IETF Logo Mail Archive

Re: [Suit] [Teep] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256

"lgl island-resort.com" <lgl@island-resort.com> Thu, 28 December 2023 17:58 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3305C15171B; Thu, 28 Dec 2023 09:58:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RXGyAEUSf6QV; Thu, 28 Dec 2023 09:58:29 -0800 (PST)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2122.outbound.protection.outlook.com [40.107.244.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC63FC1516EA; Thu, 28 Dec 2023 09:58:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nYDnnHs7hQfa9AcdC3MTztVz6FtFSFQBsdwtsNOVnUCl0g5B6Cnwcznu+JLC9Z+h6I6VYJ2JRw37y+6cH7vMhplARX03DobBvBmsDh3098ca018kiJebpYSRyPQBrtn5Ey+a1eHWnAIKxTCbZW6HRJ4o7QLEORJ3AkZBfPbml3FUF6l5OoENBXfnolPHLFbxvtdgPQDRn5XLGphf9uwcGbEZXzfn3RFftG1E84v31tB5bx0V/MuUHPID4TFG6WNJy5gWemFnSZW4hMl1VqOfSFVXwsbrLxJSpEcrWCThfwnxaWl/v0pQ2AlxImGWcncF1Kqu6nIFKtlyg/p9UQnS0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+7Ddm/vIJfLeztRQA6OwQ3Xp4bnZF8D4c+R50MVBIHI=; b=Om9/xscuCMQm6hdjJ+LaDnhcbpLJI2QTSlHXEHr1lEEZHMFqOid1rMDO1rMNaKUNAQCNgeBvWMWqRpIz20ai9RfMP89b2zzEACWMV7HzCpYgGczQoVYSl12+26JJYPZOtq77Tuc9GvPu5o1cfh6ynkDR/8E+M/Q1m2vTQNPTF6lYiLniPAjiqM22gbjHGnodTeeaK86lWo5H+bsmERURD10qOo+gmmL4KKWTkktc79Gk67FjNH6RhHu1Nzf+bQsXt4v1njNjfN5yHWZT5FSWQK6H67tizIi9Dfqjqh+h0zoOGun838PDW8YGaF8Enzm9e9jveklu/dJHCqOvNFVw6A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by DM6PR22MB1865.namprd22.prod.outlook.com (2603:10b6:5:258::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.19; Thu, 28 Dec 2023 17:58:25 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::353a:75f1:88a7:5f90]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::353a:75f1:88a7:5f90%6]) with mapi id 15.20.7113.027; Thu, 28 Dec 2023 17:58:24 +0000
From: "lgl island-resort.com" <lgl@island-resort.com>
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
CC: Russ Housley <housley@vigilsec.com>, Akira Tsukamoto <akira.tsukamoto@gmail.com>, Brendan Moran <brendan.moran.ietf@gmail.com>, suit <suit@ietf.org>, teep <teep@ietf.org>, Ken Takayama <ken.takayama.ietf@gmail.com>
Thread-Topic: [Suit] [Teep] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256
Thread-Index: AQHaMPyLrfXX2YEdqUqw6OT+QV5e+LCtvTYAgAq4eACABpczAA==
Date: Thu, 28 Dec 2023 17:58:24 +0000
Message-ID: <3506EFA4-3956-4EB2-9174-3F20222267C0@island-resort.com>
References: <08f701da2d9f$c043a6c0$40caf440$@gmx.net> <655A0104-EF30-42E4-862D-6D4D6E4FDDD9@vigilsec.com> <843e1218-8847-48cc-ada5-9b9cc50e17cf@gmail.com> <00ba01da2e6e$81f1f910$85d5eb30$@gmx.net> <9F676C9F-1573-4DBE-A12A-A9A63BC77014@island-resort.com> <65A259BD-75EF-4EAE-B255-29EBD1ABC319@vigilsec.com> <5E005DCF-86C5-4359-929D-A60DD1C703E1@island-resort.com> <731ab283-e078-4186-ae60-0725d0bf1356@gmx.net> <76B7A923-CC43-45DC-B8BF-D03D95542874@island-resort.com> <06e13dea-6e69-4ef6-a496-ced908cfd982@gmx.net>
In-Reply-To: <06e13dea-6e69-4ef6-a496-ced908cfd982@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH7PR22MB3092:EE_|DM6PR22MB1865:EE_
