IETF Logo Mail Archive

Re: [Trans] Providing the history of STHs a log has issued (in 6962-bis)

Linus Nordberg <linus@sunet.se> Mon, 22 May 2017 13:49 UTC

Return-Path: <linus@sunet.se>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DBF112E04F for <trans@ietfa.amsl.com>; Mon, 22 May 2017 06:49:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.092
X-Spam-Level:
X-Spam-Status: No, score=-4.092 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (bad RSA signature)" header.d=sunet.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sjIhKdx5Dvjg for <trans@ietfa.amsl.com>; Mon, 22 May 2017 06:49:44 -0700 (PDT)
Received: from e-mailfilter02.sunet.se (e-mailfilter02.sunet.se [IPv6:2001:6b0:8:2::202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE127129329 for <trans@ietf.org>; Mon, 22 May 2017 06:49:43 -0700 (PDT)
Received: from smtp1.nordu.net (smtp1.nordu.net [109.105.111.32]) by e-mailfilter02.sunet.se (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id v4MDna28000466 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 22 May 2017 15:49:37 +0200
Received: from flogsta (smtp.adb-centralen.se [IPv6:2001:6b0:8:0:0:0:0:129] (may be forged)) (authenticated bits=0) by smtp1.nordu.net (8.15.2/8.14.7) with ESMTPSA id v4MDnWVS009475 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 22 May 2017 13:49:35 GMT
VBR-Info: md=sunet.se; mc=all; mv=swamid.se
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sunet.se; s=default; t=1495460976; bh=wJNLXShIFr6+StGgCEPQkCE7zkOyU13ks/3+D8Q9EPY=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=ejquaYZXKB91iaNwLe+E/yOymBrjVhmnj0uYcu5VMLAMwSDHflCjdaTRDO5hK7s4a gJKc/LFTE/YAtA3UcD0Qm90ZbuoRSV1Bw7iJ3uc8uHx+p8A62flKAdPerLu5sv8+BU a0q5wk9I1rCobfy0jflRo9o+hCoozTxI6RkloDY0=
From: Linus Nordberg <linus@sunet.se>
To: Al Cutter <al@google.com>
Cc: Eran Messeri <eranm@google.com>, "trans@ietf.org" <trans@ietf.org>, Andrew Ayer <agwa@andrewayer.name>
Organization: Sunet
References: <CALzYgEe+PbYJN6Zz4NnPXBnnhYCi8Op-WmSzFKGxRv+uf+b=sA@mail.gmail.com> <20170504082636.dd0212e34e17949eb69b2fed@andrewayer.name> <CAFDDyk93AcRsCTmt+EPO6VFn-Y4D8g1ETTdGuJrtVk3rH7Xnxg@mail.gmail.com> <20170504123447.41d957a88bd65417e714be78@andrewayer.name> <CAFDDyk-DyBObm2W96R1dZPET-CWwTnitmonkHV2oT+_GH4Gyew@mail.gmail.com> <20170505100910.f3da472d9ad71d1d540b8b62@andrewayer.name> <87lgq7j6a3.fsf@nordberg.se> <CALzYgEeXq0iwJTOfcRUQPR49=Xaqvd21nR=Tk5C884xyGehRuQ@mail.gmail.com> <20170516221717.c05a62d681ecd64322bdc682@andrewayer.name> <CALzYgEdgDSOTTL3BdBFCZCLmH6Z=c==m53d3KO-oKu2RFt4cqQ@mail.gmail.com> <CACM=_OdZy2wyNZo4GMtOSdmanzBhyw=SKr=DOOSS9h05V80arw@mail.gmail.com>
Date: Mon, 22 May 2017 15:49:50 +0200
In-Reply-To: <CACM=_OdZy2wyNZo4GMtOSdmanzBhyw=SKr=DOOSS9h05V80arw@mail.gmail.com> (Al Cutter's message of "Fri, 19 May 2017 18:44:31 +0100")
Message-ID: <8760gtvw5d.fsf@nordberg.se>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Scanned-By: CanIt (www . roaringpenguin . com) on 192.36.171.202
X-Scanned-By: MIMEDefang 2.74
X-p0f-Info: os=unknown unknown, link=Ethernet or modem
X-CanIt-Geo: ip=109.105.111.32; country=SE; latitude=59.3247; longitude=18.0560; http://maps.google.com/maps?q=59.3247,18.0560&z=6
X-CanItPRO-Stream: outbound-nordu-net:outbound (inherits from outbound-nordu-net:default, nordu-net:default, base:default)
X-Canit-Stats-ID: 0aTnpNBhD - 579dd72b1ea3 - 20170522
X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/JbFiwO90PjcYzXrEgh-Y7bFG5Fw>
Subject: Re: [Trans] Providing the history of STHs a log has issued (in 6962-bis)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 13:49:48 -0000

Al Cutter <al@google.com> wrote
Fri, 19 May 2017 18:44:31 +0100:

> On Fri, May 19, 2017 at 3:49 PM, Eran Messeri <eranm@google.com> wrote:
>
>> Following an out-of-band discussion with Andrew (summarized below), I
>> propose the following, to make progress on 6962-bis:
>> * Add get-sths as a mandatory API.
>>
> * Defer discussion on chaining of STHs to a follow-up document: It's
>> evident that we need to do more thinking about it. Since we have an STH
>> extensions mechanism, an extension including a reference to a past STHs can
>> be added in a later document.
>>
>
> In the ticket you said:
> "The problem it [get-sths API] solves is the lack of ability to verify that
> the log did not breach the MMD throughout its lifetime: A submission's
> timestamp is available via get-entries, but unless a monitor has observed
> STHs issued by the log around the time an entry was created for it, there's
> no proof that the entry was incorporated within the MMD."
>
> but you later acknowledged that a get-sths API without some extra sprinkles
> *somewhere* doesn't actually solve that problem because there's nothing
> stopping a Log from going back and creating a few extra "old" STHs to
> cover, say, a period when its signing infrastructure was down, which it'll
> happily return to you when you call get-sths at a later date.
>
> I admit I'm not really that familiar with process of defining RFCs, but it
> seems weird to me to add a mandatory API, which, as defined in the standard
> which makes it mandatory, doesn't solve the problem it was added to solve...

