Re: [Ufmrg] [TLS] Proposal: a TLS formal analysis triage panel
Bas Spitters <b.a.w.spitters@gmail.com> Wed, 20 March 2024 18:11 UTC
Return-Path: <b.a.w.spitters@gmail.com>
X-Original-To: ufmrg@ietfa.amsl.com
Delivered-To: ufmrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6424BC14F60A for <ufmrg@ietfa.amsl.com>; Wed, 20 Mar 2024 11:11:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JywbGehX4Y0r for <ufmrg@ietfa.amsl.com>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C668C14F68B for <ufmrg@irtf.org>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
Received: by mail-lf1-x12f.google.com with SMTP id 2adb3069b0e04-513a08f2263so167575e87.3 for <ufmrg@irtf.org>; Wed, 20 Mar 2024 11:11:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710958265; x=1711563065; darn=irtf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=W9SIMVqucnHQPJrflJ7TAqM/My2RW4jQsG2QPpZUBNw=; b=H2eMbVCTuzIyk+RiivTRU6fcIy106Q5tdSc9eoBiOfkY4c+ekm/VPaHBC46WZwExK/ JV4i1+hsM/DWW0W8uIVnOHP67v2dLwDNPQaDV+4bO/KUOpTlib1ueaDYaDXdFr9U6vRR p9hRdDOJWtfyg4ox399798yZEy3h2Bta+hZb3NNBp68+f0kmW1w0eWW1H2d1G9SiGdVb aP1MZ8G67d9Ukv7tv3/s0yvlwfux5audoZHKoS1wbGsRdtuPrsvjg0snMGeOEJY6sVU3 CxBPTQefmsI/5SirLRNq2X6nuHjUTrIGaTiG/OOQRgLJ+VzMyFjENlC8N+20w7ILSoQ7 +akQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710958265; x=1711563065; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=W9SIMVqucnHQPJrflJ7TAqM/My2RW4jQsG2QPpZUBNw=; b=e16P0TBrXgNH/c8P11xmNOKLD1Z73wRuw3jWcHTE/6ixy0VWr90L237TczCi48ewQN aLSG9sdaiDg3ALvtc5vG+ePvFRgEudnMTf7Hg/Od91B1YNcQpVZ/xDyeWTfviTRBkAY/ fr902NLEaITtHjpYepfbN7F0Z9m+SaQISIwWJv1whXKOXOzPa99+IwBODfka3QP2S5zV NWwcEnPWeFEJJe7rBS2RAjCryfQmy58UtiBIwhhInBW4N/YUzOPy2zreFhS1MipxvQJt tANNRkqqd3zy1r2086aGR1UnefJygGvVjoH2bl0OC+jpamFX3B9wtvoHL9ZRtBXCIeUb LIDw==
X-Forwarded-Encrypted: i=1; AJvYcCW6iEysSPUXZUidb3KItkSyTKkNL1mREi4dCUuqUtz1nwTwJhoxp7rKXCAF3FC7mxaYrESSZ4kilZ5ENonqAA==
X-Gm-Message-State: AOJu0YzVpFOYAyL568BpBVqWkW5xsC0Z6ofDY8ZPBrogv9R6CZbvdUUw kXf6yKCsn/WPWoYUumfUWAxC0dMS3jCYvVJ5IpkW+cJCqBACpZ5JIoRO0D7MzW9zKNhecHcu3Mt jHDGfFqh7+AX4o5dLDABfOR/evMQ=
X-Google-Smtp-Source: AGHT+IFMx4CWFOGoFhlQ0p/sWy6qTxUxDBjCOxpBacsKHwY+EnCS6VQQxESBHHwlXshj5wHAHtVu517fIrypsmcvUaE=
X-Received: by 2002:a19:8c0f:0:b0:513:ec32:aa7e with SMTP id o15-20020a198c0f000000b00513ec32aa7emr4939382lfd.5.1710958264589; Wed, 20 Mar 2024 11:11:04 -0700 (PDT)
MIME-Version: 1.0
References: <CAFR824ywNTnWPstZsrW7S9PYH+thW9-9f2yP0j_SC_eenS3k7A@mail.gmail.com> <8aa7ee78-4ce9-4fde-97eb-2d81ce4563f0@tu-dresden.de> <CAFR824xymLEs==FiG021+sOJH0YHMzQqLMfhLg+aaqxoYr-Etw@mail.gmail.com> <3d4aeafb-7723-4575-90c2-a3aba8e90bf8@tu-dresden.de> <5a78ca01-fc19-4df7-ac60-42aee9d2e7ef@petit-huguenin.org>
In-Reply-To: <5a78ca01-fc19-4df7-ac60-42aee9d2e7ef@petit-huguenin.org>
From: Bas Spitters <b.a.w.spitters@gmail.com>
Date: Wed, 20 Mar 2024 19:10:51 +0100
Message-ID: <CAOoPQuS3avri=beszM440xjv1TgJQk-qzHN2NCQqgr2TQEKLPw@mail.gmail.com>
To: Marc Petit-Huguenin <marc@petit-huguenin.org>
Cc: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>, Deirdre Connolly <durumcrustulum@gmail.com>, "TLS@ietf.org" <tls@ietf.org>, UFMRG IRTF <ufmrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ufmrg/pEr48EgSudS3vsbFKfdeTgYa36o>
