IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Re: CMS Kyber: include PK and CT in the KDF?

Sophie Schmieg <sschmieg@google.com> Fri, 12 April 2024 13:35 UTC

Return-Path: <sschmieg@google.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB4BAC14F6AE for <spasm@ietfa.amsl.com>; Fri, 12 Apr 2024 06:35:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.596
X-Spam-Level:
X-Spam-Status: No, score=-17.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ymaKxchn9eC for <spasm@ietfa.amsl.com>; Fri, 12 Apr 2024 06:35:38 -0700 (PDT)
Received: from mail-ot1-x32d.google.com (mail-ot1-x32d.google.com [IPv6:2607:f8b0:4864:20::32d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB12CC14F6A5 for <spasm@ietf.org>; Fri, 12 Apr 2024 06:35:38 -0700 (PDT)
Received: by mail-ot1-x32d.google.com with SMTP id 46e09a7af769-6ea1d2c1d58so481063a34.3 for <spasm@ietf.org>; Fri, 12 Apr 2024 06:35:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1712928938; x=1713533738; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=FaTAzahThoinI775jUJQf0MSB6HZnnE1nNxes2439Uc=; b=AbndUDg1T/elMW2lzZIyrR6IcyWiTavJJcghxPIALCtrhlR7eqdoaAltujn+JNi/Cp xvSe+4RJwrwyA5wFlkfijYuy/t37QY/PUWphY04DgiNT1P32G2ZjA9Z4uqynzd8J5XaL ICQ4l/RWSM89mcO3t4Vt+vGX2S4ra96lkE+sInHDEPuhfe3a237/XWry/eImB36C0jRW orWaFr6WGbq+BS2J0RmCg/H0hXxqhgJJpvzz/f4Xbl8ypSFI124DWXib5e84h68lLLDm /ZwLjW0DgVlVq6t238JQPooK6OGkluXranqUKbjFzliI0c5Nvl9cVfMAQlWWRWdqDdPQ vVzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712928938; x=1713533738; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=FaTAzahThoinI775jUJQf0MSB6HZnnE1nNxes2439Uc=; b=egPfNjScHVNV0KtRVJ4p11cbkk+XPQfwZYI2oc9Q3SCkKrDIPkS70KSbTzMSs4HPHs C4tvs0st8kXqnN1kzWDqqR6pK/qEmn2E4HqLpTaYRtHuUnXLM6o4ymgIx5u7T50K2l9m Ms1Kr/whC0wTKWstE7NNkBtcUHj0KMRGtPBFcxUwTCWSnbTS9L+khbQeBUOQmvmYOfrH 7VzkKlNV+MM95TWxf4k8mCxUhxfEJ058DtUXUBpv8BCRKslU/4NSuuFosK9jvy6fHhUB kcrhBL/CEzzAGrAi8Zv6R9eGU5zXjLVy+WHzf8Q9vzoVJZSMwph8RNoCSPKAItP7+mv1 HqpQ==
X-Forwarded-Encrypted: i=1; AJvYcCWYMff1KIBOHEGa+VWnHF4ibVkjY/x2RwumgKS45u3Z6+OYHeWLjqvIHe+IpO7XE8wORovFXck8AJN25UqUuQ==
X-Gm-Message-State: AOJu0YwrwTKKzb8MONfzURV8xp3mRZl/yDGMmJQQEz39IouMuBJzaM0i ByZmKVNsoU3k2DzY72wfCzulwxdQiRSOMerqyzsCndjnW5cS/KOcgQ6+fTvoAfcFZPTuL5vjdxz 9FWIScduin//fNCtOvZ/vsQPU28/DXhDZ7SWl
X-Google-Smtp-Source: AGHT+IGIvSpbB6AUK+TSepZjjwfhQsxWWABMGKgsFco736f02Q+ND0IxLa7ceITXzbwV9KcD7yzw/5LMO26UtUlSj7k=
X-Received: by 2002:a05:6808:3085:b0:3c6:11c9:d6ea with SMTP id bl5-20020a056808308500b003c611c9d6eamr3353883oib.5.1712928936747; Fri, 12 Apr 2024 06:35:36 -0700 (PDT)
MIME-Version: 1.0
References: <CAFR824w0rBfxGzCJrSZ3f45Lyn7SEVLZK6cM9ZaZVHVPujs-5g@mail.gmail.com> <A31C1C09-297F-4C4A-837E-FD2A703AD96F@vigilsec.com> <CH0PR11MB57391B1E18D87AEB8D9519EE9F052@CH0PR11MB5739.namprd11.prod.outlook.com> <353.1712925244@obiwan.sandelman.ca>
In-Reply-To: <353.1712925244@obiwan.sandelman.ca>
From: Sophie Schmieg <sschmieg@google.com>
Date: Fri, 12 Apr 2024 09:35:21 -0400
Message-ID: <CAEEbLAaTfnTK_BqaPmU=FfQ4MqO=KzfWnDT=QWL5=560LQ5PiQ@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, Russ Housley <housley@vigilsec.com>, Deirdre Connolly <durumcrustulum@gmail.com>, LAMPS <spasm@ietf.org>, "pqc@ietf.org" <pqc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cd8ef20615e65862"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/MychypqGXzvH4TdJh5ywKp3DSyw>
Subject: Re: [lamps] [EXTERNAL] Re: CMS Kyber: include PK and CT in the KDF?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2024 13:35:42 -0000

The binding situation of ML-KEM are actually quite good: As long as the
private key is not mal-formed, it is robust against any misbinding (it is
MAL-BIND-K-CT and MAL-BIND-K-PK if the attacker has to give a seed that
produces the private key). In other words, the only misbinding properties
it has require the protocol to involve revealing a private key or accepting
private keys from third parties. I consider that to be very strong
misbinding guarantees. Compare and contrast with RSA-KEM or ECIES without
hashed in ephemeral public keys, neither of which have HON-BIND-K-CT, and
in the case of RSA-KEM not even HON-BIND-K-PK (ECIES without hashing public
keys does not have MAL-BIND-K-PK).

I do think just using the shared secret of ML-KEM is fine in almost all
protocols, and protocols using KEMs that are not currently secure against
misbinding will even get an upgrade.

On Fri, Apr 12, 2024 at 8:34 AM Michael Richardson <mcr+ietf@sandelman.ca>
wrote:

>
> Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org> wrote:
>     > I still would like to see an analysis of whether the PK is always
> available
>     > at decryption time. I would like to hear from smartcard, HSM, IoT,
> TPM type
>     > people about whether it's fair to assume that the CMS / JOSE / COSE
> / etc
>     > layer of a decryption routine will have access to the public key at
>     > decryption time, or whether that will force some folks into awkward
>
> It's not an argument that one sees at all levels of API today, but I think
> it
> could be added.
>
>     > re-architecturing exercises. For example, if someone has a TPM
> architecture
>     > where only the wrapped private key is stored locally (cause why
> would you
>     > ever need to encrypt for yourself?), then I could see that being an
> annoying
>     > architecture change to also keep the public key. On the other hand,
> ML-KEM
>     > is greenfield, so maybe it's ok to say "When ML-KEM; your private
> key object
>     > MUST contain the public key".
>
> +1
>
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide
>
>
>
>
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm
>


-- 

Sophie Schmieg | Information Security Engineer | ISE Crypto |
sschmieg@google.com

v2.23.0 | Report a Bug | By Email