[TLS] draft-urien-tls-im-02.txt & test
Pascal Urien <pascal.urien@gmail.com> Sun, 12 July 2020 07:25 UTC
Return-Path: <pascal.urien@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 990C83A0E8C for <tls@ietfa.amsl.com>; Sun, 12 Jul 2020 00:25:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Us_rAygjhRBt for <tls@ietfa.amsl.com>; Sun, 12 Jul 2020 00:25:58 -0700 (PDT)
Received: from mail-vk1-xa2b.google.com (mail-vk1-xa2b.google.com [IPv6:2607:f8b0:4864:20::a2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53B893A0E8A for <tls@ietf.org>; Sun, 12 Jul 2020 00:25:58 -0700 (PDT)
Received: by mail-vk1-xa2b.google.com with SMTP id r7so2124711vkf.0 for <tls@ietf.org>; Sun, 12 Jul 2020 00:25:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=EXBJt5w9LQV6Fo8nleJj+8OyHOQL9BfaFFW/sazu4DA=; b=nU/XdmCER0QHPSMJ8JHVCuQ8JUGYyijEdab7wWcTXbWPY5jnkw+As10kPnf55Bh7xR VE6pD8KmPhYDGG0zJPhgfg8S4gYwmHDoIjTJsZs2QKxwCz0ZNnSeFd1JjNMEE0mHUCFg h7v+P3dd6NK8VfCgGJXbXvMjoYMvam9Qa7067HqFozKeJ1HZ7pQeUbFOnzGuQqPwPsot oZzD9LbD57g2dsM0EovnrfQ1v0bnc/PUVVbkTLMFbqV9LRnzsD8+QOJqvUBd0IMiMq5j CnlwMtjZd458v88dvQZp5D1hPdLdeRtVm5KsqwAzQaqvYd3BAOQlRSfdylRLvdLqruxo ubEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=EXBJt5w9LQV6Fo8nleJj+8OyHOQL9BfaFFW/sazu4DA=; b=F1fs3sdzuGHkxapsTQOcmGyWD2E4eHcWoqQL3N4N48SMIqU1LyOn0y6covaYB+IFoU NQ8GaMzsh7Vaf5lk5SBcqx+StwmcI4Uo1V5pB555LOdMXz1NE07kwfbDC/j/TSGYjRMV N/lW+lpzsPAV0AgsIOwPYOqWsaX6MyDSoT7F9rMYLoYid56Lh5WJI9lS7wrQ4KT0o8Ee zoxdVIaczBurGv159kRNPRwyNSlju6PiVHW81GEB6taxWx7DqiqLo/nV3lVdMXLh5V6w ToJ8KrGHhcKKEs4oO/PviTmw6h1VXyBLJadghYoPBMHs+y5IrHoCTvQm9hQFL2aEjtSh b8og==
X-Gm-Message-State: AOAM53268Zi9XxAsi+NCk8YDBNKdsKlD2UEsGOMnqfwcFmrnPNnZUiF+ KhP1dQocvbEhZ8c6mMwXj5KW+yIj7ETf5yGARwvxHLYtHWY=
X-Google-Smtp-Source: ABdhPJwSfLWcYouBTSURVL818pufHPtZaLWoxT+js3Dh2dr1BkMsqVTdHUa/0MGH6n0R9vlzpmt7m+T7RjOJivBsWPA=
X-Received: by 2002:a1f:acc2:: with SMTP id v185mr242396vke.18.1594538756945; Sun, 12 Jul 2020 00:25:56 -0700 (PDT)
MIME-Version: 1.0
From: Pascal Urien <pascal.urien@gmail.com>
Date: Sun, 12 Jul 2020 09:25:45 +0200
Message-ID: <CAEQGKXQnKn2nTe+EGo5WkHJy63k0a-Yyg3F-=-Xy8mCoHGeFGg@mail.gmail.com>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary="000000000000303a3005aa397cfc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vcUi-CDWQ51Uix2TvAvOkb3IBnY>
Subject: [TLS] draft-urien-tls-im-02.txt & test
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jul 2020 07:26:00 -0000
Dear All I tested the identity module for tls1.3, whose features and code for javacard 3.04, are described in draft-urien-tls-im-02, with the WolfSSL TLS13 stack. As many stacks, pre-shared key is available thanks to a callback that returns the psk value in clear form. I believe this is a bad practice from a security point of view. The main idea of draft-urien-tls-im-02 is to avoid psk exposure. In order to prevent hijacking, psk is only used thanks to dedicated HDSK procedures, based on psk value. >From a sofware point of view the identiy module requires a dedicated callback at several points in the TLS13 stack. Given this pre-requisite the draft-urien-tls-im-02 works and protects the preshared key. In the WolfSSL TLS13 stack there is a callback to compute asymmetric signature when certificates are used. The identity module can perform this operation (as described in draft and code) and so avoid the private key hijacking. This seems to be the common TLS13 mistake: private key is protected from eavesdropping but not psk. It should be great to test identity module at next IETF hackatons…it is easy to make an identity module with a commercial javacard..i can provided UART interface devices for embedded platform Rgs Pascal
- [TLS] draft-urien-tls-im-02.txt & test Pascal Urien