[Unbearable] Removing explicit public key crypto from Token Binding

Nick Sullivan <nicholas.sullivan@gmail.com> Mon, 03 April 2017 02:15 UTC

Return-Path: <nicholas.sullivan@gmail.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B5A1126DCA for <unbearable@ietfa.amsl.com>; Sun, 2 Apr 2017 19:15:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vbwwf0YTm1rq for <unbearable@ietfa.amsl.com>; Sun, 2 Apr 2017 19:14:59 -0700 (PDT)
Received: from mail-vk0-x230.google.com (mail-vk0-x230.google.com [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7376B127071 for <unbearable@ietf.org>; Sun, 2 Apr 2017 19:14:58 -0700 (PDT)
Received: by mail-vk0-x230.google.com with SMTP id z204so123611435vkd.1 for <unbearable@ietf.org>; Sun, 02 Apr 2017 19:14:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=jCECSWXEukNTiqBBOIaxhzSbFF/5RgbjaphFbQOjAl0=; b=nymRFK1bNW+Ic4JNgbkjvZoqfDqXsmAsDasc3vMPSdiov6+liPedKTRJahGcAavoH/ rUp0GWCoGjVx9ors2f487p6Tf5lKK9hTbkIClkjoTu5QoyX4ZG6Qhsvb7aW7ToPoQ7nZ 1DVakZRyYTHdAl2elXzGeNoSxG9/OxcpNeOHG/xxtnA0Dg1ovgMZPTkpD7EJH2R4sN0K pvIBuTZvF0Df2zBuBtAMWYXpPK8Eezy3zWAB68IjuVvDeSMj2q/Oixi9SrIuTuOr+T+6 OvzgxdbezJkmf2Kn4bmIjJu2SqOHECOE9whnBlGgxFFtqqZVTPGt+wlYKkhaoKIGz15v I9nA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=jCECSWXEukNTiqBBOIaxhzSbFF/5RgbjaphFbQOjAl0=; b=fgLyyDxMj5CdWSwtQ/+DSUSMDwfpIdLS009pGE97eTKtg98TmA28mslat4h94LzZ9E whb5hPSDneZrDd7Ss7aERbpS5ekf54/JmM9Bx+VAwhP5nid2gSgSXcQjvgumvL05pIha C8ca14TelFcA2nFmfNhHccS1rQXxuyYDv0pwUTbmNzsjIrXvi6PkLFOQrXVegv7Zm7c9 9LSIhHWD0UxjhZKG2ultvzy3/MYyMD4+9sXEACN+F/GbMkkvRYC/9sVa0X7qEvT2aZ7B pe6ilby08SnCYkPT/9UQp4hNX5n00Zhk6w61KV+v/fFeXHLlnvs20gzyQ6nCahWAg0y/ edsA==
X-Gm-Message-State: AFeK/H2OcfvLzcFCbakn913R8PV4DNVpuyvBWGYvqOwJdR/hUatbJrKwKU/QZ/7xuRClrXLnkDlSgdr0jv/qkg==
X-Received: by 10.159.55.142 with SMTP id q14mr5386032uaq.40.1491185697487; Sun, 02 Apr 2017 19:14:57 -0700 (PDT)
MIME-Version: 1.0
From: Nick Sullivan <nicholas.sullivan@gmail.com>
Date: Mon, 03 Apr 2017 02:14:46 +0000
Message-ID: <CAOjisRyCx1RJ=2nJw_sVuJdh9f_ZdV+EF77MY4sM=wm20LXZVw@mail.gmail.com>
To: unbearable@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c041276cb027f054c39b916"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/jlAqKlkvTgWiVa5ABLGNcEBm81U>
Subject: [Unbearable] Removing explicit public key crypto from Token Binding
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Apr 2017 02:15:02 -0000

Please pardon the timing of this review, I know it's not fun receiving
critiques and large suggestions so late in the process but I think there
are serious issues with the Token Binding Protocol draft that should be
discussed.

