Re: [lamps] [Pqc] Auditing HBS state usage
"Vaira, Antonio" <antonio.vaira@siemens.com> Wed, 01 February 2023 10:31 UTC
Return-Path: <antonio.vaira@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01ADDC169539; Wed, 1 Feb 2023 02:31:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Do8XHgbddlH; Wed, 1 Feb 2023 02:31:25 -0800 (PST)
Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on2050.outbound.protection.outlook.com [40.107.104.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BAB85C16953A; Wed, 1 Feb 2023 02:31:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B/yTeyGtH6vPsOwIPWMJO2Z+OGD/iY/1hepUJdlvAeJhmderyLdxeCRh939yF9pm2FAssev2QQ5xJfJ9LSrJoNiMDaw9vLp1SGh4MEGP+oNI5Sws63tWiAhVaJDVSwVkFE/wL88rGhIhayNWmQTCjZmDVyf7z0qYMA2/W2RVtgnLj50HDc6FVfo5ViKw79DPRRO/t4KgS7mRZ5JQSv3WHd31wUulXq8VLkUYEdbyQJ+pIzSp4QzVvhbup136R/5GB4b7SSTDWYgi6/7Z0yRy+DjslFQsBT0xuCHAVueXvqoyHpvci589KEm6fjNht/Ddj1//OsmYLH9aBJrUJtwzgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gL8d3WX04oeHXFY5EFdW8GjPtmv62X6pRr1VTx2dU2g=; b=Ul7Z22MJBDWhVHbFPM2wOYyfoYK/WWtGMeqbVhKlPsXEZjewXL6L8FYGCurpEVtis9oR6UmqUmGNNjuaQxhVn0vr2D/CVGzkAZU/27pvO/5PgdKS4FIgqO5gIGGXBbUG2ZlK8U+qlBZmJvj9dQK9CNfYiqMZvNeUD5DO0Q7MbOKYbJY0viCESqFdLAK9m4ODYP9/RA1Qdr3ADLRNCKhvbleGAH9mLt3M3WAgzhEiaUoi7VuEPljWA+nfNEyeC1A6QEIsbcK+vARVxxsmHxmR5olR8hqbW/tVmwSejHBlz9KkXPUdMhuUhmJDcAkiiylpNXDgguqkGPV14T5QgBvE3w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gL8d3WX04oeHXFY5EFdW8GjPtmv62X6pRr1VTx2dU2g=; b=YqSWw4fqA4my2AHruhbmy+rQq8/Q0cbXW0ulE6DKCgmG5xV9A8xWFHbeC+ikYO2dfna0j338GUyqdrMxrhLrn6/RzHVYi7NdJ7Ukh188lMHRef+3T1twOXY+jryF+AHx7qSUbyUV2OmKRDW+9g5ihxdlvnAv3ucQD0qouZyqcQPmFfQPl3u5LbYqfK0bVPOp/POTWEZPTJCJTMnYYC4FwWcfAkecva7mavLUFCffay1meBurbhyKd334AMN+lFkpu2THfzD30irPbCAO59gatSgTpDwdF/CIFiNHi12XVgnJIJx7HCNQwi/UV68+RPV/fD/0+zww0zjZ7LznSb/chQ==
Received: from DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:34c::22) by DU0PR10MB6956.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:417::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.36; Wed, 1 Feb 2023 10:31:20 +0000
Received: from DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM ([fe80::804c:aa94:7e98:ccae]) by DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM ([fe80::804c:aa94:7e98:ccae%8]) with mapi id 15.20.6043.023; Wed, 1 Feb 2023 10:31:20 +0000
From: "Vaira, Antonio" <antonio.vaira@siemens.com>
To: "Fregly, Andrew" <afregly@verisign.com>, "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>, Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>
CC: LAMPS <spasm@ietf.org>, "draft-gazdag-x509-hash-sigs.authors@ietf.org" <draft-gazdag-x509-hash-sigs.authors@ietf.org>, "pqc@ietf.org" <pqc@ietf.org>
Thread-Topic: [Pqc] [lamps] Auditing HBS state usage
Thread-Index: AQHZNYvRgagrk8iVFU+fKdCwRvW6aK6403GAgAA5SgCAANh5wA==
Date: Wed, 01 Feb 2023 10:31:20 +0000
Message-ID: <DU0PR10MB5244EA1642F2A5D16518F8C2E0D19@DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM>
References: <08C331ED-453C-4812-955A-F2161B960329@vigilsec.com> <3439f87bb3bb4a199f706b791cba6b6a@bsi.bund.de> <6828097d5b5b4beabb0c4243b150077f@amazon.com> <99a43b5f4620438a9cb7ca539f70dbcb@bsi.bund.de> <DU0PR10MB5244B1BC5E40204EDBD0AFD1E0D09@DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM> <d86eb6d6b0be4f58a51377bde590c521@amazon.com> <CH0PR11MB57396CB5F9341759B023A9309FD09@CH0PR11MB5739.namprd11.prod.outlook.com> <DM4PR11MB545523D89F48FB36083FD3E5C1D09@DM4PR11MB5455.namprd11.prod.outlook.com> <B9FA096A-CA03-4DEA-81D6-89E86B8B42D6@verisign.com>
In-Reply-To: <B9FA096A-CA03-4DEA-81D6-89E86B8B42D6@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=2201c52d-fc46-4fd3-bd06-62436aa2878c; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-02-01T10:30:05Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU0PR10MB5244:EE_|DU0PR10MB6956:EE_
