Re: [Teep] [Suit] Use of AES-CTR in TEEP?
Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 12 October 2023 06:59 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A72A4C151061; Wed, 11 Oct 2023 23:59:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.103
X-Spam-Level:
X-Spam-Status: No, score=-7.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E_ixDW8AS-bA; Wed, 11 Oct 2023 23:59:17 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36027C151065; Wed, 11 Oct 2023 23:59:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1697093955; x=1697698755; i=hannes.tschofenig@gmx.net; bh=PLimub7i/0vjPdJV48ywNvUKz10fl7xxQvmHjNxygss=; h=X-UI-Sender-Class:Date:Subject:To:References:From:In-Reply-To; b=saZRtNydjHUg2uKmciJbezKw0VU2ERNwH5jDyWr9psmf5CWcgXuOiOObqIfBpZUKk1/ZpVNHy/b TdvPS+NDr6jrjpafqmhWwWpQmA2vNTVtwDt/VvQKYI6MogryU5AlG3Xeor9q68R6WFH/E36UrWDkc St3F5AOjwl5ERK3cjuYpIXbUE+D5007rS5JYVJVX2SWYlForAAiXz/aHd6FtEFVbbeNt6XAvYSWlm ax/F4EluIY1UDg/itlD6yyIBYRNt4EwT17TPd+n0+Ab8bZjdsvRV3S6qBkITHTabW4FdZq2Y2ee3n LILZacAQSjb03ao2O+2LLks+4TG7TZMTLgAw==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [172.16.254.186] ([195.149.218.225]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M8QWG-1qvDNr1648-004Wm2; Thu, 12 Oct 2023 08:59:15 +0200
Message-ID: <e277af40-96b2-4a4a-8627-fa72fa7d3637@gmx.net>
Date: Thu, 12 Oct 2023 08:59:17 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: dthaler1968=40googlemail.com@dmarc.ietf.org, "'Tschofenig, Hannes'" <hannes.tschofenig=40siemens.com@dmarc.ietf.org>, 'Dave Thaler' <dthaler=40microsoft.com@dmarc.ietf.org>, teep@ietf.org, suit@ietf.org
References: <PH7PR21MB3878F05953BAF6113F429396A3C9A@PH7PR21MB3878.namprd21.prod.outlook.com> <488eb665-30fc-4be9-832d-0ccc8409db36@gmx.net> <PH7PR21MB387889BB6C524006BD889B07A3CEA@PH7PR21MB3878.namprd21.prod.outlook.com> <02e701d9fb3a$9bf15660$d3d40320$@gmx.net> <PH7PR21MB3878C1969D2493B0FAF140D9A3CDA@PH7PR21MB3878.namprd21.prod.outlook.com> <034801d9fba3$8b38d960$a1aa8c20$@gmx.net> <PH7PR21MB38789801F26D624F00EB588EA3CDA@PH7PR21MB3878.namprd21.prod.outlook.com> <AS8PR10MB74273BFE98E73F945178E498EECCA@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM> <000b01d9fc48$6ee7a520$4cb6ef60$@gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <000b01d9fc48$6ee7a520$4cb6ef60$@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:j61aYPr3z3qNdT5AQc2FeilCq59kAKokV17dv3IPFEkSfkKdQcq zqb721+df1i0kxBmJla2J4+4pnb6K9Y+FoMCqRXVaDzd8rhan49ZXUU6oiOMMEY7yJ6Q/aD mQE91KcwAVFaTcFbDso0cTgCybkupfjXGORzQJXSErnkZnzGWo5ZILn+tkxHytL8R+vDgCS bxst0hDCQChJlthum/3Eg==
UI-OutboundReport: notjunk:1;M01:P0:6juKdpCWqt4=;Ti6F8AcQZ5WkTQD8bf7Rqxq/twv 2it7q8kxfX+Zs6lMhSi4N8j24OdMzn97CYUwBkuUs4x/d85iEK3CiCXZ+r4nH1OsPFuWphAF9 i0EkY4WBMjyDiF+ZVgjZeCAT+9g6gx+F9zNy0XWwp+t+cyPfxZVnx3xwQUIYvA17KbG4+ZOit 0eq0rkYD2D8lZ8tpsm53/nt7pbLB1LxPI71yphadGOYmgUnLLZvbxz89ABUzN4+3ElrzgIg/P bkCatwtRPa4WSswzdehb7G4XmzawC5j3ps9JuG8+TG7rCqp06a4YFFCvB4nSMVGGv6FdpysdW FwUb/JTT/tB4rKYWs67BjQOAMNuK81JRvwLaui0kGGuTouOma+IKPG9LaNVJbCxcdluuCGHHU 8m2lZUSdVf5v8wd/fZgZFtPo6SKLquz0Ag3BPg3wnFGx4tPepkA2+UpbJQYpjEXV18FUV6q02 k4nYZw77b5mTfasx2n3qh9Qs/p2AcYsiCx5ZDk8YeMBPwJGa7C/TRuef3gwmtb/TfzSAZsrsV XabDyzcUSZsEOwcjbPM76hKzZiXG3GfYSg3LsaG6v34fbYUeHJVtp1wp8eNWnkvO0gNMviXFK lV3UCKjpNwyKGgjKPy/rV/84/dCmY7zz4+zHJrRjEqqNfQzgSN44DSkK9zFycPcvyEWl7rcfc yoeLb5DuckHcodniPEpzaBL+FPRe1sKr4Frws8zXKGCyF1x53NVnERN2WZEnvQ28wgO/xENCX 2ekrj9bjDbN4QJdN32a2XnVMTb6x9xBPZrpq4ADGR2viv+jP7qqaizJi8IuIuejCV+Yz/vu7h Gy8oXfi1lZJmAowPIJc9jbB6Shnn8ZOftvlD6FVyv6e/XhZQawUtuqnVU/hiLsnluPAgOe28C 4lcMrl7PaaNpXdNQjYBFFJlJeOFBR6ecW4dLOdlB+xbIWn1A+RuoOLPozC0lKu5DNsKch8W0V Fn22DthIJ0JvNHGaoR/Xo+uOZUs=
