moving away from them. So going to custom key representations or COSE would be a step backwards or sideways.
  2.  Also OEM vendors that include sig verification in their chips or FPGAs show preference in well-defined specs probably because they can reuse them for other usecases.
That is why we (Cisco) would prefer to see a standard way of doing composite sigs for UEFI (in X.509 and in CMS to be honest) instead of defining our own. We probably don’t want to solve this many times, once by each vendor, once in CMS, once UEFI PKI.

I totally appreciate the counter-argument about complexity and potential cans of worms, but I am afraid vendors will have to address this either individually or as a group. And my argument would doing it as a group.

Rgs,
Panos

[1] https://eprint.iacr.org/2019/1276.pdf
[2] https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance



From: Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>>
Sent: Thursday, December 12, 2019 11:52 AM
To: Panos Kampanakis (pkampana) <pkampana@cisco.com<mailto:pkampana@cisco.com>>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>; IETF SecDispatch <secdispatch@ietf.org<mailto:secdispatch@ietf.org>>
Subject: Re: [Secdispatch] [EXTERNAL]Re: Clarification Question for the Comment from Eric Rescorla (



On Thu, Dec 12, 2019 at 8:33 AM Panos Kampanakis (pkampana) <pkampana@cisco.com<mailto:pkampana@cisco.com>> wrote:
Hi,

> Sorry if I've missed it, but who do we have that is calling for a post-quantum PKI solution to be developed now, but who is not promoting one such?

We (Cisco) will need PQ PKI (not WebPKI) solution for image signing. When talking about chips that are designed now and will live in the field for decades, we would like to design today instead of wait for 2030. Note we are spending (not making) money on PKI, so we are not trying to corner a market.

Is there a reason why you don't want to do hash signatures?

-Ekr

I have talked to another vendor interested in them to sign its OS but I will not speak for them. I have also talked to at least one HSM vendor that has some clients asking for PQ PKI support to be added in their HSM but I will not speak for them either. I don't think any of these use-cases are trying to corner a market.

Panos


-----Original Message-----
From: Secdispatch <secdispatch-bounces@ietf.org<mailto:secdispatch-bounces@ietf.org>> On Behalf Of Stephen Farrell
Sent: Sunday, December 08, 2019 9:04 PM
To: Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com<mailto:Mike.Ounsworth@entrustdatacard.com>>; Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>>; Dr. Pala <madwolf@openca.org<mailto:madwolf@openca.org>>
Cc: IETF SecDispatch <secdispatch@ietf.org<mailto:secdispatch@ietf.org>>
Subject: Re: [Secdispatch] [EXTERNAL]Re: Clarification Question for the Comment from Eric Rescorla (


Hiya,

Cutting to the nub of my concern...

On 09/12/2019 01:46, Mike Ounsworth wrote:
> I hope that doesn’t preclude a push for a more immediate solution.

ISTM the "push" is less for a solution than for understandably attempting to corner a market. I don't think such attempts are "bad" things, but I do think following 'em is more likely unwise.

Sorry if I've missed it, but who do we have that is calling for a post-quantum PKI solution to be developed now, but who is not promoting one such?

Thanks,
S.
_______________________________________________
Secdispatch mailing list
Secdispatch@ietf.org<mailto:Secdispatch@ietf.org>
https://www.ietf.org/mailman/listinfo/secdispatch