x-ms-office365-filtering-correlation-id: 6264fbba-0acb-4a33-c42c-08db043f75c6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +smiAlXDG8bzdp4/J1d3c2wig64s7M4y0tEqFo6E3aRWk4hY0ZtEWzaeaR+79+Q+wrgoo+V7kmJFyNerV7OLs7aK36x4IUNB/2d8BwQy3bJehxQ7B4sjQwchmRoiJbfrtpr1MYhjoSPzzybKEapsWcY8bAT61r+bDM0uWQWF5H1UjV3MhybrcJkC+sx3kxcVDNZKeG6NOtBiSq7bBehL8QXTXi0YzXR49Y0zEcPCSXIICDvbBlWuZNyLkNq3HsTmGrYIlj5Sv3wGZrTTVY8uIrTnWcKv+CDzKiu+v9wZcApxyZ/r7LaBz7h+KCeMXUU92bFDvGF+JLMp3elBgq2g3IRJJlCYYwm/2sPVZvyDn+KgV+sNVeFByhGzpIPek20DWblUN/g0wu9jqNn7dlQkiX57tIc+AEi2DQWRsdPwNDdeNQaLc16BLazdQ+YNfnZ5+cB4zqku3TGJttxWyL1uaCARyPn1WMl2LgtU8LAzraLI24u125LWg3zHzbGGaJbNvrZc267reAfzJk97JPiNgz+UcruZagK2vy3mlBWNqmO/eH2OW8IWURSdEXHf0ACj4rUyo4Plfww1aQR7kg/cmpecYsxaRYmij7mBP83OIHbRwf+hKv9QXVSNug20airKwTg9If+phSklPVUtqIBi88W0IlB3vKMhP9VB4fgnp0iDs4rB7M7FL8MJm7V6Q+MVqda/TvL/g4OQVCde1LxKJg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230025)(4636009)(366004)(136003)(376002)(346002)(396003)(39860400002)(451199018)(76116006)(66556008)(66446008)(66946007)(64756008)(4326008)(66476007)(8936002)(54906003)(66899018)(110136005)(8676002)(316002)(5660300002)(30864003)(45080400002)(41300700001)(52536014)(2906002)(6506007)(7696005)(966005)(478600001)(71200400001)(53546011)(186003)(9686003)(26005)(83380400001)(66574015)(38100700002)(86362001)(33656002)(122000001)(82960400001)(38070700005)(55016003)(579004); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 38ribjXf5TSfjVivf07pSynOan5YXsuOwwJP0RG1X9k67RlgYDP1aUVHt1tTPuzhc3kZC2Z5sPu72rabUtTQ7R3dLgqu4SjzgMOX+Uez0s7Hwfcpv7e33Z59VK0DvSMWFO1YyldAet/bDkYhIpRB9UPaw2GpHgLGIWCmmtOxyWRwctNv/RvUf23IP6FZAQnBgZDFpvh24minTxEuV3crGQ7p6041K/A7BAEsTzCtnbXN4w5rRxyAS7GcbCeiZbwJpJzFri6E44RlryRO38bxFbJOgXqf5h/FS0dSPaPOrD/PEOX10taphzvlqDb1mFrRSlBfBJQLOUvyT97a/riB5ekov97NywIas+7vaw0gqGPLan2F8eNA7uWrCEzeIrI+rAgp9bVj6oJPJ/G+cBn8zS1IF9GHExDUZ0LRxwKK/4lM7POeoL6mFmLV5ZX1mLf2hncAyIU/geOL5LwP7y2Fvq2ZArKXOMxOLfwUw/R1bi0DCAb6GkqBxJrXGexhFxqjCtZRWg7Dat+JlH47HX0ov0L+a7RL+Sui/7iF2Ms7w3O5o0gteZ1vKbvDFyrWq6DKuDBykAHNXCOuLyy7TjFCBeKmuArbpxU2Ne/tsmUYpnzzEtLPHsv8MJ23KgE1wQ8BJoo3X1TIqFWC2//MpktcFiEQuRGV9hd0HzlEqrs5/L6EQaae+AoYXtw/GSTANcZWz7mZCDrDlUNR7R3g2tDoK7BPIme4LBhEcsry/5kyTJBGQAQa2qu67guaCfCFFVLV8mWTdqQpWuTVnZloEQdoQDWUvZMdwApDLzC1i4zFt1KLC2xstXs3TP1xgngq99X0e2kyXlSMBfQ7aDZLSoi6M6uDU2Dz/Hzw7xTVL3agDRYRZ5ir/ehOOxok3JuoQlCM9LB6XnEjbKFhIH4JQ0Qxhyj+zy0IEFE5BsqJiMrwDJd84HYGFXdutkzc0x2qPJJ8YBgwuy9lpD52iaoOHVK/S+vzVCGBj6hYPdBSPZQaPri0AgJaq4kR4Xbv5wpi5H94w0DJwTaTY1j9//zK3dESbwPWoAwgQcpWg1HE1YjSzb0xNTBhy703bDROkINH4Ofmvs8YXkhi9Ta1ZcqPpNi/0RF4oMMUgKykFjbzU1vxz+BznClO9HNZlh3KlP36sPB7o/9915DOLtSmAL3ktiKB757AXl/9KSWyf2GOguyho00osq6i8e1gJIzcUS7y9soEtJrsJkM1AdnHRv9cdCeBaJl+VdxL2rJhcQmnXYGYxc3QddYrTVMonnMvJYPgRnki6P5TULcjNqUci/7NR7FzIpE7Vas1GD9rYgldQJqzaCM7vcX/YnWYNPKIpcRdGal0U8Rsblu5b8v2gzEeBNh/BsY4FmB7TJsB7n2IbiPR7A905J2BtaxNbvfYDWqii7irIOP42wfp2fB8Pa0ukrrrQEuFdKlcH3J6YwZ13TX9S5Y5N/DD21aptHz4QJ59oPvzf3UgDiQ3yGmfBjwt6+E59TOodkfcgiZJDiuwpCa4SLg1va+Mm8KBNvwsn/cj3yAkrm/QU9h4EHuvuuf9FK+f8F5QglHcO3+LH9u1j4gCnDNKftkVHYTCkMNgWr9YHMdfHa19y8mlEkXFocesVsLpXQ==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB5244.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 6264fbba-0acb-4a33-c42c-08db043f75c6
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Feb 2023 10:31:20.7999 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hpKGANuRJhr2GfW6LnGuz2FefPhvdI4piCj1vENtvdrIsmxs25FlmPiHuK55dLQYiKODlpqPN1wcOtyEfHtNDlev5vzc9K8/irlxpCE93OY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR10MB6956
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/kwtz4P6upVxdCghFzpJM1fOlcXs>
Subject: Re: [lamps] [Pqc] Auditing HBS state usage
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2023 10:31:29 -0000
