IETF Logo Mail Archive

[Teep] Scalability of nonce-based freshness

Göran Selander <goran.selander@ericsson.com> Fri, 12 March 2021 18:59 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1C1C3A1B67 for <teep@ietfa.amsl.com>; Fri, 12 Mar 2021 10:59:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.349
X-Spam-Level:
X-Spam-Status: No, score=-2.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.248, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qj4f45VVAGFE for <teep@ietfa.amsl.com>; Fri, 12 Mar 2021 10:59:43 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50054.outbound.protection.outlook.com [40.107.5.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 984313A1B66 for <TEEP@ietf.org>; Fri, 12 Mar 2021 10:59:39 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S9TipcosOIeH0Tr9nCnavv5lWeLIPjP7zOKWLC8fzNsLzNTVIVEgKTjEfO07nM0T/OQzWXXGKAilbxTlJj0hbvM+5QrDXZ023DqKC0iCpcMnlf+fI++CKkqjT6iYldqEaMKO3zCYarJXTZN6pcYC38+4sAXBeIbsb555OsdG80qVvI8kCtULvfCz7idoBxnKRgZQNSL8Kgm+toUjwIIejsE1v5pfbRgTgygiiRkEGT7Mh4uRiZ5nFMbJOhYvjHeSID3a57Ogot0Wn8Hw3wHGz49m3tevrYDWWjiYAx8vMokJLfMJtJCM4W5zkruDPTAcXP6p0pj4JxF37HGLkfidgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uBymMqZRKQEjy7tDIw3l0G6tzDskh3XxY69Rh9B276Q=; b=VWUt/Ss61t8HhHKWXmBI/rqKAfKDYbNpQyK/2kMl08KIELFp1SgNsE1uy4FeFi+vGlVIR7evCD2w2v21wq+zdjwcerxFq0UATi7XRJcwqk8E7a9hmxvmyLOYSz16GK0HhJf2FEx8tNnzK8mcBp510wx/IiCvbBbcTFn1meKkPJNZhrjiI5Q/zknNNy/8SHxuaV67aVC7Q+PS8eWJtQQ4GWJv9bUMbaHjv2/MF2mqvgvu7iBBJUgG6PgjCt6d1VzNqtmFejw3k2KnQ19m2yYuFnCh93n+Dy2xIVaTG3/Yhh7Qk789s7NjZjbYvVn7GrrrbPcKSKVCn/+/iiGp0dgZrA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uBymMqZRKQEjy7tDIw3l0G6tzDskh3XxY69Rh9B276Q=; b=iLf1F+Xg084uB1g5n7chCkRT7LAGa1N/RqL58GmbLfIiGNXOGS2tRP7JejnlVzy1dJ4ytBZ3J6E1HkjpNO337GJ8tKaasTmDj4i5JgLxgTy7JNVz4E37mY6YWcn9dk2MGP/0++lCEqu6xRHvp/96ZuMO9lfk/iTkSxpB+JzCDG8=
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com (2603:10a6:7:82::14) by HE1PR0701MB2219.eurprd07.prod.outlook.com (2603:10a6:3:2c::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3955.10; Fri, 12 Mar 2021 18:59:24 +0000
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::2887:d795:feec:2f59]) by HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::2887:d795:feec:2f59%7]) with mapi id 15.20.3955.011; Fri, 12 Mar 2021 18:59:24 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "TEEP@ietf.org" <TEEP@ietf.org>, Dave Thaler <dthaler@microsoft.com>
Thread-Topic: Scalability of nonce-based freshness
Thread-Index: AQHXFp7LzOC/ULqx40qTuwGO923w5Q==
Date: Fri, 12 Mar 2021 18:59:24 +0000
Message-ID: <DCCDB18E-DD58-4609-A5F3-8905C16275C0@contoso.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.48.21030800
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [83.249.67.87]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 79a632ce-27ee-4cfd-226d-08d8e588f3f5
x-ms-traffictypediagnostic: HE1PR0701MB2219:
x-microsoft-antispam-prvs: <HE1PR0701MB2219DA0E5D10236C135D56CCF46F9@HE1PR0701MB2219.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2ZqaQgESaI5DOJAxQclWX1onjxyB8UCI5dBUSi6BJW8ZThbPp5QubCdQtASx7T2+nXbP66xmhVRY6pU2lU+Dc98R1XWflSBHoGpGI67dPLdzHljmpCuy11J19IDXlN5+spPAbvRp5KaNDNqOt5+nwAzJfAELXDX+xELmFRJhEebfKuS5AXTTDa5L9Ren0wvoc52XDzfH7CJdgqDIef0zB24trQ2u6jRODC7UiWR3N/7eH41p9HwntNeKumTHORBuWjCWACsGKjk3p/Y+qdSUAGVaxMBPGVvM2FCIV6yYtSCqSKGu7Vc6ozInvPWXmPNlyMmQrksojzbjoVtjo8U8d+3uAMJ32ttw6pjR8peTkAk7QFNW4zsCIvybrmVWebIO+ktz7B2WydpiMwQTZd0Stjaaub4/sBbI5T2WPkjmc3xFlbZ7uq7JxcLoDY7nWu9AuDT82W2XgxLn+DTwmBUU6GhXt+iHoJiyi4JjNT+nlFPxx89XVNN+PqFuCCvpCVoRerIKD0G5281C35xJjsRZR+gso9+9uMxAW+/jFdqrdog=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3674.