IETF Logo Mail Archive

[Suit] draft-ietf-suit-firmware-encryption-02

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Mon, 25 October 2021 15:35 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 280F73A0940 for <suit@ietfa.amsl.com>; Mon, 25 Oct 2021 08:35:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=khrJL0ZD; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=khrJL0ZD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e-9QqJ3AcL87 for <suit@ietfa.amsl.com>; Mon, 25 Oct 2021 08:35:22 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50056.outbound.protection.outlook.com [40.107.5.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 806643A0905 for <suit@ietf.org>; Mon, 25 Oct 2021 08:35:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AfCXByrS0P7QTNZ//M9NU6/jiBNLlmg9qqFJb+lii0w=; b=khrJL0ZDd9DOSpg/EwqlQnHio7L7Kf5aju/K9Mib/ekqsaZt1tzxsdMpYhWa5PndhqArK7wV9+1e3iCJ/nu4x3P7MDOtOFJkxUccAoTYB1i8Y+h3iSTlr9UEJ/rhAv+J2y9XOqb54r6t4pHnJs0Z0vaYHxrruqHCWEJrTAN77oA=
Received: from AM6PR01CA0045.eurprd01.prod.exchangelabs.com (2603:10a6:20b:e0::22) by VI1PR08MB3934.eurprd08.prod.outlook.com (2603:10a6:803:df::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.18; Mon, 25 Oct 2021 15:35:19 +0000
Received: from AM5EUR03FT011.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:e0:cafe::b6) by AM6PR01CA0045.outlook.office365.com (2603:10a6:20b:e0::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.16 via Frontend Transport; Mon, 25 Oct 2021 15:35:19 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT011.mail.protection.outlook.com (10.152.16.152) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.18 via Frontend Transport; Mon, 25 Oct 2021 15:35:18 +0000
Received: ("Tessian outbound a8bfe25d7364:v103"); Mon, 25 Oct 2021 15:35:18 +0000
X-CR-MTA-TID: 64aa7808
Received: from 0bd445d7f403.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 210FF03C-A04E-409F-9A42-6BF3DAD20C8C.1; Mon, 25 Oct 2021 15:35:12 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 0bd445d7f403.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 25 Oct 2021 15:35:12 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dmkuc9VVLc5psVCZ5Tz/0YGBT5nkQOUo92C+L4dqiaZaTNp1k9INzvjaWkBpyG8N2OH0l8EmBxtEMCbv6rY0qHrfG4NE93Rj73WDVBZIaXlOQcnPV4RLTAU/l6hUzpjjnymEzvttDmeCFM1b4bStQBIz/D9pwXVYkb6AvoyF62N38D0w0LDvNMSoACYqMy4HhGXVv4lTg2+JO3EO//fPuqOM/lasxn+x1237VclF/R5/mhVZNg8i3gwaGX9CjKtKpuxgRYrDxSkciS5uWsv5SfGGdOTcxSmhXRM+0C4M0/h4nyyTn+gCQOotDXN3McgmEOjybVChwN1Q8+4w2Qj3eA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AfCXByrS0P7QTNZ//M9NU6/jiBNLlmg9qqFJb+lii0w=; b=KMw73Ve9wSAb6aWCGwLQKQXEKyix//mYGKqg0jYvxOZH/hl7hEO/iW0fPuelfaRHeTNIx/eL2Ihfcj46icD5t5lgSZXZc6sRSRTXb3UtIVHi4KV9u0o+UfX3U1YGt1XNi5pRZ9zarotbUOLVIzmJ7jFOUSucBr7KEM5x3wmnDZ8KPfmqn7RWwPoyVd9RScyz6UhiZqpbjyjDEMldayGmVGKMllPeHnnZ5IW+XslDPTiYt4dk7jVSERD3BlIwi/fYGwahA224wXdj3spgbvr1iYvWYm6DGigx5ccIXpfjQzn7e/l6+ZEnhstj/K94+1otTyYn+ej1NjAkqFu+Iv24AQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AfCXByrS0P7QTNZ//M9NU6/jiBNLlmg9qqFJb+lii0w=; b=khrJL0ZDd9DOSpg/EwqlQnHio7L7Kf5aju/K9Mib/ekqsaZt1tzxsdMpYhWa5PndhqArK7wV9+1e3iCJ/nu4x3P7MDOtOFJkxUccAoTYB1i8Y+h3iSTlr9UEJ/rhAv+J2y9XOqb54r6t4pHnJs0Z0vaYHxrruqHCWEJrTAN77oA=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by DB6PR0802MB2536.eurprd08.prod.outlook.com (2603:10a6:4:a2::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.16; Mon, 25 Oct 2021 15:35:11 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::4514:95de:c5e0:ddbe]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::4514:95de:c5e0:ddbe%8]) with mapi id 15.20.4628.020; Mon, 25 Oct 2021 15:35:11 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "suit@ietf.org" <suit@ietf.org>
Thread-Topic: draft-ietf-suit-firmware-encryption-02
Thread-Index: AdfJr2XanyIcV4HLThaAVyng14xMuA==
Date: Mon, 25 Oct 2021 15:35:10 +0000
Message-ID: <DBBPR08MB5915DBA6D7BEFCC8A76ED04DFA839@DBBPR08MB5915.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 679CF383E729984D8A6022DB2FFDD45E.0
x-checkrecipientchecked: true
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 327ed3b7-9dad-466b-8035-08d997cd0ca1