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/BdHfKqlED3HeMeBzYJIC7D2uJUs>
Subject: Re: [Teep] [Suit] Use of AES-CTR in TEEP?
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2023 06:59:21 -0000
Hi Dave, yes, at a minimum "GCM (or another AEAD cipher) should be used for any SUIT manifests for NON-constrained devices". There are also cases where the use of GCM is fine for a constrained IoT device. For example, imagine a device that copies the binary first to RAM before executing it. Of course, you could argue whether this is still a constrained device when it has enough RAM to hold the firmware image... Ciao Hannes PS: Using TEEP to manage firmware updates is, of course, possible. In my prior work LwM2M was used instead (with different properties than TEEP). I would be interested to hear from others who are planning to use TEEP in such a context. As more TEE-based IoT devices are out in the market, I could imagine that this becomes a viable strategy. Am 11.10.2023 um 15:39 schrieb dthaler1968=40googlemail.com@dmarc.ietf.org: > I think using TEEP to manage firmware updates on constrained devices is a > perfectly valid use case. > > When I *think* you're arguing is that GCM should be used for any (not > specific to TEEP) > SUIT manifests for NON-constrained devices, and draft-suit-mti should say > so. > Is that what you're saying? > > Dave > >> -----Original Message----- >> From: Suit <suit-bounces@ietf.org> On Behalf Of Tschofenig, Hannes >> Sent: Wednesday, October 11, 2023 1:40 AM >> To: Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>; >> hannes.tschofenig@gmx.net; teep@ietf.org; suit@ietf.org >> Subject: Re: [Suit] [Teep] Use of AES-CTR in TEEP? >> >> Hi Dave, >> >> in my view TAMs are not going to manage firmware updates on constrained >> IoT devices, like microcontrollers, and hence they don't need to support >> algorithms that are specifically designed to take issues of those > constrained >> IoT devices into account. Of course, I would be interested to hear whether >> someone is planning to do this. >> >> I am wondering whether it is better to create a new draft that lists the >> algorithms for use with TEEP (to avoid confusion with the classical SUIT > use >> cases). The algorithms in draft-ietf-suit-mti are fine for the IoT use > case. I am >> not arguing about that. >> >> I hope it is clear what I try to avoid. I dont' want developers to use > AES-CTR >> (or AES-CBC) for use cases it was not designed for. If you can use an AEAD >> cipher, you should do it. Here is what RFC 9459 says on this topic: >> >> " >> This document specifies AES-CTR and AES-CBC for COSE, which are not >> AEAD ciphers. The use of the ciphers is limited to special use >> cases, such as firmware encryption, where integrity and >> authentication is provided by another mechanism. >> " >> >> >> Ciao >> Hannes >> >> -----Ursprüngliche Nachricht----- >> Von: Suit <suit-bounces@ietf.org> Im Auftrag von Dave Thaler >> Gesendet: Dienstag, 10. Oktober 2023 20:36 >> An: hannes.tschofenig@gmx.net; teep@ietf.org; suit@ietf.org >> Betreff: Re: [Suit] [Teep] Use of AES-CTR in TEEP? >> >> TEEP requires TAMs to support all MTI algorithms and allows Agents to pick >> among MTI algorithms and may be constrained or not, support crypto offload >> or not, etc. hence the allowing of choice. >> >> If I understand correctly, you're arguing that a TAM must support both CTR >> and GCM, and an Agent can pick either one, and the suit-mti draft should >> specify both profiles, did I get that right? >> >> Dave >> >> >>> -----Original Message----- >>> From: hannes.tschofenig@gmx.net <hannes.tschofenig@gmx.net> >>> Sent: Tuesday, October 10, 2023 11:00 AM >>> To: Dave Thaler <dthaler@microsoft.com>; teep@ietf.org; suit@ietf.org >>> Subject: RE: [Teep] Use of AES-CTR in TEEP? >>> >>> Sorry for the confusion, Dave. I have hit the "send" button a bit too > fast. >>> It should, of course, read "This adds no new requirements to >>> constrained IoT devices." >>> >>> Ciao >>> Hannes >>> >>> -----Original Message----- >>> From: TEEP <teep-bounces@ietf.org> On Behalf Of Dave Thaler >>> Sent: Dienstag, 10. Oktober 2023 19:41 >>> To: hannes.tschofenig@gmx.net; teep@ietf.org; suit@ietf.org >>> Subject: Re: [Teep] Use of AES-CTR in TEEP? >>> >>> Hannes wrote, regarding draft-suit-mti:: >>>> I would like to have a new profile added that defines >>>> suit-sha256-es256-ecdh- a128gcm for use with TEEP. >>>> This should be the default profile for use in TEEP. >>>> >>>> This adds new requirements to constrained IoT devices. Constrained >>>> IoT devices should use one of the other 5 profiles already defined. >>> Did I read that right, you want new requirements for _constrained_ > devices? >>> Your last two sentences seem to contradict each other, so either >>> there's a typo or I'm not understanding. >>> >>> Dave >>> >>> _______________________________________________ >>> TEEP mailing list >>> TEEP@ietf.org >>> https://www/. >>> >> i%2F&data=05%7C01%7Channes.tschofenig%40siemens.com%7C345c31b461 >> 654c65 >> e7bf08dbc9bfd29d%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C >> 63832559 >> 7948766603%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIj >> oiV2luMzI >> iLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hB93IuYuq >> pSRS1GW >>> Op9zCxAxzhwR7vhGXuRvKbW%2BCCU%3D&reserved=0 >>> >> etf.org%2Fmailman%2Flistinfo%2Fteep&data=05%7C01%7Cdthaler%40micros >> oft.com%7C71df398b41a948f442ec08dbc9baab47%7C72f988bf86f141af91ab >> 2d7cd011db47%7C1%7C0%7C638325575811642807%7CUnknown%7CTWFpb >> GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6 >> Mn0%3D%7C3000%7C%7C%7C&sdata=z%2BA0%2FHZQ7v%2Bi97e4R%2Bz7H >>> qXwLE9q%2Bq93mb%2BNTXLtF%2F4%3D&reserved=0 >> _______________________________________________ >> Suit mailing list >> Suit@ietf.org >> https://www.ietf.org/mailman/listinfo/suit >> >> _______________________________________________ >> Suit mailing list >> Suit@ietf.org >> https://www.ietf.org/mailman/listinfo/suit > _______________________________________________ > Suit mailing list > Suit@ietf.org > https://www.ietf.org/mailman/listinfo/suit
- [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Hannes Tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Tschofenig, Hannes
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? dthaler1968
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? Hannes Tschofenig