x-ms-office365-filtering-correlation-id: 60407a96-18ae-40bb-829b-08dc07ce965e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MvRpjRKH9BKLbSqJ+Rd53+yQo8ZqcxOiPn0D/ZJoFFPxOaykZorbNjPMUTT6YOsioozbVpRxmebJZ1KxGrPIk3G/m179XXqJc2miBnMVP6zFJC6HfiUktAWqA06caoEf8U+syVFof98+g5QcC/DdQzqWMX1V458ihezQ2pQWICmk+u5FE7LkLqxwChVmpvWNc7+LzGv/p4EtjorhKRNEJZ7lvgzNp+KToF142F0CJg5bLevAk15YC6np3E/mBYiHebIgOumvqM6i2BYNtOe8crNxLmdNJOJqSNBsYkWi/z8EZ2KUDZpBt7tNr9altRaQW+GPotrBZ0+P1iRbM4rZu7RV6/5Fy9Ae3vCeQBr6kA0ZdVicZJ1gZ4/N8rzAVf6pN3jHJfqEiT84hYVmTdCxhdPu3Z2WJXsS93jweXHCYOqbuNbcMReSjxVIYikbBMgMEjw+Ak5SbZBjVgl13fvcX1MnjHwWdCZ6HxMlLu3fe/Gqz/1MVJ/i5Qd+bIqOkzgY6bjNOTIa0b4lLSF5v9Swxk9uDUKSYkEAaMlvjg3M2au5Atpx6QnHH2ARgiH3+qMisP3p9KHyblz/xZpWrCRP8vBSHd5LP9UiYb5ra70D5FqDuPlgU/vpMY/J4AT4Yo7hjldQRV99XRM1jJGRk/er9g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(39830400003)(376002)(346002)(396003)(366004)(136003)(230922051799003)(1800799012)(186009)(64100799003)(451199024)(6486002)(71200400001)(966005)(478600001)(38070700009)(6506007)(53546011)(41300700001)(2616005)(6512007)(36756003)(86362001)(33656002)(122000001)(38100700002)(166002)(83380400001)(26005)(4326008)(5660300002)(2906002)(316002)(66556008)(8676002)(66476007)(76116006)(66946007)(6916009)(8936002)(64756008)(54906003)(66446008)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 30iXUCCJ+BsylX+BoamP4NAiuMUfHMUi3XphBZhKnH3OfphDwVGAbtviHoRVst6FHwDkyJhrPRRgE2PZDQtsghCLpICgUtIonOBpwZXMAytJ69zT6XwH6OGO5CLf6Jgg4PIy689L8yB82yz39gWqdSJkFBNSN7hBDbn8Ld6pl3bQkH6H30McEUvraLj6CMdkWuVkJK5BKRNqvcsnhZro2YPjma64eYzuI3hPao8gTpovs5cwkQhYapp2y/wwRIt7Cwp5trNdjPOQBtEjBfnoLacdF3T4ymco9uBeb5zApJg6AshMasKgIqITMkLATRLnAwi5lWAZWA2yQBB6HboUL4dOnco96t4GmN2CBepHHVm6h/Vu0ad0YXSv4E9M+y9vmu3lOQ6De7VBsFZxGKpLKN//X8ggVWPPgoaGoFTGqq5Q36cCZOjK9vehLSTZh2LSZ/pm/xROj9sX6Lyb2LqZMBOCSk8adBCaz3cwneQo2/fJmhGldl4/j02VNfRWlV5WYp8wD5TPVQzbftDqzoSrdTs2acRle6rNyDaUOmwkXYybD5kjjLg4fK1oT9RBH6Wp5uaCDEBSFhAN1QqqR4NCMbJZMBd2eVNyaJ+X3G0QIytZPKNZCvcMDtG49e/u9w3Cvv19GkmhxYMTSf1nnJdfQPv4E8fVcbGOInND2bQCJOi/4d0AS3uDVVb3IuQxyon4r/qMchc4TEu4TmoFPT1ijPrt/X6TPP4O5vz1JSCt6ld8L8q3nTVz4gzgFPVD0FQphXGnjqgfz/O0cEz29VKLETRRUqDGZt2RKIRc+NboRKh1RCYzYNKPDDbAfDlGfsyx3ae+Ourr/KiAA4Jd5jylg67hpcHgleH2axp/J8UOJ1IQCEW9dOPf3MUDv2pVdxCKC4oX8Zpk39EpSPEmtcYDL0/hD2FnU10hUHyrfy2zMqXAJyFj3+5fViJSSdLobVdCg8q172VizONHeFTRmXrq/lDh3dEOt6OCG8Ll+FYOlJMXTffhQeA0/KxZvkbzHGROnwXYHN/73dSoMasghcOG5Mu1rF3DL8NEORNi3tXadMVS9jVUHqlFAI654rXQ/tp7tr2ph/wdK6LRY+A98QapJGzSkegqfCL/dUBpp7lTLFkNXOr0ROomSlRxm+LfzlctN+9PvGOAPeI9yF5JE6gPAFsG5ZvDJgDm9mu+8T1fVzNWzXU3Q/GVtKXLdivF9JIDva9GqVQq0t9KCbP6/ObEh4rxwdHXEMCaDxd35NLAeT/BJ2S3nA0QnI0hIsIvFoilIuaBCgw/oi07aTRB5DBjtKvYnuHNF67VYlTuOMPWsMUex3/RQ/YSar0FTMDk1vuZ2cKdufHvPR5vYnptoHAWCC+vdgtPiwVjsxKgwka/wp9muYP4L9n3owETyKJrNl52ZlVMxanisSKLJ4M71qkpY9G9okGD7m+yRZaaMtyZf+cRdDkKy50b/ANmiXjpT7PvaUaEwmz9++5QsjWylboeQY+37R5pRDrsUwwtiXNA+3GutOn+8hLTRQhRxmfob14/CHE07SSEkIV2a6vzS3f7S1MulJU7Pn4lqqTjuM8BoYFPhvUZtRx6eld21fRDn9FlwQSxxsZ91FX+8ldrdCxI8w==
Content-Type: multipart/alternative; boundary="_000_3506EFA439564EB291743F20222267C0islandresortcom_"
MIME-Version: 1.0
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 60407a96-18ae-40bb-829b-08dc07ce965e
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Dec 2023 17:58:24.7175 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: uxq7yehB1v5xLOiO7fqMBX/V7IsHjFBB1mNrPVkHXKo5juCt/nAjx5nHOqNttWYw8mEEdDDpJg1m1bkHZBPrLQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR22MB1865
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/kaybpiYLf3X0fXEMMfzBForrn7M>
Subject: Re: [Suit] [Teep] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Dec 2023 17:58:33 -0000


