Re: [Sframe] Key ratchting
Richard Barnes <rlb@ipv.sx> Thu, 06 October 2022 12:40 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D7E3C1524C8 for <sframe@ietfa.amsl.com>; Thu, 6 Oct 2022 05:40:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tfsbrUkeStFN for <sframe@ietfa.amsl.com>; Thu, 6 Oct 2022 05:40:12 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3AC3C1524BB for <sframe@ietf.org>; Thu, 6 Oct 2022 05:40:12 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id p5so2044928ljc.13 for <sframe@ietf.org>; Thu, 06 Oct 2022 05:40:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=4vfLmyfYW4NKLh+rBVS6sUcMQ+wwBM4oepMRHgQKhww=; b=2DcPGsBycPOMGipTyBNAI2M2hQVqCjiyURf/OWaiTH18t01QQ9/SRon/1krn7yIFp1 fMkbccmJ1rr3MhjJw5jiM5FGpbmPjfOWDvM5wr5oVd2UUU4alapTToFDKIyKEKgqgaDF Zk/OjI+I0tvhNaEyAZw2aBm9TU3gppUxByuhSYpTRgme+f3UPIt+6ggU0YtElSEza9ZF j8NzESzZu1jGxO4f82AWbjzrE35XHwkzK5KPAJQSwDUtFLAvgoc0TfSBY4fPPJIPBnc/ R5/LClLmcopE0kAYfI/r0lj/5fmgUS5EsLqRDHbQwQmBqXqxk6R1mx3fwlZjW+zjTmdg KfWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=4vfLmyfYW4NKLh+rBVS6sUcMQ+wwBM4oepMRHgQKhww=; b=iHHimYKDjbgF91vd51qvOw4pbX+zWED/orVBx8WaO3gpBx9LitSsYU1c7df/2ShHO5 J2VxUGq4oMxhvY5jOaLekj2sZW5W4LoRcrJcogByLXcrJStiUzosK5kXL5HooNWIEaev NB0z8gEjOvboRxpd9h88pS0teFdAbK9Ref9DgQ4gKnEH7wMyLiuAmtWvRTOIlKydza6Z t+kj2CqWUQf/LJ8FO7BCSSAoiQ/3OlrImzCE8WOxXt1xTqtmWhUwnP+Pe9Ks2lYIKxqs mk6MDAv43AWN+XbYtTd+e4Vgdzmc+yqs4roonTjdwmJms8/NP9b6xkTX+wBNCwP3JPfv xgnQ==
X-Gm-Message-State: ACrzQf14fVptvY3zCiIjGUhwqv9u53sdAWqJeUhyVcPqz2zZl6SFlMJK xmsWg2uc90+NOZsvaKL6IirlC0p/akHmhXklVIkVlw==
X-Google-Smtp-Source: AMsMyM4AHPDEVQlgO8WSZjP39QXp8uQHoRMEFNgvTxJyLwz6HEUxGYPb0BGZusfFgd+2gKSnsKSskCQKrjm47JBzPds=
X-Received: by 2002:a05:651c:a0e:b0:26b:e22c:5e71 with SMTP id k14-20020a05651c0a0e00b0026be22c5e71mr1602126ljq.15.1665060010414; Thu, 06 Oct 2022 05:40:10 -0700 (PDT)
MIME-Version: 1.0
References: <CA+ag07aZ-OoCpAQumj_TYDuiZ=RaBMiWiAi8MoUrYo4zmYuovg@mail.gmail.com>
In-Reply-To: <CA+ag07aZ-OoCpAQumj_TYDuiZ=RaBMiWiAi8MoUrYo4zmYuovg@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 06 Oct 2022 08:39:59 -0400
Message-ID: <CAL02cgTfh8=j=t_MZNTw+Mpmyym8UXr=rkjMNUKK_P2iH_F4DA@mail.gmail.com>
To: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Cc: sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000736c1505ea5cfecf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/wu3m6QhGsB-Fescc4KjWUGAEnSI>
Subject: Re: [Sframe] Key ratchting
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2022 12:40:15 -0000
Hey Sergio, It looks like there is still some mention of ratcheting in the document: https://github.com/sframe-wg/sframe/blob/main/draft-ietf-sframe-enc.md#sender-keys Maybe that needs to be rephrased somehow? If we're going to keep / adjust / extend that text, some suggested improvements: 1. Instead of allowing every sender to use the whole KID space, you could segment the KID space as in the MLS-based case (so that KID would indicate sender as well as generation) 2. Instead of ratcheting the keys directly, there should probably be a ratchet_secret that gets ratcheted, and from which keys are derived. This would avoid the keys being used with two algorithms (HMAC and AEAD). --Richard On Thu, Oct 6, 2022 at 5:15 AM Sergio Garcia Murillo < sergio.garcia.murillo@gmail.com> wrote: > Hi all, > > As we prepare to publish the new version of the draft (currently available > on https://github.com/sframe-wg/sframe/blob/main/draft-ietf-sframe-enc.md), > I would like to bring back a topic for discussion: key ratcheting. > > If I recall correctly, key ratcheting was removed from the SFrame draft as > this feature would be provided by MLS, which would just generate a new key > internally and set it in SFrame when ratcheting is needed. > > However, SFrame must be usable without MLS, so I think we should bring > back the ratcheting feature to support other keying mechanisms. What > are your thoughts? > > Best regards > Sergio > -- > Sframe mailing list > Sframe@ietf.org > https://www.ietf.org/mailman/listinfo/sframe >
- [Sframe] Key ratchting Sergio Garcia Murillo
- Re: [Sframe] Key ratchting Richard Barnes
- Re: [Sframe] Key ratchting Sergio Garcia Murillo
- Re: [Sframe] Key ratchting Emad Omara