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(396003)(376002)(366004)(39860400002)(86362001)(9686003)(83380400001)(6512007)(33656002)(3480700007)(66946007)(85202003)(2906002)(478600001)(76116006)(6486002)(8676002)(85182001)(26005)(66446008)(316002)(66556008)(6506007)(8936002)(36756003)(186003)(71200400001)(5660300002)(64756008)(110136005)(66476007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ChajygYZpIlh5bcEl+uO5JI++YEiXt5Dk0qRKbkHc/3hWqgD9l8eQceStdy4/vC4hNnfjG1TNgIYzTivlUakz8JIxaWXmklLXw8VzqIji/ND0qqsZM/9lzIwHLS0Il129NuZkpEXcic/gbRmsu+yxvpFAD0Q7J+6HCcYHZdR8+A4znmzS5zp5mjrplNHSnschVKLSpmDlr3iYAe+5/O6qpPy6/Kby0PaaUqYWHnDWtP5aKbAnIRTMRDCYuu5PAobPlXvgM68hHT4LWQ9xOWltK18G8BwHeKVV8maCSGnC3rhSh04DukL2cGcNLpwHX4STwIUbXKVIrPG6OgmqcTWq607/Urb0qfW85mYr3rO6z+UGQnWOJpp2y9cdIe1UPGMNZPeZpviHYSpTa8GRDu5Tna59afvGYg1RN3Rn24wVK9udcYZj910r5I0lLUzjZEaVj/VMQWHeJeslabsOJcHueL299MNpUPuSmmNuu2AAzw+k5+iHeWxzJ/VT3FNTLV0wwaANkJRCi08n8nCRhpwo/adatVXjh4NJaiXTfOk4b6RPqioS1PR7DdczTQGT3LYBkqIlDmFNQ+ZYX8bqxkhVMoSDIJTxiMAE5UKYTsVNEM3Ww8YKb/rq5WEbYfvt8W4MOhqSB0dDhAmN0r1moxS5X+KDqu+OVsJj9ZdEgBb598xytmA7MTMHhipAHU/GEJz+dMbGCsLc+2UXAy+Cm8spJ4uDUcdR6uLo6b4WQp/pQZoODaafuZcMmJYQhH/W2fHz7k2+1f9WIBaZrumWeIsa6TRWtbHC6ZvTd+qp4R/JS3v3ucRUeXy0XPI/AgRAfLfBom/PeUw7AZdhxmyZy8+V1s4OVQju5zkUFrpL0S1ScYRJTz8pxBJhCP64zHG+Y8iAARlJSalboiXnZz0O62UUPlsdMYM7Z4pXSP7n110o/7kvImmeizEMinMssR1ZWHjqxMqAn1Wpv1IHB120qFHtDvpc8PA+rIdM9IAucwidw9xIDQgUYPdYpAN0kNdJfTEGvOVo6wOsaobT73xXP4dZqAGCK9Un4qiSZlrVAbp7Yf0Xlk6x5o73k123EV0PBwmXGF96rkyb+iKNW2KSBpCFuFgd52DIla5rZzbe1zUfix7uywZZ+TwU80wu6B2985wOU4iysgx8u+OG3tIEZ/q4s5twtmeJLe8qcyz7sw1USa/febWjDQ4B4mUV7xs0h1pDHuT2AwIpZendaOhq6nFFDmG+xlCICnmKltF1IRoRnISOA6gmJGn7FQWJfSX8EhqZf8TmvDekxkh0bZvvMJmKnVDWChGrp/SI6zvYQaKN5Qp6/GzkGyg6MnVBS3YRP6q
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <49DFA68DCBF16F429D427D3F770B14C8@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3674.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 79a632ce-27ee-4cfd-226d-08d8e588f3f5
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Mar 2021 18:59:24.2907 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: J9+uL2vAlZumKkKQ1m26TxQhMwtqP/sLle9SQj4awWZraYj7yr+b1RH+helVjoMeVNgefawM5xtC3+FMF79vCLCHyl3aMsRta8bMeX8z3sc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2219
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/clN7WRFgn4pbSdoLD4lisxm1Hj8>
Subject: [Teep] Scalability of nonce-based freshness
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2021 18:59:45 -0000

Hi Dave, and all,

Referring to the TEEP protocol presentation at the WG meeting, there was a discussion about the use of tokens and what method of freshness to apply in TEEP (slides 11-16 in the presentation).

If I understood right the main argument against the nonce-based method (slide 15) is the question of scalability: "Receivers have to keep state to remember each nonce supplied until it’s used" 

If I'm not mistaken, this condition on the receiver could be relaxed by the receiver generating nonces as encrypted time stamps. This would only require the receiver to remember an encryption context used to encrypt/decrypt the time stamps used as nonces. The encryption context can be small (say, less than 50 bytes for key, IV and counter) and doesn't grow with the number of TAs (but would typically be updated for each nonce generated, e.g. stepping the counter).

Note that the receiver needs a clock but it need not be synced because the time stamps are only used by receiver; once when nonces are generated, and then again when freshness is determined from the nonce received back in the evidence. Such a clock coincides with the assumption of this method according to slide 15: "Receivers need a clock to “expire” nonces, but need not be synced".

Perhaps this should be an input to RATS rather than TEEP. But since this seemed to be the main argument against the nonce-based method I just wanted to share my 2 cents to the discussion. 


Göran

v2.23.0 | Report a Bug | By Email