On Dec 24, 2023, at 5:19 AM, Hannes Tschofenig <Hannes.Tschofenig@gmx.net> wrote:


Hi Laurence, Hi all,

In draft-ietf-suit-firmware-encryption we use a two-layer approach, which means that there is

- a content encryption layer, and

- the recipient layer


For the content encryption layer we have included the protected headers in the Enc_structure structure with AEAD ciphers. The protected header may contain the algorithm identifier. In COSE, it is not mandatory to include the algorithm identifier in the protected header. For non-AEAD ciphers, the Enc_structure structure is not used.

Looks to me that all you have to do change the algorithm ID in the protected header from AES-GCM to AES. If the receiver is capable of processing messages with plain AES content encryption it will happily do so not knowing that it was AES-GCM in the original message. Since plain AES provides no data authentication the receiver won’t notice that the algorithm ID was modified. The protected headers aren’t really protected.

I haven’t thought this through deep enough to know how big a hole this is.


The delivery of firmware images is a one-shot message, if we ignore the possibility for conveying errors using SUIT report. The SUIT report, at least in my reading, would not give an adversary the information necessary for performing the attack outlined at https://datatracker.ietf.org/meeting/118/materials/slides-118-lamps-attack-against-aead-in-cms. It does not hurt to add a paragraph to the SUIT report draft saying that the returned information must not include decrypted payloads in case of a failure. In general, however, SUIT reports behaves like an oracle since it will give different responses depending on the success or failure of the SUIT manifest processing. It might be worthwhile to think about how to mitigate such attacks.

Yes, encryption for SUIT may be a use case safe from this attack, but COSE encryption should be safe regardless of the use case.


COSE-HPKE was mentioned in the mails below, although we do not use it in the SUIT firmware encryption draft. In the COSE-HPKE draft we use a one-layer and a two-layer approach. For the two layer approach, the situation is very similiar to my description above. The algorithm identifier is not included in the KDF at the recipient layer but it is instead included in the Enc_structure structure since the current version of the algorithm id is mandatory in the protected header. (See also the request to make it optional https://github.com/cose-wg/HPKE/issues/39).

I realize you can’t use HPKE for SUIT for a few reasons. I mention HPKE, because its design seems intrinsically immune. I think that is partly because of the design and validation process it used. Seems like COSE didn’t use as good a process.


So, what should we do? We could follow the approach Russ presented at IETF#118 and later described in https://datatracker.ietf.org/doc/draft-housley-lamps-cms-cek-hkdf-sha256/

His approach applies a KDF to the CEK and an algorithm id. The result is a new CEK, namely CEK'. CEK' is subsequently used for content encryption. This approach is generic but, on the other hand, a point solution to the specific attack presented to LAMPs. In his presentation Russ mentioned that we should/could include other information into the KDF but his write-up ultimately didn't contain that approach.

Alternatively, we could also include the algorithm id from the content encryption layer into the KDF already used for ES-DH and HPKE. This approach would not work for AES-KW.


Here is the part that worries me a bit: We keep changing the KDFs on a frequent basis and the KDFs used for the different algorithms are not well aligned across the different protocols and "container" formats. I have dropped a mail to Paul Van Oorschot asking him for feedback since he was the first one to come up with the class of attacks we are talking about here.

For me, the next step would be a document that is much more prescriptive on the use of KDF’s in COSE encryption. It probably will need to have something new to say how all algorithm IDs in all the COSE layers are input to the KDF. It might be standards track.

Then we need to review and debate and revise thoroughly to be sure we really got it right.

IMO, it is unfortunate, particularly for SUIT, that COSE encryption published in 9052 and 9053 isn’t quite complete in this area.

LL

v2.23.0 | Report a Bug | By Email