IETF Logo Mail Archive

Re: [lamps] CMS: selection of key management technique to use for EnvelopedData

"von Oheimb, David" <david.von.oheimb@siemens.com> Wed, 04 January 2023 16:07 UTC

Return-Path: <david.von.oheimb@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A660C15271C for <spasm@ietfa.amsl.com>; Wed, 4 Jan 2023 08:07:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yfR9iS-YdQ1J for <spasm@ietfa.amsl.com>; Wed, 4 Jan 2023 08:07:36 -0800 (PST)
Received: from EUR03-VI1-obe.outbound.protection.outlook.com (mail-vi1eur03on2080.outbound.protection.outlook.com [40.107.103.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C84D8C19E3A2 for <spasm@ietf.org>; Wed, 4 Jan 2023 08:07:19 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kWP/1zKN9IaCEb3RKKOz//Fjd+zdCc2KpUhtbhtIoX7tHCNE4c8rQDXgTHF4eADQx9LPEWo7VM6KDiw/xMO9NX/nCP6ZiuEHmjmQqofmj5KW7ucwYFqanv7WPQbYejOqDXzeeA24nSqHtMegHjBEK4zrJiYtA1riee2e8RJoxEs3Aa9YrneIzqADjEBzwIBJW73MxgRJ1m1tRHGYQEOnPZsdrOQ4FDwg/DNmPJZBFCCEGca2YRhsYEIXEGyl/qWpRI9eVTOS2WALCjwT7s9cq3x3tpDe25VqfYRUT84bUx+7No8ZtwZTD/wAaOrjufmfqzuqDx+EE4nBkjvb1VAEIw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Me/7YMZslPJgImmWtqBboVXBhsIq2QYOGLuSZraizEQ=; b=HdOJ9zUfC+6xeHQAMBtkZplsKPIpCXCnbT6iIp+ivqbnlBPwVa6zg42g+j/rbWFHgGBDFpHizQm+BlscicxcE+gjXskWHLV2nFr/0QuiS6suHHo4flj398w4m2+153hHnFxHsZXkFVUIi/5splextaRjg9edHO2OId3OrQByp3297JwKLan9iLAyaf79QUcLr3v6XLgXTeNd2LkbYqfxGHRvFxoW8u9/fp0zgIT4gLiSHEOVmNFEKPtuQS7a7pGCZp57lWlWXlbWW1TCrhwqSMKGfiYDTbNElLadFMsGLahMcaV5/BEUig3GEe/MYzDKkhjF4OOcx2Cxi5xZLFovgQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Me/7YMZslPJgImmWtqBboVXBhsIq2QYOGLuSZraizEQ=; b=kHTCDwUHYyGUrgRKnlwzgwOovzYtgiFbEsZvtld/9CNx+IiH1Jx2KHl1rDEL1qJlr94OZnNRm2cGzPvYj+twg3TE0SPlOVDbtU32SlW79aXZUBlabUQ74lC+mPMsXr4/Pb/MvXTW2qbNUw+F30+OCwIPZJy6R9Nu4abV2TOMJJz0mcbpEbcqOSUhSD4kZvGwiTqx1bAu5qDZncFb2SPZTRYIzZNWHSkB6zvLs+2YqBOXPXxMfwSd1cfCdKdBRnCrgqK4KC9lJvmHS2QQ++1qNVn/HdvlEcgNNFWPbOxGr8tRS12zVyvZ1s3Tauz/oFWSzM1Sim6VM1Ack1/U3VkwMQ==
Received: from DB9PR10MB5884.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:398::20) by AS4PR10MB7967.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:4fe::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Wed, 4 Jan 2023 16:07:15 +0000
Received: from DB9PR10MB5884.EURPRD10.PROD.OUTLOOK.COM ([fe80::9193:3b29:2644:986]) by DB9PR10MB5884.EURPRD10.PROD.OUTLOOK.COM ([fe80::9193:3b29:2644:986%5]) with mapi id 15.20.5944.019; Wed, 4 Jan 2023 16:07:15 +0000
From: "von Oheimb, David" <david.von.oheimb@siemens.com>
To: "housley@vigilsec.com" <housley@vigilsec.com>, "spasm@ietf.org" <spasm@ietf.org>
CC: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
Thread-Topic: [lamps] CMS: selection of key management technique to use for EnvelopedData
Thread-Index: AQHZFV/jrsIQe/6GokCjtrmrn6LVBq56VtaAgAFZ+QCAAARhAIAAJhiAgAGgZACAEQbMAA==
Date: Wed, 04 Jan 2023 16:07:15 +0000
Message-ID: <2235e8571c8621ba3b9c150da772bdc05e63e7f8.camel@siemens.com>
References: <b8c681f4f7e6728ecec2cb848e43f2228c4cba7a.camel@siemens.com> <db687565617dde5cc08fcedf0f39241255bb5ac8.camel@siemens.com> <E3949494-08FA-4558-8FFA-1FA7143FD61E@vigilsec.com> <c671f3550a3c422398ded9aa687432aabc9731e1.camel@siemens.com> <CAB18899-660F-4BC5-92FB-9A3B7AF7290D@vigilsec.com> <0aedcb9cef4436867986ae78baf64b56cd87c505.camel@siemens.com> <E81F066B-6541-4594-A35C-7553EA7B21CE@vigilsec.com>
In-Reply-To: <E81F066B-6541-4594-A35C-7553EA7B21CE@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Evolution 3.38.3-1
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR10MB5884:EE_|AS4PR10MB7967:EE_