x-ms-traffictypediagnostic: DB6PR0802MB2536:|VI1PR08MB3934:
X-Microsoft-Antispam-PRVS: <VI1PR08MB3934A500AEBDB9B36A9C33EFFA839@VI1PR08MB3934.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: ksjY8BCLmrdlSS02BlTRsUv2v/5IXdjD7LvWA3yBnzYX0tEhchz6AHwInjBXzSEEH7xqpN28R5gknhK8izKj3pBNqJYF5Z/Y24m4C36z3RDy2xg74iXQM4jtBFokx1EIavVXwvXMp6MdyQZ4KGFdtypDL3DooX18yftTIeopKNcHucmsVzTkQ8knIYG5AWJeoAg3/ZxO+rzHEOtsHvtr6WTIo52UmBSHSih1UdTFD1xq2VP8pvAtM+U9HeqvFUd+HE1u5CsJMCpWtd/bqkqdYm/Pgh2PVg04Mo08p3bXAGuBQKOiPHYXfBRTgMymCy8Ugg+TQqzGBCruFIwE2pHCyjEfkU2UjheSzzbabXwnyDEPaBSiS3ymPBWnZX7HEUNstRzPCklVB2EpFk47OLi1EA7N3z9fHjmC9gYaGRyBtTB2Aag2IPX2L12942G/+xtfTJ28nrIl1VOiUhZqUvv0DsXG55sCl3Dx5HSepAuneJECUa9Jl2u8B1UQ0XU/Of2C58ZmKUnLSLZ/5JrWRITzC1H+mLIMla3gbvGcxJZrhp2QSJOEsv69/wSYV5A0d1jXDeeSx6UIKDyfCmhdSAKPnAFkAPF4P1tt+l60l/4jRA+mTFBp/ABGwOjtfA/xhcgtQMDfrLIoWLax7601gHXcv8hu0ZNdTJaFSHjL14R7Fbv257Cp+vC5NUrh4yyzsMo0C/sT/PuHT0SYL38BZVdlvupwh+kPIOIDLp0tpbtEPksTwJt0l3qBfKiY3yVlJLtt3l7GQrh2bnq0lw1MRrsUC+fVy35Yb6j0du/cR3iz7c8=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(55016002)(76116006)(66946007)(508600001)(966005)(52536014)(4744005)(5660300002)(166002)(8936002)(66476007)(66556008)(64756008)(66446008)(9686003)(33656002)(71200400001)(8676002)(6916009)(86362001)(26005)(38100700002)(316002)(122000001)(186003)(83380400001)(38070700005)(7696005)(6506007)(2906002); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_DBBPR08MB5915DBA6D7BEFCC8A76ED04DFA839DBBPR08MB5915eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0802MB2536
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT011.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 49f64d82-8984-4eed-5c15-08d997cd082a
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: cbnaTgzGHRcQ1rlaEws9xwHlDasl22JGZnsHBBp2YatYxsVnxruAQTkdL2JvpaYrnt3crXPDvwkvr5wkWYs5+E1NY1zLAMXuwVo3PSzOcrH4asRiHjqN1wEEYsCOcu6PBEsFNUBI3QLxu1A2+QRXyjdMrhFgzsoeXbJOhgp4fCYYjQdnOcvoPpeEVsMLfBlpDmtGIMb47KHToeozQAFJaAE8KfDgBN/2vMGmdLG00wZegqCe19NQ/OOqB7H0Iiu6YSGI2rNgijqvjf9rGVZk/WjsXSQqo2X3sOZ5PaCM4OS7z2sRvO7l1pWof+zHwwl01xgp+nK/wSJaIYuBN2uEOAVwQ9ORgHMLiIWyW6grCh25KHoMYxybKDSZ9Dz2ReijG0ECm1xjYFSe+cnTU2cPM7DF7q1hy0hDzsL8Mlz35A12e7i3B/rWkFASnBXbvPcA3rmHPEIsw1BzIxnwUbEjBdbvLlbtccTW7Y/Bm5lBE5budUfpfzavhqaQfwIwpxjBtji5lNJzge7p/duM4oWQ4u90v1httZzqQNjpKsjriUH50xle7QIIavAjS4fqWvZq7wbECmYUGvL/p7R+0+mO+ndCKA1VAI8Sy3rBij3+gl7ulriBBqnf3QIyb51gpmY6DVWLozV1RyCYmhIUlPtYcj4hAKsCXkl7rH/HasqWeqjt9yFVb2WEtBVytqXQ6Hp2sxE+NEpLTlNyN+dXtnSLaHERXMKO3/SxmdiKlLvBz1wKbnFqvjNCfQACRwqXNtNmwgixIBkrSlBr++hHMwccGw==
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(36840700001)(46966006)(8676002)(36860700001)(81166007)(6916009)(6506007)(166002)(316002)(966005)(33656002)(55016002)(7696005)(336012)(2906002)(5660300002)(508600001)(52536014)(70206006)(26005)(186003)(70586007)(82310400003)(47076005)(83380400001)(9686003)(356005)(86362001)(8936002); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Oct 2021 15:35:18.5066 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 327ed3b7-9dad-466b-8035-08d997cd0ca1
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT011.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3934
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/3A0dT-3w2Ih_sfYu3jC6cTrpzYM>
Subject: [Suit] draft-ietf-suit-firmware-encryption-02
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Oct 2021 15:35:27 -0000

Hi all,

I have just submitted version -02 of the firmware encryption draft.


As a major change, we have moved the generic COSE HPKE content into a separate document <draft-tschofenig-cose-hpke-00>, as discussed at the last IETF meeting. Here is the link to the COSE-HPKE: https://datatracker.ietf.org/doc/html/draft-ietf-suit-firmware-encryption-02

We have also included new content addressing open issues from last IETF meeting, see https://datatracker.ietf.org/meeting/111/materials/slides-111-suit-firmware-encryption-01

The new content focuses on protecting the encryption info in the envelope and the battery exhaustion problem.

Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.8.7 | Report a Bug | By Email