+1


>> It seems to me that STH chaining is set out to achieve a goal that's
>> different than how CT currently operates; I'm also not confident it can
>> achieve this goal. Because further discussion on both topics is necessary,
>> I don't think it's right to add this feature to 6962-bis yet or gate
>> 6962-bis on it.
>>
>
>> CT's current design aims to detect a single log presenting different views
>> (i.e. different trees) to different parties by exchanging STHs between
>> observers.
>> A variant with stronger security guarantees aims to have individual
>> clients have the entire STH history so they cannot be presented with
>> inclusion proofs to different trees at different times. Chaining STHs aims
>> to achieve that (as far as I understand).
>>
>> However it seems to me chaining STHs does not prevent a client, that
>> fetches STHs individually, from being tricked into accepting inclusion
>> proofs to different trees presented by the same log:
>>
>> A log could produce the following chain of STHs:
>> STH 1 with root hash Z, then STH 2 with root hash Y = HASH(Z ||
>> hash(entry_1)), prev_hash = Z, then STH 3 with root hash X = HASH(Z ||
>> hash(entry_2)), prev_hash = Y (assuming the tree size with STH1 is an exact
>> power of 2, just for simplicity, as the new root hash would be exactly
>> HASH(0x01 || Z || hash(new entry))).
>> STH 1 chains to STH 2 that chains to STH 3, but STH 2 and STH 3 each have,
>> as their root hash, hash of Z, appending a different entry every time (the
>> tree is forked at root hash Z).
>> To the rest of the world, the log would present a chain of hashes that is
>> STH 1 and  STH 3' - which has the same root hash as STH 3 but prev_hash = Z.
>> The client could not know that it's being presented with a chain of STHs
>> that are for different trees unless it has consistency proofs between
>> (STH1, STH2) and (STH2, STH3).
>>
>
>> It seems to me that:
>> - Clients still need to get (via push or pull) consistency proofs between
>> STHs and validate them.
>> - STHs still have to be gossiped for a single entity (monitor) to be in
>> possession of STHs that cannot be proven consistent.
>>
>
> The hash chaining is only a commitment to a claim of which blob is the
> immediate predecessor of this other blob, you still need to verify the
> correctness of the blobs in context, of course.
>
> At least for the monitoring-MMD use-case, it seems like a similar thing
> could be achieved by requiring Logs to also log their own STHs, even
> allowing for the vagaries of pending queues that'd put an MMD-sized window
> on how far back in time a log could create old STHs to cover up MMD-blown
> fails.

What about requiring logs to add an entry containing the timestamp of
the STH they're about to issue? This can be thought of as a "pre-STH"
and could also include the tree size of the STH to be issued (even if
that's implied by the entries position in the log) but obviously not
tree head, nor signature. (It could include the tree size of the
previous "pre-STH" as well, for efficient retrieval of all (information
regarding) STH's.)

A reason for requiring this is that it makes the log commit to each and
every STH it's issuing, helping clients to make sure a log doesn't
violate its STH frequency count. At the time of receiving the STH, no
less.

A reason for at least _allowing_ this is that it makes it possible for
log implemenations to not have to remember another piece of data across
disk crashes, network failures, etc. In our particular case, the only
data we can remember with certainty are submitted cert chains and the
tree, besides log configuration.

This can of course be combined with adding the whole STH, including the
actual signature, _after_ it has been minted and published through
get-sth, if that's useful.


> The monitors wouldn't then need a get-sths call (although if there were
> other use cases for that API then the results from it would at least be
> verifiable by monitors).
> A thought is that you'd then have the ability to query a Log using
> get-proof-by-hash for an STH you're holding to see if it can prove it was
> logged, I'm not sure if that's useful at the moment, but my Friday evening
> brain finds it amusing for some reason.
>
> The obvious next step would be to require Logs to log their STHs with a
> quorum of other Logs. Assuming all Logs are not collaborating, that makes
> it quite a lot harder for anyone to pull off split views, and of course you
> can now do the same get-proof-by-hash call for your STH on other logs now,
> if you didn't mind trying a a number of logs (or if you already knew in
> which Logs to look*).
>
> *perhaps the set of target logs for a given STH could be defined by some
> function of the day or week that the STH timestamp corresponds to -
> something which changes infrequently enough that Logs can't simply not
> issue an STH during that period or they'd blow their MMD - the intention
> being to narrow the set of logs you'd have to look in, but also make it
> harder to to choose colluding Logs.

Requiring STH's to be logged in other logs is interesting. It would
change a bunch of things for logs, like adding another configuration
item as well as require logs to make outbound connections. Possibly
neglectable, but in need of analysis also from an operations
perspective.


While useful, none of the above is strictly required for 6962bis in my
opinion.

v2.23.0 | Report a Bug | By Email