x-ms-office365-filtering-correlation-id: ba1ea400-b044-411f-fb41-08daee6dbf1b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: UQrVdnMPUJPhb1egAw89egXTwckBYk2y5PNRf4NHOwmZPLggOs1siz3OcCltHqsc25LQ88PNkHhG5z+lHxWtLXlp6JV/y3K+O1reG1VvCzeetpWc6SlmVumSEBRWvEHraFzcJwHnu/lKgW7EYs+GGIu53et1iq6Aurd9FfFNdIjeOJqRZAo1B6O2mRFMdq764vFkBsgQXM9qw7uUmQJ5l9CYMnLhiGaOWt8US4+rpqNptYJ7imJHrz4t3HqF5FV3wdXbfLc7yNh3jGhfZCEBNCC0WOZ9OeaeRSrHZG6Llc8BbY8tU2dx6ssljI1e+2HkNsslvdo08qvWuUwjtXFaWNTqytdhUAYioyUTlR1znRBqdTfR4V1XfHi82CQVSsICvmjekY8NoZ2F8lRiNXjTe12OmsmxebpCXV6mfpbE8zgpTKBLXEtjZAzcl8eTV/3wORi4hZeefJ1+yKdx7N/9jaYVp92Z1puJryGYV0XaaHRJqJwRTMBXfLGFzenkkffjxRC3j/t3/wwsgI4h2aku5/qsiol6lTl0NWgeaHF0TxUIb554EzxbkNJ5hGr+eMNG+g8+vwQfCp0Td/rPjorJCJdgIJrlPx8TPsxL3T1BJiqFl+wlBzbImN8/ICWd0MDaY6BXt1QUvcKhbzXiYd8hk/zeAkcBBScaN2R46z7EfJ5YlPeR7Q6wbju7UA3d8tuXTok0wIptKozOG+2GysMDzH/0ii3W+mVTpUVbnAhiAMU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR10MB5884.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(4636009)(39860400002)(366004)(376002)(346002)(136003)(396003)(451199015)(8676002)(66556008)(66946007)(64756008)(4326008)(66446008)(66476007)(76116006)(2616005)(41300700001)(36756003)(38070700005)(91956017)(316002)(38100700002)(110136005)(4001150100001)(82960400001)(2906002)(86362001)(166002)(5660300002)(122000001)(71200400001)(6486002)(8936002)(83380400001)(6506007)(478600001)(186003)(26005)(6512007)(107886003)(966005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Y27Epnu4ya9gYjPM+LBmR3ERFZ+dr9s7GcPUDY+bQF2S7qCUch5pyYPAPSwM3oBH6lhdNt1uU8FcoZNOOGHpkao6FDR0Wp4bRREsy0jTcfThyozUJx2eOKxh53P2nwFCIA4+s17y4aElI/oEaJm6P0M2Fl7SFXoyLyteCJaC2f7bAJ8PIF3loUATAh5vsBRMSAQRivGn7MF0qYhjgOcz8JEAfssJrx+eZmiYZ1k71Ya2+CGzwQS/bo22pHklRJ6TeXJM50vDqLaxmWc/x83nNS181qXu/CgvY0r7OjSOJ7Kv7dQwunyidBK/ATi17VvIU4mGstVuMZMHiJA1Uf3UcLnQsj0ri/LkyY1dn8uAVoKIkLFdShT9sk/zB2ecyvg/TbBkY5xqAjiEErzUae9JpR/h0k9xDWS94inDTpHwG6O7GO4JzJzyZgh+5cYuCUaf62N5o3h1lD8tX6cINdLVITZQp/AZHJNEF+WrPdHw5xR6AIDJgvX1vF5Lx9fkFse36fdJuKyrs3VQnZ6//i78ZBi8jF0iYl9Q2bbL/hfQ9OlMrNvztymckh5R5hNHWjY2+df03Qp7ZklTdPDINNr2I6sV5U/nHFVfge3AxiCo0isBBfisA5uYYS1Q+tAN1s3jE8KIvrl087ejlXBMbpdZNl/g2P3af/W+s6ZCd8Bazg7hUixDBbeFYaQA1LNtiC3t2dCJP4wekYvgcYf4g4SK3VRLjIZATSlus5q/PdUCQQd7zrPMIzEl70pv7jpDXI1PabK0+z/UrGKpYgWqTTURIowS1qMxfC1pBuJ77NI1mz5wWSitpZq+tWDKTuNSCNu4qZT3EXr/sW1DGiLaJl8WIyNuSScJ/Fq6QTholHtszZenVflOCt49hjfPhFW0kujy9twC6EyxylgJ7+VwnPy3t+V09FHEVDqDw2jRtmEF7dEXcW+yDG4x6+v3fVaZZBjgR8qoLMGX+XuOUgJW9s0I6uiynmnYXaqtEc0r/o8cX0t9ZMAhTJvaPj5fUp0aPBBpdYje4wOK5McmTtLAXLjIj3Pth9lPtMcFV6jkH1D5w0EhmQktMi0BZV+WXMSnUre1eBXi6qXipiT6zU4tMvZNP31TqQlSbkp1caO1Pa32RawB9sVIjuYeq5t0o+NFoZ0ijeOginFDKCXuqFtenoe6D8ZcMEawxGLopO42zRUKQIXAXDzzuUwG6I9mkPE+3JW9zBbxIlIxdi5bcNIvLFHH3PfGydujx40svD0fZl1pTiBzd+gdZwHhRNrNvfsqgVgtFSY27g+ogEFxH5HC4pz7R5sx3HFhnwBdVIatxVlPPPoyc2xyUWdYiEC7H2RUHMB3iPryOrs4chea2mXUAnjTmA1Ai1KnuvK7BkL3tV+YMxO8JIxEDCekvbVVIzdDGT8yRiaJtCw0Hpsrls/YQpmsclPH176kOqWBO1rYBbiuwGuLlCjGUiOYdWMTxoTPyPD3AMvPiMa0xNNpzg1Mgz7B0IRbLjcceR3Si19jcIzesr6yOcow/qQe0iTU3ww7jiyxOIDH57ij5E4qkPnfGA045eS7UoczFuA39ua1eW8jXOr3Zg4oHR6wS+AwA1kFluGa3WFqzr9vVau9M5rtHdE00g==
Content-Type: multipart/alternative; boundary="_000_2235e8571c8621ba3b9c150da772bdc05e63e7f8camelsiemenscom_"
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR10MB5884.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: ba1ea400-b044-411f-fb41-08daee6dbf1b
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jan 2023 16:07:15.1318 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 03m+oQSxpXYC4PWG8Av3UwUyfFqWi1e8JgznovgJdOOuL8IWcbczSaM275LUhjBzIufsnyOS7QOOAOMJPvw6AgLkhQ6gkJX/eYwaxdm14IM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR10MB7967
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Am9AG5gszue01QienBArP8NVvaA>
Subject: Re: [lamps] CMS: selection of key management technique to use for EnvelopedData
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 16:07:41 -0000

