< draft-urien-coinrg-iose-04.txt   draft-urien-coinrg-iose-05.txt >
Internet Draft P. Urien Internet Draft P. Urien
Intended status: Experimental Telecom Paris Intended status: Experimental Telecom Paris
Expires: April 2022 October 4 2021 Expires: October 2022 April 3 2022
Internet of Secure Elements Internet of Secure Elements
draft-urien-coinrg-iose-04.txt draft-urien-coinrg-iose-05.txt
Abstract Abstract
This draft defines an infrastructure for secure elements over This draft defines an infrastructure for secure elements over
internet, and features needed for their secure remote use. internet, and features needed for their secure remote use.
It describes a network architecture based on the TLS 1.3 protocol, It describes a network architecture based on the TLS 1.3 protocol,
which enables remote calls of cryptographic procedures, identified which enables remote calls of cryptographic procedures, identified
by Unified Resource Identifier (URI) such as by Unified Resource Identifier (URI) such as
schemeS://sen@server.com:443/?query schemeS://sen@server.com:443/?query
The Internet of Secure Element (IoSE) is a set of secure elements The Internet of Secure Element (IoSE) is a set of secure elements
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 2022 This Internet-Draft will expire on October 2022
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License. warranty as described in the Simplified BSD License.
Internet of Secure Elements October 2021
Table of Contents Table of Contents
Abstract........................................................... 1 Abstract........................................................... 1
Requirements Language.............................................. 1 Requirements Language.............................................. 1
Status of this Memo................................................ 1 Status of this Memo................................................ 1
Copyright Notice................................................... 2 Copyright Notice................................................... 2
1 Overview......................................................... 4 1 Overview......................................................... 4
2. About Secure Elements........................................... 5 2. About Secure Elements........................................... 5
3. Network Architecture............................................ 6 3. Network Architecture............................................ 6
4 Unified Resource Identifier (URI)................................ 7 4 Unified Resource Identifier (URI)................................ 7
5 URI Example...................................................... 7 5 URI Example...................................................... 7
skipping to change at page 4, line 4 skipping to change at page 4, line 4
8.2 SE-App Downloading......................................... 11 8.2 SE-App Downloading......................................... 11
8.3 SE-App Certificate......................................... 11 8.3 SE-App Certificate......................................... 11
8.4 User Notification.......................................... 12 8.4 User Notification.......................................... 12
8.5 User Enrollment............................................ 12 8.5 User Enrollment............................................ 12
9 IANA Considerations............................................. 12 9 IANA Considerations............................................. 12
10 Security Considerations........................................ 12 10 Security Considerations........................................ 12
11 References..................................................... 12 11 References..................................................... 12
11.1 Normative References...................................... 12 11.1 Normative References...................................... 12
11.2 Informative References.................................... 13 11.2 Informative References.................................... 13
12 Authors' Addresses............................................. 13 12 Authors' Addresses............................................. 13
Internet of Secure Elements October 2021
1 Overview 1 Overview
This draft defines an infrastructure for the deployment of secure This draft defines an infrastructure for the deployment of secure
elements over internet, and features needed for their secure remote elements over internet, and features needed for their secure remote
use. use.
Secure elements [ISO7816] are tamper resistant micro-controllers, Secure elements [ISO7816] are tamper resistant micro-controllers,
whose security Evaluation Assurance Levels (EAL) are in the range whose security Evaluation Assurance Levels (EAL) are in the range
EAL5+/EAL6+ according to Common Criteria standards [CC], which EAL5+/EAL6+ according to Common Criteria standards [CC], which
define up to 7 levels. define up to 7 levels.
skipping to change at page 5, line 4 skipping to change at page 5, line 4
selected secure element. selected secure element.
The secure element URI [RFC3986] is The secure element URI [RFC3986] is
schemeS://sen@server.com:443/?query, in which: schemeS://sen@server.com:443/?query, in which:
- scheme indicates the application data interchange format, - scheme indicates the application data interchange format,
- S means secured by TLS, - S means secured by TLS,
- sen is the secure element name included in the TLS SNI extension, - sen is the secure element name included in the TLS SNI extension,
- server.com:port is a TCP/IP node and associated port - server.com:port is a TCP/IP node and associated port
- query is the command to be executed by the secure element - query is the command to be executed by the secure element
Internet of Secure Elements October 2021
TLS sessions MUST use mutual authentication between client and TLS sessions MUST use mutual authentication between client and
server, either based either on pre-shared-key (PSK) or X509 server, either based either on pre-shared-key (PSK) or X509
certificates. certificates.
The TCP/IP server MAY manage multiple secure elements. As an The TCP/IP server MAY manage multiple secure elements. As an
illustration, according to the IETF draft [RACS] a grid of Secure illustration, according to the IETF draft [RACS] a grid of Secure
Elements (GoSE) is a server hosting a set of secure elements. Elements (GoSE) is a server hosting a set of secure elements.
