[TLS] internet of secure elements

Pascal Urien <pascal.urien@gmail.com> Tue, 29 June 2021 09:51 UTC

Return-Path: <pascal.urien@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 910AE3A2D7B for <tls@ietfa.amsl.com>; Tue, 29 Jun 2021 02:51:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ujjmjyEDnHJ6 for <tls@ietfa.amsl.com>; Tue, 29 Jun 2021 02:51:31 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 038603A2D77 for <tls@ietf.org>; Tue, 29 Jun 2021 02:51:30 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id l24so2322757edr.11 for <tls@ietf.org>; Tue, 29 Jun 2021 02:51:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=4Emy3ut8fF2boXuZxZLsnwp6xWXqkvAx73PlmxGWlGk=; b=JCeypj8e4o/8mOK6e/86JvLExlJpFRdiejX77dCQu6PU5B/h2ZSaNXuJRXoZPdVNKh iabUYKbzgMTHXOUtJ+oWDRSGBQlcTggZEZEwdoCZOW1R+uzqwu2zyMBSTrO5g8tYnjWu LERy91wzlwLVSqcbR622ZQc2cJ1LMNBJYtWFb5E/eiS7Bzd/NvOH+RQnn9Vj4MFgoCf9 DB+tZxw7KmoVWqDICVejESPx75jAVPL2v+wxzDnON+5e7XF/AUgIXY4BU/ZUONIOQMx3 rg46u7U5Sgu3TKdBH4AmVI+Xjo7UxliMwmU56jOi0bzMfNwUtmTShGR33gl2iugqT47g zgzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=4Emy3ut8fF2boXuZxZLsnwp6xWXqkvAx73PlmxGWlGk=; b=K8evlnT5vZtv6K+9ytw440yBL7nf3br0MaGJQxnk77SNYH7EQhqzaCNKg3XYTiyIPU Nu2IELa9t6LrDlPrms2dEX++qi+x2qpqqIycPiALGrfPC2GXQU+O0kOGC6Qd/irh8xLJ yp5k8CPe0HXMaxW2H4sCA5wSnKMFljCROSmlE3APkXKNYTrE3Tt2eZ2QDUKpN37+J4GD +QvsVDVwA2cDzuagOGUaNGaQIjg1nSTni4elwY23MZu4ixxo03yL2LxK4Qp326qcaJKI zpAanqWZV/NuP02K/T4WrnVkFrWecwjJGkXP4upSvUec0Bg/GXfPsaHH/aZTriZmVp7L 9eIw==
X-Gm-Message-State: AOAM532xYoWSQmQXbNnqlMkrJbiaEhuNYp9ogfnpc50n8RN1dhuyRALx PdtiUiQTe64Yq1vUe8vfoSeBGVSrInofvfHFyHNuHZuxcmwXpQ==
X-Google-Smtp-Source: ABdhPJwSayPeMLDJXgOOVN6A+g2BH1TgN4ljbx5pUIAISxfTTj5tLfZuTWFCEeSDs1tlMx4UWivdS2ch547/PkqVXhQ=
X-Received: by 2002:aa7:c618:: with SMTP id h24mr31799073edq.89.1624960288578; Tue, 29 Jun 2021 02:51:28 -0700 (PDT)
MIME-Version: 1.0
From: Pascal Urien <pascal.urien@gmail.com>
Date: Tue, 29 Jun 2021 11:51:16 +0200
Message-ID: <CAEQGKXRSJf0iTirGE=69UwY8Pz8ML8fHrOvMCLsfvdQHQb6dPg@mail.gmail.com>
To: TLS List <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c65cff05c5e48c4f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2ZFxhn5ci-AoRGgRA-CCAKotW48>
Subject: [TLS] internet of secure elements
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2021 09:51:36 -0000

Hi All

The project "internet of secure element" (iose) aims at providing to
internet users storage and computing resources, with high security and
trust levels.
See https://datatracker.ietf.org/doc/draft-urien-coinrg-iose/02/
I am looking for interested people to create this open infrastructure.

Secure elements currently have an Evaluation Assurance Level of EAL6 (for a
max value of EAL7), their memory size is about 100KB, and they compute most
cryptographics  algorithms in less than 100ms. Furthermore they are able to
process TLS1.3 protocol in about 1000ms

The idea is to deploy secure elements embedding TLS1.3 servers, TLS-SE,
see https://datatracker.ietf.org/doc/draft-urien-tls-se/02/ )
whose access is protected by pre shared keys. TLS-SE servers are identified
by server name (SN)
In the service plane trusted resources are used thanks to dedicated URIs
The administration plane, which performs application downloading in secure
element, could be based on the RACS protocol
See https://datatracker.ietf.org/doc/html/draft-urien-core-racs-14
Open code for TLS-SE secure elements
https://github.com/purien/TLS-SE
Open Code for TLS-SE servers
https://github.com/purien/keystore
Open code for RACS server
https://github.com/purien/racs_0_1

Pascal Urien