Dear all, Many thanks for the interesting discussions and inputs. My main take away for these exchanges is that most likely there will not be a trustworthy technical/mathematical method to prove that stateful signature operations are carried out in a compliant manner and it will indeed boil down to "trust and risk perception" linked to a specific use case. I am inclined to think that for the majority of use cases, where a moderate level of assurance on the signing operations is required, it might be enough to trust the HSM and the operational team to follow the right procedures and pass periodical external audits. Thanks Antonio -----Original Message----- From: Fregly, Andrew <afregly@verisign.com> Sent: Tuesday, 31 January 2023 22:35 To: Scott Fluhrer (sfluhrer) <sfluhrer@cisco.com>; Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>; Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org>; Vaira, Antonio (T CST SEA-DE) <antonio.vaira@siemens.com> Cc: LAMPS <spasm@ietf.org>; draft-gazdag-x509-hash-sigs.authors@ietf.org; pqc@ietf.org Subject: Re: [Pqc] [lamps] Auditing HBS state usage State auditing based on embedded state in signatures may be quite challenging when distributed signing processes are used for hash-based signatures. Consider the scenario where HSMs are allocated to separate lower levels of a hierarchical tree structure. This is the scenario currently required for distributed signing with HSS or XMSS^MT to be in compliance with NIST SP 800-208. It is described in section 7 of that document. Andy Fregly On 1/31/23, 1:10 PM, "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com <mailto:sfluhrer@cisco.com>> wrote: Actually, it's not that hard to extract the current state from either an XMSS(^MT) or LMS/HSS signature. For XMSS and XMSS^MT, the current state is at a fixed place in the signature. For HSS, the state is scattered in the signature; however it's not *that* hard to retrieve... So, expressing the current state explicitly in the certificate might make things a bit easier; however it doesn't fundamentally change anything > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org <mailto:spasm-bounces@ietf.org>> > On Behalf Of Mike Ounsworth > Sent: Tuesday, January 31, 2023 10:51 AM > To: Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org > <mailto:40amazon.com@dmarc.ietf.org>>; Vaira, Antonio > <antonio.vaira@siemens.com <mailto:antonio.vaira@siemens.com>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org>; > pqc@ietf.org <mailto:pqc@ietf.org> > Subject: Re: [lamps] Auditing HBS state usage > > [changing title, and adding PQUIP list] > > > - my understanding of stateful HBS schemes is that the state of the > > private > key can be uniquely identified by the authentication path that is part > of the signature. Could we think to derive a unique value, out of this > authentication path and embed it into a certificate field? Maybe such > certificate can be further published, for example on CT, to allow > public scrutiny of the CA operations? > > Interesting idea! > Basically, explicitly put the private key state in the signature for easy auditing. > > > IMO the list of certificates issued by a CA is already well tracked and audited. > IMO if we're gonna get ourselves into trouble with over-using a HBS > key, it's gonna be uses of the CA key for things other than > certificate signing; like a stuck process that re-issues the same CRL > 500 times, or a CA set up for direct OCSP or CMP signing with the CA > key, or .. who knows .. some CA software that uses the CA key for > backend TLS connections, or that uses the CA key to sign audit > records. All things that are completely not a problem today, so > developers and ops personnel might not even think about them when moving to a HBS CA key. > > I like the idea of auditing signatures and private key states, but I > think for it to be effective you have to audit every signature > performed by the HSM to make sure you're catching "the weird stuff" > that might not otherwise