Re: [Teep] Use of AES-CTR in TEEP?
Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 09 October 2023 14:35 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FCE3C1519A8; Mon, 9 Oct 2023 07:35:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KmuXfjtRj1yr; Mon, 9 Oct 2023 07:35:46 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF42C1519A5; Mon, 9 Oct 2023 07:35:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1696862143; x=1697466943; i=hannes.tschofenig@gmx.net; bh=a+Fs7j0lkhQ0fD/wuRd2+DIPTtZHxjgZnh8lDQuDbZk=; h=X-UI-Sender-Class:Date:Subject:To:References:From:In-Reply-To; b=ECYR20MNVw1ltiZVwAO+F5PwicF50s9F4kgpQvnU6aptTY4o719wlF58GlSYtkUenuotPlDtCgZ eoI5p97+otv0C/0xxsy6YVBiGisrQnGG2yJM2cabshZ8XPiME2p3wDGRuQvvtLJht29d209e+A67a FEhCwlHPkAckDT5E7KTTvO7p7hbWzWi9x4R34/rUA+7897XOl125l1X+f4ub+IX0Jz30dL+sjSEU8 Fu1ZiAmg1RnXzZUXXfxnkvRUOMOrZp2Vz9e0g1syM97yrt3V/z7YizSJacSAb3TJ25V3ieXyaV7dX A7hvjuprVksRQLfmKaq+0fR1ie/S5dN8j5Mg==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [172.16.254.186] ([195.149.218.225]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1M5QF5-1qp1sQ3Bzh-001R5V; Mon, 09 Oct 2023 16:35:43 +0200
Message-ID: <488eb665-30fc-4be9-832d-0ccc8409db36@gmx.net>
Date: Mon, 09 Oct 2023 16:35:46 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>, "TEEP@ietf.org" <teep@ietf.org>, "suit@ietf.org" <suit@ietf.org>
References: <PH7PR21MB3878F05953BAF6113F429396A3C9A@PH7PR21MB3878.namprd21.prod.outlook.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <PH7PR21MB3878F05953BAF6113F429396A3C9A@PH7PR21MB3878.namprd21.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:uPpIxZx04qqfml2BMZnpZmJ0H7099e3j6VFtO7eTDaD+GWn0eFT P93tU2NWHCuDvBcMM3ONLrIYByR0cYZyjM/nYBaIUu7PHcksKjpK8V6vpH8rb5pIzVOiCls YJ1GTEnyK5oZyYZXhrQDcKF/M0V06L8VKiy9qAqBWT36R32rpFJf7xA/cIeHy8HnuNJx6Ai FBb0vzCPnkpWwsaky9OJQ==
UI-OutboundReport: notjunk:1;M01:P0:f3+1maFNKvE=;4euOD+uCG61jD7D5YWoXGhlst2n oAvLf3OZGasRUz5JuS0+UNmXJ8IpF6eyiIO14tBsD4LmyjMxzYy8YFDGhRhSKwITl2IFmUyl3 a8c2ceei/go+i/2ZKTvt9GfrhDVKmnWOd23Hbu8YsVARVFbS1S2NFwT97oUnXJ5lLEbzU5FrU B2teCy9lUInoSx1zG/gs7Lz+lF5dMAJaXYvTx/BEDR0YteN9Xpz5HbrwWgj1QPNmO4rGQORcx aWBdmbQE5Lu71l1dM5JOTDghOM9nnEZbMgkrbaisg2GP3BGW2NPO7VObwG7Vb+GCZoP85SxPQ nZpImBV+TKs/6a9ayBYXWZYO1xr3L/wu1I/cEGzWtVtP3f+/2UdnjR48SY6RZBwbF1MWnl6fZ xxpxfUmkG5Py5R/EbB6Aj+CAXwsFD+I5E1pT18MLk9+vrrhz/xYiyyRqInR/PyloqL/pqx2of 5asFZ7171zmGn0b9FnmoRlmxkYhGar12Z8vJo1v9qh6nGABaAOOcoE5l/BsOPKh92YjKxUEHZ 54YfjZVCV1jq53rMkhgxOQtpwkeA/HSAFQqQ59VS2LCojRWiRKZH9E2rdGLcgi20CGCG7x95q GWIYqih0oBAK65rLlhw9fOEdzX03Vx+Uye1ZO3UH6uHVPsHcd3katnuyxuNyUgf61F2z8DcNo eKtYwKpiwP+DlAkDnxAAwNYLzGoLaHAjOCYq52WC3FhzEaVuWwko7IOKkXw/VXmHopsB/bO+t u35iq7upA9y9k8uIAdPiUGJPLesuLyyMpc38fU9cj+YTNMhN7kKGZsbdQdTPCYSF78DQVAkJd hinPgjDKOb+wKMY80xRNHcoXTuO4KYxuwuJo/KLIr6aY/jCBClNZ38ulXyM3MlOln/erMYCRE axNxU0qSfFhJB9nRjTzhbKJJv4LCKmlKWAfg49FPP2hxog63fVA0FY+TfJpah6/knMB66uubj bbISp1N1ABP4oaTkAIlsJudWIE0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/eDScCmS_bTeB9lKjBO5v5yAGztQ>
Subject: Re: [Teep] Use of AES-CTR in TEEP?
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2023 14:35:48 -0000
We should create two algorithm profiles, one for firmware updates of IoT devices and another one for use with TA/config data update in TEEs. I believe these use cases are different enough to justify having two algorithm profiles. Ciao Hannes Am 06.10.2023 um 18:29 schrieb Dave Thaler: > In the TEEP WG, I believe we had consensus to reuse profiles from draft-ietf-suit-mti > in the TEEP protocol (not just for SUIT manifests). > > draft-ietf-suit-mti recently replaced the use of GCM with AES-CTR, and Ken filed > https://github.com/ietf-teep/teep-protocol/issues/356 > accordingly, proposing replacing GCM with AES-CTR in TEEP, which we discussed at > the interim last month. The minutes say at > https://datatracker.ietf.org/meeting/interim-2023-suit-01/materials/minutes-interim-2023-suit-01-202309111500-00: > >> Noting: #356, there are no objections to replacing each of them. >> Brendan: for the use case of SUIT (TEEP+RATS), using AES-CTR makes >> sense, but in general, this is not the right mode. >> * https://mailarchive.ietf.org/arch/msg/cose/9smwFXNpbd6Fci8-mIeaT2xPP-E/ >> * https://mailarchive.ietf.org/arch/msg/cose/0Dj5yp4mptZUBiw7FWb5PcXGJAg/ >> RH: APIs are not supposed to return any plaintext if the integrity check >> fails, so the ability to break the image into chunks is an important >> aspect, so that's why it does not fit into AES-GCM. > However, in a discussion with Hannes this week, he said >> We should not use AES-CTR mode in TEEP. The registration of AES-CTR / AES-CBC in COSE was done >> to support low-end IoT devices that use flash memory. It is not an algorithm that should be used in >> other places where not needed. I don't see a use case for it in TEEP > I look to others to provide guidance here... should we > a) make TEEP and SUIT diverge so that a TEEP implementation has to implement two different things > b) use AES-CTR in TEEP > c) add GCM back to suit-mti > d) something else because Dave is confused :) > > Dave > > _______________________________________________ > TEEP mailing list > TEEP@ietf.org > https://www.ietf.org/mailman/listinfo/teep
- [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Hannes Tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Tschofenig, Hannes
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? dthaler1968
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? Hannes Tschofenig