[TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis)
Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de> Mon, 06 October 2025 23:35 UTC
Return-Path: <muhammad_usama.sardar@tu-dresden.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 894546E4B945 for <tls@mail2.ietf.org>; Mon, 6 Oct 2025 16:35:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=tu-dresden.de
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1lMnKnbKnRtb for <tls@mail2.ietf.org>; Mon, 6 Oct 2025 16:35:24 -0700 (PDT)
Received: from mailout3.zih.tu-dresden.de (mailout3.zih.tu-dresden.de [141.30.67.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 919106E4B935 for <tls@ietf.org>; Mon, 6 Oct 2025 16:35:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tu-dresden.de; s=dkim2022; h=Content-Type:In-Reply-To:References:To:From: Subject:MIME-Version:Date:Message-ID:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=J5GBW/U20tsiVLNt+1v/im7vDo7Be/5m6hugOi9ycn0=; b=uEttKtR4oxgVZ5RkmMeTdA13tf TyAAsp9F6ULTNqBdGaXb4nsi6K/+L3VbJ0BetMQQZ+40yaNqqvelbWGLIUlxKzwa9k2u1uq7hOQX/ BQS2L43KuFsi84EX1uoS9EV4p5CyfvzOLXl/qm6Ozrak5gPVKNnZlkEm5x3QmU84kYTsSyFNhLy6y Ga9jkA9xtTb/xrsmlY3JR587Rp0ZIldHE3hwJ33zXdvJJm9mNAOkfAzVdb/3gPTr7g6IGRosdws0e k31hgcqSv30EyR1ASHRzxRFl+pbJD1LNeDePbFVUp6m9+brEGNjSOHXd8bhFm2JQnEbzQ/aDoRSf1 hCVu963w==;
Received: from msx-t422.msx.ad.zih.tu-dresden.de ([172.26.35.139] helo=msx.tu-dresden.de) by mailout3.zih.tu-dresden.de with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <muhammad_usama.sardar@tu-dresden.de>) id 1v5ujh-007kpE-RK for tls@ietf.org; Tue, 07 Oct 2025 01:35:23 +0200
Received: from [10.12.5.228] (141.76.13.149) by msx-t422.msx.ad.zih.tu-dresden.de (172.26.35.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1748.37; Tue, 7 Oct 2025 01:35:12 +0200
Message-ID: <b9747a72-485f-4ee6-805e-0ece9991909d@tu-dresden.de>
Date: Tue, 07 Oct 2025 01:35:11 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
To: tls@ietf.org
References: <90bdd3cd-a5d0-4a82-b28c-2965536a7154@tu-dresden.de> <CADi0yUP27w+gcLvfWjn=+EqxfiWebFiyaNa1aUomVai8AUAU5w@mail.gmail.com> <f16029e7-33ea-449d-9a6d-936b649d30d5@tu-dresden.de> <b805cab0-1395-44cc-9dfb-8599e491226d@tu-dresden.de> <CABcZeBP_fqYBjUhNdEhZJcUorVYhAiTnP-2x6zqU9BQTs=Rm+A@mail.gmail.com> <42ac6c35-6277-4c64-a479-553edd70627d@tu-dresden.de> <CABcZeBN5UkzZesn+AoSObFqosisnOn6KnVfeTn=C3p-2yzBvxA@mail.gmail.com> <85357124-bb8e-4caf-9a41-94d3e51fe07c@tu-dresden.de> <CABcZeBNsOSshrpnw7GQvjEVUyF4CrcmxERqO1x3ucs=_EEJAow@mail.gmail.com> <f5f586af-c5a9-424f-ad0f-2a2142f55bf3@tu-dresden.de> <37f1cf14-d969-4219-954b-448e4f47264a@tu-dresden.de>
Content-Language: en-US
In-Reply-To: <37f1cf14-d969-4219-954b-448e4f47264a@tu-dresden.de>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms020702000802020905050708"
X-ClientProxiedBy: MSX-L416.msx.ad.zih.tu-dresden.de (172.26.34.136) To msx-t422.msx.ad.zih.tu-dresden.de (172.26.35.139)
X-TUD-Virus-Scanned: mailout3.zih.tu-dresden.de
Message-ID-Hash: 5ILWAIPTJ3EOB7VSBGKDOLCGYLHUDJIB
X-Message-ID-Hash: 5ILWAIPTJ3EOB7VSBGKDOLCGYLHUDJIB
X-MailFrom: muhammad_usama.sardar@tu-dresden.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/doJdJJTIxxNL9-OZTCJvP_wAscg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
I have consolidated my current analysis of the TLS 1.3 key schedule in this pre-print [0]. I have organized it as one section (1.3) independent of ProVerif and the other section (1.4) maps to it such that those with no knowledge of ProVerif can also see how intuitive the mapping is. Some of the PSK part is still a mystery to me. That needs a careful review. I welcome any thoughts or comments on how it can be improved, such that it can serve as reference formal artifacts for TLS 1.3 key schedule. I started work on provision of functionality of ExtendedKeyUpdate in my model but that is subject to precise clarifications [1]. In my understanding, ProVerif alone will be insufficient. I think it additionally needs a computational analysis, but I have no experience with that. -Usama [0] https://www.researchgate.net/publication/396245726_Perspicuity_of_Attestation_Mechanisms_in_Confidential_Computing_Validation_of_TLS_13_Key_Schedule [1] https://github.com/tlswg/tls-key-update/issues/59
- [TLS] Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- Re: [TLS] Key Hierarchy TLS 1.3 RFC8446(bis) Hugo Krawczyk
- Re: [TLS] Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Fwd: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Eric Rescorla
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Eric Rescorla
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Eric Rescorla
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Eric Rescorla
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar
- [TLS] Re: Key Hierarchy TLS 1.3 RFC8446(bis) Muhammad Usama Sardar