get audited. In my mind, this is in the > bucket of "quality of life features" that HSM vendors will need to build in to their products that support HBS. > > --- > Mike Ounsworth > > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org <mailto:spasm-bounces@ietf.org>> > On Behalf Of Kampanakis, Panos > Sent: Tuesday, January 31, 2023 9:28 AM > To: Vaira, Antonio <antonio.vaira@siemens.com > <mailto:antonio.vaira@siemens.com>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Subject: [EXTERNAL] Re: [lamps] draft-gazdag-x509-hash-sigs-00 > > WARNING: This email originated outside of Entrust. > DO NOT CLICK links or attachments unless you trust the sender and know > the content is safe. > > ________________________________________________________________ > ______ > Hi Antonio, > > > - my understanding of stateful HBS schemes is that the state of the > > private > key can be uniquely identified by the authentication path that is part > of the signature. Could we think to derive a unique value, out of this > authentication path and embed it into a certificate field? Maybe such > certificate can be further published, for example on CT, to allow > public scrutiny of the CA operations? > > Interesting. Indeed, Stateful leaf HBS certs (which will include the > tree verification path) could be published so auditors or verifiers > could attest that state was not reused. For the Web there is CT so > that would be relatively straightforward. But given these certs will > not be used for the Web, it probably does not help much. In a code > signing case, a signer vendor that signs its software would need to > publish all HBS signatures basically for them to be auditable to > confirm state/OTS public key was not reused. It would be operational > overhead for vendors though to make all their signatures available. > > There is the threat model that is important here as well. If I am the > verifier of company X created by company X to verify company X's > software signatures, do I need to audit company X's signing did not > reuse SHBS state? Probably not because I trust the signer who is > probably auditing internally. But still, a published code signing repo > of all (Root signatures and ICA issued signatures and software > signatures) could provide assurance to 3rd parties that want to be > sure. It still is not perfect because someone could argue that some > failure scenario while signing may have reused state but the signature did not show up in the published signatures, but it certainly raises trust. > > > > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org <mailto:spasm-bounces@ietf.org>> > On Behalf Of Vaira, Antonio > Sent: Tuesday, January 31, 2023 7:33 AM > To: Kousidis, Stavros <stavros.kousidis=40bsi.bund.de@dmarc.ietf.org > <mailto:40bsi.bund.de@dmarc.ietf.org>>; > Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org > <mailto:40amazon.com@dmarc.ietf.org>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Subject: RE: [EXTERNAL][lamps] draft-gazdag-x509-hash-sigs-00 > > CAUTION: This email originated from outside of the organization. Do > not click links or open attachments unless you can confirm the sender > and know the content is safe. > > > > Dear Stavros, Dear Panos, > > I hope I am not intruding this conversation, I would like to add a > couple of personal considerations: > > - I believe that we will also need to have "stateful HBS ICAs", to at > least sign "stateful HBS code-signing certificates". This would allow > a relying party to validate the code-signing certificates, and its > associated certificate chain, by verifying only one type of digital > signatures, which in this case would be a stateful HBS scheme. This > type of ICAs may be handled as RootCA, so probably there is not much to add to the security considerations. > - my understanding of stateful