In summary the Internet of Secure Element (IoSE) is a set of secure In summary the Internet of Secure Element (IoSE) is a set of secure
elements providing TLS servers, communication interfaces, and elements providing TLS servers, communication interfaces, and
skipping to change at page 6, line 5 skipping to change at page 6, line 5
They are several ways to provide a host name for a secure element They are several ways to provide a host name for a secure element
(i.e. a server name), which is referred as secure element name (SEN) (i.e. a server name), which is referred as secure element name (SEN)
by this draft,: by this draft,:
- The [TLS-SE] draft uses historical bytes (up to 15 bytes) inserted - The [TLS-SE] draft uses historical bytes (up to 15 bytes) inserted
in the ISO7816 ATR (Answer To Reset), which is a response triggered in the ISO7816 ATR (Answer To Reset), which is a response triggered
by a physical reset. A javacard application may define the value of by a physical reset. A javacard application may define the value of
historical bytes. historical bytes.
Internet of Secure Elements October 2021
- The [RACS] IETF draft describes Grid of Secure Elements (GoSE), - The [RACS] IETF draft describes Grid of Secure Elements (GoSE),
and introduces Secure Element Identifier (SEID) as unique identifier and introduces Secure Element Identifier (SEID) as unique identifier
indicating that a given SE is hosted by a GoSE. SEID also implicitly indicating that a given SE is hosted by a GoSE. SEID also implicitly
refers the physical slot (SlotID) to which the secure element is refers the physical slot (SlotID) to which the secure element is
plugged. SEID MAY be used as SEN. plugged. SEID MAY be used as SEN.
3. Network Architecture 3. Network Architecture
The network architecture is based on TLS1.3 servers and future The network architecture is based on TLS1.3 servers and future
versions. versions.
skipping to change at page 7, line 5 skipping to change at page 7, line 5
TLS protocol MUST be used with mutual authentication between client TLS protocol MUST be used with mutual authentication between client
and secure element. PSK is a symmetric cryptographic scheme for one and secure element. PSK is a symmetric cryptographic scheme for one
client-to-one-secure-element, while PKI is an asymmetric client-to-one-secure-element, while PKI is an asymmetric
cryptographic scheme adapted to multiple-clients-to-one-secure- cryptographic scheme adapted to multiple-clients-to-one-secure-
element. element.
Nevertheless it should be noticed that secure elements have not Nevertheless it should be noticed that secure elements have not
clock and therefore are not able to check validity date or clock and therefore are not able to check validity date or
certificate revocation. certificate revocation.
Internet of Secure Elements October 2021
4 Unified Resource Identifier (URI) 4 Unified Resource Identifier (URI)
According to [RFC3986] the URI comprises a scheme name ended by the According to [RFC3986] the URI comprises a scheme name ended by the
'S' character, the secure element name, the client-facing name and 'S' character, the secure element name, the client-facing name and
port (server.com:port), and a query. port (server.com:port), and a query.
URI= schemeS://sen@server.com:port/?query URI= schemeS://sen@server.com:port/?query
A client software entity able to process this URI, MUST retrieves A client software entity able to process this URI, MUST retrieves
the PSK or the certificate chain to be used within the TLS protocol. the PSK or the certificate chain to be used within the TLS protocol.
skipping to change at page 8, line 5 skipping to change at page 8, line 5
shellS://mykeystore@server.com:443/?s010102030405060708090A0B0C0D0E0 shellS://mykeystore@server.com:443/?s010102030405060708090A0B0C0D0E0
F101112131415161718191A1B1C1D1E1F20%0D%0A F101112131415161718191A1B1C1D1E1F20%0D%0A
The software client opens a TLS session with the server The software client opens a TLS session with the server
server.com:443, with the name "mykeystore" inserted the SNI server.com:443, with the name "mykeystore" inserted the SNI
extension. Upon success a TLS secure channel is established with the extension. Upon success a TLS secure channel is established with the
secure element. The client sends the query, the secure element secure element. The client sends the query, the secure element
computes the signature and returns its value encoded in hexadecimal computes the signature and returns its value encoded in hexadecimal
text. text.
Internet of Secure Elements October 2021
6 Overview of Internet Of Secure Elements Framework 6 Overview of Internet Of Secure Elements Framework
+---------------------------------+ +---------------------------------+
| User Application | | User Application |
+---------------------------------+ +---------------------------------+
| APIs | | APIs |
+---------------------------------+ +---------------------------------+
| TCP/IP Client | | TCP/IP Client |
+---------------------------------+ +----------------+ +---------------------------------+ +----------------+
| TCP/IP Server |<--| | | TCP/IP Server |<--| |
skipping to change at page 9, line 5 skipping to change at page 9, line 5
MAY provide privacy features such as server name encryption. MAY provide privacy features such as server name encryption.
- The secure element application layer defines data interchange - The secure element application layer defines data interchange
format and available procedures format and available procedures
- The secure element hardware layer defines security profile - The secure element hardware layer defines security profile
(according to Common Criteria standards) and communication (according to Common Criteria standards) and communication
interfaces interfaces
- The administration layer is in charge of secure elements - The administration layer is in charge of secure elements
application deployment and lifetime. These operations are performed application deployment and lifetime. These operations are performed
locally or remotely (through the internet). locally or remotely (through the internet).