Subject: Re: [Ufmrg] [TLS] Proposal: a TLS formal analysis triage panel
X-BeenThere: ufmrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Usable Formal Methods Research Group <ufmrg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/ufmrg>, <mailto:ufmrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ufmrg/>
List-Post: <mailto:ufmrg@irtf.org>
List-Help: <mailto:ufmrg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/ufmrg>, <mailto:ufmrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 18:11:11 -0000
Bertie is such a reference implementation of TLS in the hacspec language. https://github.com/cryspen/bertie When combined with the libcrux high assurance cryptographic library, I understand it is efficient. A Proverif backend for hax/hacspec (https://hacspec.org/) is under construction. It may be possible to make a Tamarin backend in a similar way. This would provide the requested interoperability. Bas On Wed, Mar 20, 2024 at 6:15 PM Marc Petit-Huguenin <marc@petit-huguenin.org> wrote: > > [+ufmrg] > > On 3/18/24 9:30 AM, Muhammad Usama Sardar wrote: > > On 18.03.24 16:56, Deirdre Connolly wrote: > >> I do think a 'reference' Tamarin model would be useful. > > Why should it be a Tamarin model? Why not a ProVerif model? > > Maybe it would be a good use of UFMRG resources to work on the interoperability between the models used by different tools, so a model can be translated between tools. > > >> It would of course only model part of TLS (1.3, for example) and only through a particular symbolic model/tool. And would require maintenance by...someone. > >> > > Are you expecting any major changes in TLS 1.3? If not, then I think the baseline formal model will not change a lot. So probably there is not much maintenance required. I think it is just a one-time effort to create well-understood and well-reviewed formal artifacts as a baseline, and then most extensions (for which formal analysis is signaled by the panel) can use this baseline. > > > > Also, TLS WG can work together with UFMRG to achieve this. > > > >> For the triage panel, I do think the preliminary triage is key: we'd ask a group of experts /if/ formal analysis (new or updated) is warranted /at all/, and if warranted, of what kind, what scope, if it needs novel modeling work, if it can build on existing work, or even if pen and paper analysis would suffice. I do not think there are any prerequisites to standing such a triage panel up. > >> > > Agree. However, the baseline for each "kind" (e.g., one for symbolic and one for computational and within symbolic, one for ProVerif and one for Tamarin) will still be helpful to avoid repetitive work. > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > -- > Marc Petit-Huguenin > Email: marc@petit-huguenin.org > Blog: https://marc.petit-huguenin.org > Profile: https://www.linkedin.com/in/petithug > > -- > Ufmrg mailing list > Ufmrg@irtf.org > https://mailman.irtf.org/mailman/listinfo/ufmrg
- Re: [Ufmrg] [TLS] Proposal: a TLS formal analysis… Marc Petit-Huguenin
- Re: [Ufmrg] [TLS] Proposal: a TLS formal analysis… Bas Spitters