The introduction of public key crypto at the application layer seems like a
major downside to the current Token Binding Protocol draft. We went through
a similar design in the Secondary Certificate Authentication in HTTP/2
draft, and learned a bunch of lessons that could be applied to Token
Binding. From these lessons, I have some suggestions that could result in a
much shorter draft that is less complex and will result in a lower
maintenance burden going forward. Long story short: I think the explicit
public key crypto pieces should be removed from this draft.

First, let me spell out some of the downsides of introducing public key
crypto to the application layer:
a) Public key crypto is hard to do right.
Historically, applications have done a bad job at handling public key
cryptography. You don't have to look far past the recent curve point
validation issues in JWS libraries to see this. Exposing "low-level" APIs
like digital signature validation to applications is best avoided if you
want a secure application. For example, things like asking an HTTP server
to properly seed the randomness in an ECDSA signature expands the scope of
what developers at this layer are used to dealing with.
b) Maintenance burden.
Every new signature algorithm to be used here needs to be added to the new
IANA registry. Every time this happens, this document needs to be updated.
Which working group is responsible for updating drafts to add new
algorithms or remove compromised ones once TOKBIND is over and we're
discussing post-quantum signatures? This document is already behind the
curve by supporting P-256 instead of the CFRG-chosen signature algorithms
ed25519 and ed448.
c) It's done better elsewhere.
Correctly defining how to do public key crypto in a draft like this seems
duplicative of other work. Defining the tricky part of actually binding a
public key into TLS should be done with the support of those who have
experience with doing this wrong and learning from their mistakes, like the
TLS working group itself.
d) Layering.
This draft in particular is bound the semantics of several TLS extensions.
Not only does the application need to know the result of the token binding
extension, it needs to know whether or not the extended master secret has
been used. Depending on the correct calculation of a master secret is an
esoteric point that applications may forget to enforce.

Channel-ID is problematic because it introduces additional complexity at
the TLS layer and introduces privacy issues. Token Binding improves this by
putting the messages  at the application layer, but at the cost of also
bringing the public key cryptography into the application. Is there a
middle ground? I suggest there is.


Here's a proposal: rather than defining the signature algorithm and the
binding to the exporter at the application layer, leverage the TLS library
itself to do the binding. This can be done with Exported Authenticators (
https://tools.ietf.org/html/draft-sullivan-tls-exported-authenticator-01)
The basic idea is that the application provides a private key and
certificate to the TLS library and the TLS library returns a binding of
that certificate to the connection called an "exported authenticator". This
opaque binding can be transported by the application from one party to
another. The receiving party can pass the exported authenticator into the
TLS library, which returns the certificate if it's valid and bound to the
current connection.

Under the hood, the exported authenticator looks like the triplet of TLS
messages {Certificate, CertificateVerify and Finished} with an exporter as
the handshake context. It maps very closely to what Token Binding is doing
now, but eliminates the need for public key crypto in the application.
Instead, the application layer just needs to pass around opaque blobs that
can be decoded by the TLS library into certificates.

To be more concrete about how this could work for the Token Binding
protocol, a self-signed certificate could be used in place of the
TokenBindingPublicKey and the exported authenticator could be used in place
of the TokenBinding. The tokenbinding_type and extensions could be embedded
in the certificate as X.509 extensions. Or application-defined TLS
extensions. I don't know the exact right mapping, but it doesn't seem
difficult to define.

My proposed change would bring the following benefits:
- signature algorithms support would evolve with TLS libraries rather than
with application libraries and updates to this document
- the "token binding key parameters" registry would no longer be needed
- several pages would be eliminated from this draft
- no public key crypto functions added to applications that don't currently
use public key crypto

Nick

P.S.
This proposal also has the interesting benefit of allowing token binding to
be symmetrical. Both clients and servers could created token bindings.
Currently the same exporter is used for both so there's a possibility of
putting server token binding in the place of client token bindings.