Internet of Secure Elements October 2021
7 Functional Entities 7 Functional Entities
+---------------------------+ +-------------------+ +---------------------------+ +-------------------+
| | | | | | | |
| Infrastructure Provider +----+ SE-App Provider | | Infrastructure Provider +----+ SE-App Provider |
| (Secure Element Server) | | | | (Secure Element Server) | | |
| | +------+-----+------+ | | +------+-----+------+
+------------+--------------+ | | +------------+--------------+ | |
| | | | | |
| | | | | |
skipping to change at page 10, line 5 skipping to change at page 10, line 5
- The SE-App Provider (SE-AppP) designs secure and trusted software - The SE-App Provider (SE-AppP) designs secure and trusted software
(SE-App) for secure elements. (SE-App) for secure elements.
8 Attestation Procedure 8 Attestation Procedure
The goal of the attestation procedure is to allocate a secure The goal of the attestation procedure is to allocate a secure
element, and to prove to its user the exclusive access to a genuine element, and to prove to its user the exclusive access to a genuine
secure element. secure element.
Internet of Secure Elements October 2021
SE-App Provider Infrastructure Secure SE-App Provider Infrastructure Secure
Provider Provider Element Provider Provider Element
| | | | | |
| RACS: Download --->|----------->|Private and Public Key | RACS: Download --->|----------->|Private and Public Key
| TLS-PSK App in SE | |Generation | TLS-PSK App in SE | |Generation
| With PSK-Provider | |TLS-PSK Ready | With PSK-Provider | |TLS-PSK Ready
| <--------------Done|<-------Done| | <--------------Done|<-------Done|
| | | | | |
| RACS: Link ------>| | | RACS: Link ------>| |
| SEN to SEID | | | SEN to SEID | |
skipping to change at page 11, line 4 skipping to change at page 11, line 4
| | | |
|<-------------Send rnd| |<-------------Send rnd|
|Compute | |Compute |
|Sign(HS | rnd) | |Sign(HS | rnd) |
|Send Sign------------>| |Send Sign------------>|
| | | |
| Check Sign| | Check Sign|
| | | |
|<-------Write PSK-User| |<-------Write PSK-User|
|Done----------------->| |Done----------------->|
Internet of Secure Elements October 2021
8.1 Service Request 8.1 Service Request
The User requests to an on-line Service Provider a secure element The User requests to an on-line Service Provider a secure element
for a specific application. for a specific application.
8.2 SE-App Downloading 8.2 SE-App Downloading
The Service Provider requests the SE-App Provider to download the The Service Provider requests the SE-App Provider to download the
user's application in a secure element hosted by an Infrastructure user's application in a secure element hosted by an Infrastructure
Provider. Provider.
skipping to change at page 12, line 5 skipping to change at page 12, line 5
The SE-App Provider opens a TLS (with PSK= PSK-App-Provider) session The SE-App Provider opens a TLS (with PSK= PSK-App-Provider) session
with the SEN secure element, reads its SE-App-Pub-key, and computes with the SEN secure element, reads its SE-App-Pub-key, and computes
a certificate (SE-Cert) for this public key. a certificate (SE-Cert) for this public key.
The SE-Cert is remotely written in the secure element The SE-Cert is remotely written in the secure element
The SE-App provider forwards the secure element URI and PSK-App- The SE-App provider forwards the secure element URI and PSK-App-
Provider to the Service Provider or to the User, according to pre- Provider to the Service Provider or to the User, according to pre-
defined agreements. defined agreements.
Internet of Secure Elements October 2021
8.4 User Notification 8.4 User Notification
The User receives the secure element URI and pre-shared-key (i.e. The User receives the secure element URI and pre-shared-key (i.e.
PSK-App-Provider). PSK-App-Provider).
8.5 User Enrollment 8.5 User Enrollment
A secure element only manages a unique TLS session at a given time. A secure element only manages a unique TLS session at a given time.
The User opens a TLS session with the secure element (with PSK-App- The User opens a TLS session with the secure element (with PSK-App-
skipping to change at page 13, line 5 skipping to change at page 13, line 5
This entire document is about security. This entire document is about security.
11 References 11 References
11.1 Normative References 11.1 Normative References
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
https://www.rfc-editor.org/info/rfc8446. https://www.rfc-editor.org/info/rfc8446.
Internet of Secure Elements October 2021
[RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS)
Extensions: Extension Definitions", RFC 6066, DOI 10.17487/RFC6066, Extensions: Extension Definitions", RFC 6066, DOI 10.17487/RFC6066,
January 2011. January 2011.
[RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan,
"Transport Layer Security (TLS) Application-Layer Protocol "Transport Layer Security (TLS) Application-Layer Protocol
Negotiation Extension", RFC 7301, July 2014 Negotiation Extension", RFC 7301, July 2014
[RFC3986] Berners-Lee, Tim; Fielding, Roy T.; Masinter, Larry. [RFC3986] Berners-Lee, Tim; Fielding, Roy T.; Masinter, Larry.
Uniform Resource Identifiers (URI): Generic Syntax. Internet Uniform Resource Identifiers (URI): Generic Syntax. Internet
 End of changes. 15 change blocks. 
26 lines changed or deleted 4 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/