Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256
Hannes Tschofenig <hannes.tschofenig@gmx.net> Sun, 17 December 2023 15:20 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 039CFC15106A; Sun, 17 Dec 2023 07:20:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VaqBMyVVz7-R; Sun, 17 Dec 2023 07:20:20 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D71E4C14CE24; Sun, 17 Dec 2023 07:20:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1702826411; x=1703431211; i=hannes.tschofenig@gmx.net; bh=MX3FWWnJbuSmcXUtC6a/LWGeQVknT3g88Lq6MFXqahI=; h=X-UI-Sender-Class:Date:Subject:To:Cc:References:From: In-Reply-To; b=nmnhbZy7orqgi7lI2Xe03EtAwDoMpUGrEz7tUY/fx2jXZ0BtjJ89g6Rxzj2Sd2rQ oeIijIxhclQ5cU4VPJsmai/TXCVSUp4WWtDhuvp2aWkNnx3Di2jWDpD+li9DKfVmP o/knB0Upcv08rSdapZ7AhaBFvk4kAfi52JbSNVxvmPjYeSYVGc++QxDflkjta0OIS 4I7MbkmPZksj6RirUu0LM0jik6KlJ+v9LtrqH13pDbFBMO7nZzS1IIKS/QXU/XsDN +HQSnOJoTZHVr5cQ6cUFKxkM5QKkbdMESpltdKwFwCbxlR49Y/9djzMawcfbcvaw2 QLn+3p9EE5nwt/02WQ==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [172.16.254.186] ([185.176.157.173]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1M7K3i-1r7BIs3x9Q-007pCO; Sun, 17 Dec 2023 16:20:11 +0100
Message-ID: <731ab283-e078-4186-ae60-0725d0bf1356@gmx.net>
Date: Sun, 17 Dec 2023 16:20:15 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: "lgl island-resort.com" <lgl@island-resort.com>, Russ Housley <housley@vigilsec.com>
Cc: Akira Tsukamoto <akira.tsukamoto@gmail.com>, Brendan Moran <brendan.moran.ietf@gmail.com>, suit <suit@ietf.org>, teep <teep@ietf.org>, Ken Takayama <ken.takayama.ietf@gmail.com>
References: <08f701da2d9f$c043a6c0$40caf440$@gmx.net> <655A0104-EF30-42E4-862D-6D4D6E4FDDD9@vigilsec.com> <843e1218-8847-48cc-ada5-9b9cc50e17cf@gmail.com> <00ba01da2e6e$81f1f910$85d5eb30$@gmx.net> <9F676C9F-1573-4DBE-A12A-A9A63BC77014@island-resort.com> <65A259BD-75EF-4EAE-B255-29EBD1ABC319@vigilsec.com> <5E005DCF-86C5-4359-929D-A60DD1C703E1@island-resort.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <5E005DCF-86C5-4359-929D-A60DD1C703E1@island-resort.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:l9lS0lFoAyrbjIg/LxjF0WPowjcNR4QXU2MJFC55Sai595c5uSR 2lRoQPuKhvA9ktO8G+USmbcn3IyjZtXzy91yQl9+kDCZY2gVheH/M+PDYcjlYjdPrlWvciQ I3aEn9tEpoSJReUkp7MdrWpFFAtSBbCzCmgk+qyc4A+8ArhYznYMXgo7vUv9WOMIcpG1oQQ 8YajE8flOIQwu+QjIx0XA==
UI-OutboundReport: notjunk:1;M01:P0:pFlJabfvRA4=;KaaRk6EShfZiv+OiFSIVBeDipLg ONPjmi0acoTJTPcBs8Q50mk2ljDwoPsPhifiYlVwbg1CqRCgq21M9x1QLLra+3lGahAgjgIOJ dEkK92oImQNVS0jPIExxjLg3tqZBCoDEXfpc5fBE9/mPBIsia4T3NSIEPb0k6Tln7pKENzSTj RhN+19zG5BsbCFDs0bf8hXT351jNIk5lWTvnUsg8E92EkD0uo6latjOEaWkjh8IdojSMR/NZN vFySia0YRCz2jPJocvcouAvQvPZG8IPhvMvTDWVSdgHr9rGsrDx9zxEzfySpkT1bwWMi9GzKa guAJVb+uktFg58gEhDXoHo+ZkCtNV5Fl84ZSK13vpRB6FgQ8bquPhOy/dkMwm6uAax/mIfH2R hUSeMng/McvGnTYz2o2MsLWi52LjDZHIw7jthcc+iBxJPBtV6JejclOY9TDRGA5WPhz+lhunf 5dGo4IqO1fYcqYRDUR9E2eYz3HGLo4f8AIuJZGgbZUHKH5+f/B0JvZdouaqbMlYhmEhtuxLi9 6VoEJHVF1AZVsvJujWNzJpBoS/PUMtrvvAP8jZn1ob/oiG8jwJrJsBqDLWs3kIjCHldXd4kNz HqUvcH4FkB7wv9sr6ObhSMADo7hhGK6RgXm+uMiiTEwA4zEWJINbLr9EVR1EWnSqm5CsQhgZ/ eSigzusPhpHk0WJmrFFV/dZSNIkCG05VclliN5tYmXYbYDBkpGgqLIj9uM3HqZZuZ1WXP+oTE 0o6VxJo0W7OEQmzMlbQKE8N3Xu5zuAoKFrK3pVLkvFEqb1Q8wqVwbS+MA6yU7E3MQp9h1CtOe mQecpnWysgEVwJR1RjhIx9uQ+L68bBbcPiojg9tkrdO77smOB4dkJn8nzsJoqukF2K9keXhxi wpiTG5Mx1QMG9GPMR4qI12KEh4PzJWrWlRTQWH6CX7cWscKqlVN9ZC8kQ8mWpvG+scgUDTLMx cHLjEA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/JQ2gE3vzaL7BcKa3l9R9mPqzZa4>