HBS schemes is that the state of the > private key can be uniquely identified by the authentication path that > is part of the signature. Could we think to derive a unique value, out > of this authentication path and embed it into a certificate field? > Maybe such certificate can be further published, for example on CT, to > allow public scrutiny of the CA operations? > - on a more generic note, the recent publication of CNSA 2.0, despite > applying only to NSS, may trigger other regulatory bodies, which may > be transversal to the scope of NSS, to adopt similar guidelines. > Therefore I think we might have to deal with stateful HBS sooner than later. > > - @Stavros: it would be very interesting to know more about how you > plan to handle the requirements from §7 of NIST SP 800-208. > > in my understanding, to fulfil the requirements set forth in this > > section > one would that initializing several hypertrees on different HSMs. One > or more HSMs may be used immediately and the remaining should be > securely stored for later use (as disaster recovery mechanism for > example). I think this approach might prove to be quite cumbersome, at > least over a long period of time (which is intended use of stateful HBS). > > do you see additional approaches that would allow to comply with the > requirements from §7 of NIST SP 800-208? > > > Many thanks > Antonio Vaira > > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org <mailto:spasm-bounces@ietf.org>> > On Behalf Of Kousidis, Stavros > Sent: Monday, 23 January 2023 09:33 > To: Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org > <mailto:40amazon.com@dmarc.ietf.org>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Subject: Re: [lamps] draft-gazdag-x509-hash-sigs-00 > > Dear Pano, > > thank you for your comments and suggestions, and sorry for the late reply. > > The typical use case we have in mind are root and (potentially also > subordinate) CAs which are using an HSM for cert signing that ensures > the secure handling of the state. When discussing this in the security > considerations we would also stress on NISTs proposal to use > "Distributed Multi-Tree Hash-Based Signatures" (see NIST SP 800-208 > §7) as a design to further ensure that states are handled appropriately. > > We have tracked the other use cases you mentioned as an issue in in > our repository. I think Stefan Gazdag has some experience here and we > will discuss how to incorporate your suggestions in the security considerations. > > Best > Stavros > > -----Ursprüngliche Nachricht----- > Von: Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org > <mailto:40amazon.com@dmarc.ietf.org>> > Gesendet: Donnerstag, 29. Dezember 2022 18:23 > An: Kousidis, Stavros <stavros.kousidis@bsi.bund.de > <mailto:stavros.kousidis@bsi.bund.de>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Betreff: RE: [lamps] draft-gazdag-x509-hash-sigs-00 > > One more comment regarding draft-gazdag-x509-hash-sigs. > > Stateful HBS had come up previously for X.509 and some participants > voiced serious concerns > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > efense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook.c > o&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808d > b03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638107977225684 > 573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTi > I6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43L > LgxlYvwH870W6Gcu8uww%3D&reserved=0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furl > defense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook. > co&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808 > db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C63810797722568 > 4573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBT > iI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43 > LLgxlYvwH870W6Gcu8uww%3D&reserved=0> > m/?url=https*3A*2F*2Fmailarchive.ietf.org*2Farch*2Fmsg*2Fspasm*2FDKP > DfaQZxF5_De9BYuoWsRKp4gM*2F&data=05*7C01*7Cantonio.vaira*40siem > ens.com*7C42f367be82dd413a64ae08dafd1c9a04*7C38ae3bcd95794fd4add > ab42e1495d55a*7C1*7C0*7C638100596561496300*7CUnknown*7CTWFpbG > Zsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6 > Mn0*3D*7C3000*7C*7C*7C&sdata=h25km8rodm9XTku1Chgjffe*2BEm9dOR > sXhMwrrDhcVzQ*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJQ!!FJ- > Y8qCqXTj2!esBnp7Nl7B1z9kQbd2Cr_cAnMTdMiIqi4_tPkbBohCOjROZnG7We > Ocu5HmlSVFHnbif3t0MFYttHiFf4DUHO8hDBsvLpjr-H6OhAlgSN8g$ A summary of > the counter-arguments could be that CAs have messed up before, how can > we rest assured they will not reuse state. > > I think your argument for Stateful HBS in this draft is only for root > CAs which sign a few ICAs and then go to sleep and rarely wake up. > Maybe another use is for code-signing EKU certs where the signer > controls its signing process and the verifiers trust it. The draft > also mentions subordinate CA certificates. I don't think these are > good use-cases for stateful HBS. I would suggest for the draft to > clearly stress the potentially use-cases for Stateful HBS. Also I > suggest for the security considerations section to stress the > importance and how you envision these use-cases will be able to > address the state concern. For example a Root CA uses an HSM and signs > very few ICA certs and then goes offline. Another example is a > code-signer keeps track of all its signatures and can go back and > attest the state was not reused periodically and its verifiers usually > trust the signer. Another one could be the state look ahead where you retrieve x states and change your pointer before you even start signing anything. > > > > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org <mailto:spasm-bounces@ietf.org>> > On Behalf Of Kousidis, Stavros > Sent: Saturday, December 24, 2022 12:11 AM > To: Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com>> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>>; > draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Subject: RE: [EXTERNAL][lamps] draft-gazdag-x509-hash-sigs-00 > > CAUTION: This email originated from outside of the organization. Do > not click links or open attachments unless you can confirm the sender > and know the content is safe. > > > > Dear Russ, > > thank you for the information. > > In the next version we will adopt the "OCTET STRING" definition of RFC > 8708 for HSS and apply this also to XMSS/XMSS^MT. The same applies to > SPHINCS+ where we will adopt the definition of "draft-ietf-lamps-cms- > sphincs-plus-01". > > Best > Stavros > > -----Ursprüngliche Nachricht----- > Von: Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com>> > Gesendet: Freitag, 23. Dezember 2022 18:12 > An: draft-gazdag-x509-hash-sigs.authors@ietf.org > <mailto:draft-gazdag-x509-hash-sigs.authors@ietf.org> > Cc: LAMPS <spasm@ietf.org <mailto:spasm@ietf.org>> > Betreff: [lamps] draft-gazdag-x509-hash-sigs-00 > > Dear I-D Authors: > > RFC 8708 has this definition: > > HSS-LMS-HashSig-PublicKey ::= OCTET STRING > > This will carry the bytes as defined in RFC 8554. > > draft-gazdag-x509-hash-sigs-00 says: > > HSS-HashSig-PublicKey ::= SEQUENCE { > levels OCTET STRING, -- number of levels L tree OCTET STRING, -- > typecode of top-level LMS tree ots OCTET STRING, -- typecode of > top-level LM-OTS identifier OCTET STRING, -- identifier I of top-level > LMS key pair root OCTET STRING -- root T[1] of top-level tree } > > This will produce a different byte string than RFC 8554. I think this > is a problem. There should only be one way to encode the HSS/LMS public key. > > Russ > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org <mailto:Spasm@ietf.org> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > efense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook.c > o&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808d > b03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638107977225684 > 573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTi > I6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43L > LgxlYvwH870W6Gcu8uww%3D&reserved=0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furl > defense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook. > co&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808 > db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C63810797722568 > 4573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBT > iI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43 > LLgxlYvwH870W6Gcu8uww%3D&reserved=0> > m/?url=https*3A*2F*2Fwww.ietf.org*2Fmailman*2Flistinfo*2Fspasm&data= > 05*7C01*7Cantonio.vaira*40siemens.com*7C42f367be82dd413a64ae08dafd > 1c9a04*7C38ae3bcd95794fd4addab42e1495d55a*7C1*7C0*7C63810059656 > 1496300*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2l > uMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C3000*7C*7C*7C&sdata=BzfXk7I > kssXiXjWumPeivk5qXUsPP2tXjqRJZXx3QB8*3D&reserved=0__;JSUlJSUlJSUlJSU > lJSUlJSUlJSUlJQ!!FJ- > Y8qCqXTj2!esBnp7Nl7B1z9kQbd2Cr_cAnMTdMiIqi4_tPkbBohCOjROZnG7We > Ocu5HmlSVFHnbif3t0MFYttHiFf4DUHO8hDBsvLpjr-H6OirgtotNA$ > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org <mailto:Spasm@ietf.org> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > efense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook.c > o&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808d > b03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638107977225684 > 573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTi > I6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43L > LgxlYvwH870W6Gcu8uww%3D&reserved=0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furl > defense.com%2Fv3%2F__https%3A%2F%2Feur01.safelinks.protection.outlook. > co&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03c808 > db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C63810797722568 > 4573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBT > iI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RmakNR805nAoNcBlHUpc43 > LLgxlYvwH870W6Gcu8uww%3D&reserved=0> > m/?url=https*3A*2F*2Fwww.ietf.org*2Fmailman*2Flistinfo*2Fspasm&data= > 05*7C01*7Cantonio.vaira*40siemens.com*7C42f367be82dd413a64ae08dafd > 1c9a04*7C38ae3bcd95794fd4addab42e1495d55a*7C1*7C0*7C63810059656 > 1496300*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2l > uMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C3000*7C*7C*7C&sdata=BzfXk7I > kssXiXjWumPeivk5qXUsPP2tXjqRJZXx3QB8*3D&reserved=0__;JSUlJSUlJSUlJSU > lJSUlJSUlJSUlJQ!!FJ- > Y8qCqXTj2!esBnp7Nl7B1z9kQbd2Cr_cAnMTdMiIqi4_tPkbBohCOjROZnG7We > Ocu5HmlSVFHnbif3t0MFYttHiFf4DUHO8hDBsvLpjr-H6OirgtotNA$ > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org <mailto:Spasm@ietf.org> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > efense.com%2Fv3%2F__https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2F > spasm_&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03 > c808db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6381079772 > 25684573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiL > CJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ppnQS0FS5qvKtaO7aI > E0Rw4nO%2BUAWN2GH6hDg9OvY94%3D&reserved=0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furl > defense.com%2Fv3%2F__https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2 > Fspasm_&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df0 > 3c808db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638107977 > 225684573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIi > LCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ppnQS0FS5qvKtaO7a > IE0Rw4nO%2BUAWN2GH6hDg9OvY94%3D&reserved=0> > _;!!FJ- > Y8qCqXTj2!esBnp7Nl7B1z9kQbd2Cr_cAnMTdMiIqi4_tPkbBohCOjROZnG7We > Ocu5HmlSVFHnbif3t0MFYttHiFf4DUHO8hDBsvLpjr-H6OgQtC7kZg$ > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org <mailto:Spasm@ietf.org> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > efense.com%2Fv3%2F__https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2F > spasm_&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df03 > c808db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6381079772 > 25684573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiL > CJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ppnQS0FS5qvKtaO7aI > E0Rw4nO%2BUAWN2GH6hDg9OvY94%3D&reserved=0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furl > defense.com%2Fv3%2F__https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2 > Fspasm_&data=05%7C01%7Cantonio.vaira%40siemens.com%7Cdce17b85daf248df0 > 3c808db03d30d86%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638107977 > 225684573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIi > LCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ppnQS0FS5qvKtaO7a > IE0Rw4nO%2BUAWN2GH6hDg9OvY94%3D&reserved=0> > _;!!FJ- > Y8qCqXTj2!esBnp7Nl7B1z9kQbd2Cr_cAnMTdMiIqi4_tPkbBohCOjROZnG7We > Ocu5HmlSVFHnbif3t0MFYttHiFf4DUHO8hDBsvLpjr-H6OgQtC7kZg$ > Any email and files/attachments transmitted with it are confidential > and are intended solely for the use of the individual or entity to > whom they are addressed. If this message has been sent to you in > error, you must not copy, distribute or disclose of the information it > contains. Please notify Entrust immediately and delete the message from your system. > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org <mailto:Spasm@ietf.org> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww. > ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=05%7C01%7Cantonio.vaira%40s > iemens.com%7Cdce17b85daf248df03c808db03d30d86%7C38ae3bcd95794fd4addab4 > 2e1495d55a%7C1%7C0%7C638107977225840808%7CUnknown%7CTWFpbGZsb3d8eyJWIj > oiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C > %7C%7C&sdata=lEUwNjLS%2BO5uBs9CJNCOIIUVVROtSftXWRdgIlL0nzE%3D&reserved > =0 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww > .ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=05%7C01%7Cantonio.vaira%40 > siemens.com%7Cdce17b85daf248df03c808db03d30d86%7C38ae3bcd95794fd4addab > 42e1495d55a%7C1%7C0%7C638107977225840808%7CUnknown%7CTWFpbGZsb3d8eyJWI > joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7 > C%7C%7C&sdata=lEUwNjLS%2BO5uBs9CJNCOIIUVVROtSftXWRdgIlL0nzE%3D&reserve > d=0>
- [lamps] draft-gazdag-x509-hash-sigs-00 Russ Housley
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kousidis, Stavros
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kampanakis, Panos
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kousidis, Stavros
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Vaira, Antonio
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kampanakis, Panos
- Re: [lamps] Auditing HBS state usage Mike Ounsworth
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Tim Hollebeek
- Re: [lamps] Auditing HBS state usage Scott Fluhrer (sfluhrer)
- Re: [lamps] Auditing HBS state usage Russ Housley
- Re: [lamps] [Pqc] Auditing HBS state usage Fregly, Andrew
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kousidis, Stavros
- Re: [lamps] [Pqc] Auditing HBS state usage Vaira, Antonio
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Vaira, Antonio
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Seo Suchan
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Tim Hollebeek
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 Kousidis, Stavros
- Re: [lamps] draft-gazdag-x509-hash-sigs-00 antonio.vaira@siemens.com