IETF Logo Mail Archive

Re: [TLS] [Ufmrg] Proposal: a TLS formal analysis triage panel

Bas Spitters <b.a.w.spitters@gmail.com> Wed, 20 March 2024 18:11 UTC

Return-Path: <b.a.w.spitters@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E3C8C14F60A for <tls@ietfa.amsl.com>; Wed, 20 Mar 2024 11:11:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Gf6DciyNFeY for <tls@ietfa.amsl.com>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E371C14F689 for <tls@ietf.org>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-513e134f73aso199645e87.2 for <tls@ietf.org>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710958265; x=1711563065; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=W9SIMVqucnHQPJrflJ7TAqM/My2RW4jQsG2QPpZUBNw=; b=UlZ1Y+nQgrVXM/gbIbQwoAWcW6ybfIBhDApg1IBtcPs26LJfdYEnw+ihfhFk8qtK0l c7PufxQ51wej4N/cd/dR4F5BXxerqzXcX9SfC0Ux0jfxW3mmcL+dxnarwsg/rv6TOeyc ye4sNTNvh0GRbsGYggga9en3Y8lHnBQcvkdX7zlDc7ze9zqMCYnzsrJYxszqNP/rBu4T JtOf0RxgYO7oS2aFp0teHJmhs0NtKMOuebMUKVNREjOaENfSYJDoJO5CZkiYiUEBzqPU D+ZGejwhdMEIHPu1DeIH9hT/sZ3qsUTvkArkfehRtnYAjmZ93nguhWXv99pV+MeiZMOw 3GLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710958265; x=1711563065; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=W9SIMVqucnHQPJrflJ7TAqM/My2RW4jQsG2QPpZUBNw=; b=AlFXiHrqAH4MKfMdp6FTpfHjLYK/suA+OzQOvfABTIYlEFAeKN5nGUCjKSEPMuGkT+ J5huO0VobvrnnQdgCqDahrzKvwivdvVipE1Y01GDDUQzgxEnN1RDn8DRAXxpjfoBbKQL hq4Ja400350UzrfSChHNrckDvSeYaPJRA29Zt6pLxrp+kYuHzJJWUW5NBZngR32wpQkv m5+eVttWgMIOY4WjqjrB1bSh+tGXlgpc4hr96AFj/D0hOfF+9TiKWTEKyuLnVNbGqSEp 1nl83RdSct/ndQfeoNdsy9bJhDU+pzKPjkXfen0PQRD+6HXd03844pfu4nA+7zAGCLD6 iWDQ==
X-Forwarded-Encrypted: i=1; AJvYcCWH3pltvbXOfFnH/e3ITW4wtHmVwwI51KrOrwmzyakfdtcbgpvLDaCp3as6f9fHMZb2o/vlYmZptl6AWVA=
X-Gm-Message-State: AOJu0Yx0nxEguu1fnE2FY3KRnsJGD9f2cXvCRps5eL8r/7H7NzeuDcap y6HqbQ64nM6zptawVa98XrOXnaPLinzzjMSAIK8jelkfWdp0/S/Qg0+5dup0LU8mKkLkSDcRFoo fDDt4K/P6iQBJmUs0RC66+YeP71g=
X-Google-Smtp-Source: AGHT+IFMx4CWFOGoFhlQ0p/sWy6qTxUxDBjCOxpBacsKHwY+EnCS6VQQxESBHHwlXshj5wHAHtVu517fIrypsmcvUaE=
X-Received: by 2002:a19:8c0f:0:b0:513:ec32:aa7e with SMTP id o15-20020a198c0f000000b00513ec32aa7emr4939382lfd.5.1710958264589; Wed, 20 Mar 2024 11:11:04 -0700 (PDT)
MIME-Version: 1.0
References: <CAFR824ywNTnWPstZsrW7S9PYH+thW9-9f2yP0j_SC_eenS3k7A@mail.gmail.com> <8aa7ee78-4ce9-4fde-97eb-2d81ce4563f0@tu-dresden.de> <CAFR824xymLEs==FiG021+sOJH0YHMzQqLMfhLg+aaqxoYr-Etw@mail.gmail.com> <3d4aeafb-7723-4575-90c2-a3aba8e90bf8@tu-dresden.de> <5a78ca01-fc19-4df7-ac60-42aee9d2e7ef@petit-huguenin.org>
In-Reply-To: <5a78ca01-fc19-4df7-ac60-42aee9d2e7ef@petit-huguenin.org>
From: Bas Spitters <b.a.w.spitters@gmail.com>
Date: Wed, 20 Mar 2024 19:10:51 +0100
Message-ID: <CAOoPQuS3avri=beszM440xjv1TgJQk-qzHN2NCQqgr2TQEKLPw@mail.gmail.com>
To: Marc Petit-Huguenin <marc@petit-huguenin.org>
Cc: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>, Deirdre Connolly <durumcrustulum@gmail.com>, "TLS@ietf.org" <tls@ietf.org>, UFMRG IRTF <ufmrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ObYk1N5FjdxYLmfDg76J6jR3gD0>
Subject: Re: [TLS] [Ufmrg] Proposal: a TLS formal analysis triage panel
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 18:11:11 -0000

Bertie is such a reference implementation of TLS in the hacspec language.
https://github.com/cryspen/bertie
When combined with the libcrux high assurance cryptographic library, I
understand it is efficient.

A Proverif backend for hax/hacspec (https://hacspec.org/) is under construction.
It may be possible to make a Tamarin backend in a similar way. This
would provide the requested interoperability.

Bas

On Wed, Mar 20, 2024 at 6:15 PM Marc Petit-Huguenin
<marc@petit-huguenin.org> wrote:
>
> [+ufmrg]
>
> On 3/18/24 9:30 AM, Muhammad Usama Sardar wrote:
> > On 18.03.24 16:56, Deirdre Connolly wrote:
> >> I do think a 'reference' Tamarin model would be useful.
> > Why should it be a Tamarin model? Why not a ProVerif model?
>
> Maybe it would be a good use of UFMRG resources to work on the interoperability between the models used by different tools, so a model can be translated between tools.
>
> >> It would of course only model part of TLS (1.3, for example) and only through a particular symbolic model/tool. And would require maintenance by...someone.
> >>
> > Are you expecting any major changes in TLS 1.3? If not, then I think the baseline formal model will not change a lot. So probably there is not much maintenance required. I think it is just a one-time effort to create well-understood and well-reviewed formal artifacts as a baseline, and then most extensions (for which formal analysis is signaled by the panel) can use this baseline.
> >
> > Also, TLS WG can work together with UFMRG to achieve this.
> >
> >> For the triage panel, I do think the preliminary triage is key: we'd ask a group of experts /if/ formal analysis (new or updated) is warranted /at all/, and if warranted, of what kind, what scope, if it needs novel modeling work, if it can build on existing work, or even if pen and paper analysis would suffice. I do not think there are any prerequisites to standing such a triage panel up.
> >>
> > Agree. However, the baseline for each "kind" (e.g., one for symbolic and one for computational and within symbolic, one for ProVerif and one for Tamarin) will still be helpful to avoid repetitive work.
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
>
> --
> Marc Petit-Huguenin
> Email: marc@petit-huguenin.org
> Blog: https://marc.petit-huguenin.org
> Profile: https://www.linkedin.com/in/petithug
>
> --
> Ufmrg mailing list
> Ufmrg@irtf.org
> https://mailman.irtf.org/mailman/listinfo/ufmrg

v2.23.0 | Report a Bug | By Email