Subject: Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Dec 2023 15:20:24 -0000
Hi Laurence, I believe these are two different aspects but it is, of course, worth checking it again. The algorithm input to the KDF context structure is something Ken and I coincidently discussed last week. Initially, we used the algorithm id used for encrypting the firmware image in the KDF context. Then, we changed it to the algorithm id used in the recipient structure to encrypt the CEK, which is A128KW in our example below. This reflected our reading of the COSE specification*. When Ken explored the use of ECDH-ES + HKDF-256, it was not clear anymore what algorithm id to include in the KDF context. *: The relevant paragraph from Section 5.2 of RFC 9053 is when Jim talked about the AlgorithmID and said: "This field indicates the algorithm for which the key material will be used. This normally is either a key wrap algorithm identifier or a content encryption algorithm identifier." Of course, this leaves room for interpretation because the keying material derived by ESDH is used twice, first to encrypt the random CEK. Then, the CEK is used to encrypt the firmware image. So, which usage of the key is meant here? Ciao Hannes Am 15.12.2023 um 04:14 schrieb lgl island-resort.com: > Maybe I’m wrong here (hope so), but AES-GCM is used with ECDH-ES + A128KW for the bulk payload encryption and the algorithm ID identifying it is not mixed in with the KDF context so the alg ID is not really protected. > > Will look at the referenced paper some more. > > LL > > >> On Dec 14, 2023, at 10:34 AM, Russ Housley <housley@vigilsec.com> wrote: >> >> Laurence: >> >> I am aware of a presentation about an attack against AES-GCM and AES-CCM: >> >> Roth, J. and F. Strenzke, >> "AEAD-to-CBC Downgrade Attacks on CMS", >> 8 November 2023, >> <https://datatracker.ietf.org/meeting/118/materials/slides-118-lamps-attack-against-aead-in-cms>. >> >> I am not aware of any attacks that involve AES-KW. >> >> Where can I find information about the attack you are talking about? >> >> Russ >> >>> On Dec 14, 2023, at 12:19 PM, lgl island-resort.com <lgl@island-resort.com> wrote: >>> >>> Note that there is a vulnerability in ECDH-ES + A128KW — the one that was presented in Prague. I think there are fixes, and it’s on my list to dig into it (IETF/COSE needs a full, proper and secure multi-recipient modern encryption format), but don’t have bandwidth right now. >>> >>> LL >>> >>>> On Dec 14, 2023, at 2:18 AM, hannes.tschofenig=40gmx.net@dmarc.ietf.org wrote: >>>> >>>> Thank you all for your quick response. From the feedback it seems clear to go for ECDH-ES + A128KW >>>> We will update the documents accordingly. >>>> >>>> -----Original Message----- >>>> From: Suit <suit-bounces@ietf.org> On Behalf Of Akira Tsukamoto >>>> Sent: Donnerstag, 14. Dezember 2023 06:29 >>>> To: Brendan Moran <brendan.moran.ietf@gmail.com>; Russ Housley <housley@vigilsec.com>; Hannes Tschofenig <Hannes.Tschofenig@gmx.net> >>>> Cc: suit@ietf.org; teep@ietf.org; Ken Takayama <ken.takayama.ietf@gmail.com> >>>> Subject: Re: [Suit] [Teep] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256 >>>> >>>> Hi Brendan, >>>> >>>> I am fine changing the MTI with ECDH-ES + A128KW. >>>> >>>> Akira >>>> >>>> On 12/14/2023 12:08 AM, Russ Housley wrote: >>>>> I think ECDH-ES + A128KW covers more use cases. It can be used with on recipient or many recipients. So, I'd like to see that be the MTI. >>>>> >>>>> Russ >>>>> >>>>> >>>>>> On Dec 13, 2023, at 3:38 AM, hannes.tschofenig=40gmx.net@dmarc.ietf.org wrote: >>>>>> >>>>>> Hi all, >>>>>> >>>>>> In the SUIT firmware encryption draft we have so far used ECDH-ES + A128KW, which is also what we implemented in t_cose to generate the examples. >>>>>> >>>>>> In a discussion with Ken today we realized that the SUIT-MTI draft has always used ECDH-ES + HKDF-256 instead. >>>>>> >>>>>> Now, the question is: Should we support both, ECDH-ES + A128KW and ECDH-ES + HKDF-256? >>>>>> >>>>>> IHMO we definitely need AES-KW for scenarios where we encrypt a firmware with a CEK once and then distribute that encrypted firmware image to many recipients. In this case, we >>>>>> >>>>>> * randomly generate a CEK, >>>>>> * encrypt the firmware using this CEK, >>>>>> * encrypt this CEK with a KEY unique per recipient with a KEK. The KEK is the result of using ECDH-ES with an KDF, as described in Section 6.4 of RFC 9053. >>>>>> >>>>>> >>>>>> For scenarios where we send one firmware image to one recipient we could use ECDH-ES + HKDF-256 and currently we have a little bit of overhead here by using ECDH-ES + A128KW. >>>>>> >>>>>> My preference is to leave the SUIT firmware encryption draft as is and to change the SUIT MTI draft to reference ECDH-ES + A128KW instead of ECDH-ES + HKDF-256. >>>>>> >>>>>> Thoughts? >>>>>> >>>>>> Ciao >>>>>> Hannes >>>>>> >>>>> _______________________________________________ >>>>> TEEP mailing list >>>>> TEEP@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/teep >>>> _______________________________________________ >>>> Suit mailing list >>>> Suit@ietf.org >>>> https://www.ietf.org/mailman/listinfo/suit >>>> >>>> _______________________________________________ >>>> Suit mailing list >>>> Suit@ietf.org >>>> https://www.ietf.org/mailman/listinfo/suit > _______________________________________________ > Suit mailing list > Suit@ietf.org > https://www.ietf.org/mailman/listinfo/suit
- [Teep] ECDH-ES + A128KW vs. ECDH-ES + HKDF-256 hannes.tschofenig
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Russ Housley
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Akira Tsukamoto
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … hannes.tschofenig
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Russ Housley
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Hannes Tschofenig
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Hannes Tschofenig
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Michael Richardson
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … Hannes Tschofenig
- Re: [Teep] [Suit] ECDH-ES + A128KW vs. ECDH-ES + … lgl island-resort.com