Russ et al.,

On Sat, 2022-12-24 at 15:06 -0500, Russ Housley wrote:

I wonder why nobody brought this up before -
maybe simply because cryptographically educated users of CMS know (and others should learn by failure) that RSA does not support key agreement and ECC does not support key transport.

The CMS-related algorithm specifications make it pretty clear.  For example, RFC 5753 tells ho to use ECC Algorithms in CMS.  I do not see how an implementer would try to use KeyTransRecipientInfo after reading that document.

indeed https://datatracker.ietf.org/doc/html/rfc5753#section-3 describes for ECC only key agreement and not key transport.
Yet even from this RFC, one cannot conclude (without assumed/implicit general crypto knowledge) that this is the only possible choice for ECC,
and for RSA a naive crypto implementer would have a hard time looking around further until hopefully finding some guidance elsewhere.


Maybe some pointers are needed in CMP in the central key generation section.

Yes, this is what we were after - one or two simple pointers to some place where suitable explicit spec/guidance was already present.
Yet from our recent exchange I've come to the somewhat disappointing conclusion that this does not (yet) exist.
So likely we have to specify something ourselves, for instance:

The key transport key management technique SHALL be used if the public key in the recipient certificate is an RSA key.
The key agreement key management technique SHALL be used if the public key is an EC or DH key.
For any other key type, a suitable key management technique should be chosen (but is not defined here).

Does this text sufficiently reflect the current state of the art?
I'm aware that for PQ KEM keys different key management techniques will be used, but those are out of scope of the CMP profile for now.

David

v2.29.0 | Report a Bug | By Email | System Status