| < draft-urien-coinrg-iose-04.txt | draft-urien-coinrg-iose-05.txt > | |||
|---|---|---|---|---|
| Internet Draft P. Urien | Internet Draft P. Urien | |||
| Intended status: Experimental Telecom Paris | Intended status: Experimental Telecom Paris | |||
| Expires: April 2022 October 4 2021 | Expires: October 2022 April 3 2022 | |||
| Internet of Secure Elements | Internet of Secure Elements | |||
| draft-urien-coinrg-iose-04.txt | draft-urien-coinrg-iose-05.txt | |||
| Abstract | Abstract | |||
| This draft defines an infrastructure for secure elements over | This draft defines an infrastructure for secure elements over | |||
| internet, and features needed for their secure remote use. | internet, and features needed for their secure remote use. | |||
| It describes a network architecture based on the TLS 1.3 protocol, | It describes a network architecture based on the TLS 1.3 protocol, | |||
| which enables remote calls of cryptographic procedures, identified | which enables remote calls of cryptographic procedures, identified | |||
| by Unified Resource Identifier (URI) such as | by Unified Resource Identifier (URI) such as | |||
| schemeS://sen@server.com:443/?query | schemeS://sen@server.com:443/?query | |||
| The Internet of Secure Element (IoSE) is a set of secure elements | The Internet of Secure Element (IoSE) is a set of secure elements | |||
| skipping to change at page 1, line 43 ¶ | skipping to change at page 1, line 43 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six | Internet-Drafts are draft documents valid for a maximum of six | |||
| months and may be updated, replaced, or obsoleted by other documents | months and may be updated, replaced, or obsoleted by other documents | |||
| at any time. It is inappropriate to use Internet-Drafts as reference | at any time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 2022 | This Internet-Draft will expire on October 2022 | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with | carefully, as they describe your rights and restrictions with | |||
| respect to this document. Code Components extracted from this | respect to this document. Code Components extracted from this | |||
| document must include Simplified BSD License text as described in | document must include Simplified BSD License text as described in | |||
| Section 4.e of the Trust Legal Provisions and are provided without | Section 4.e of the Trust Legal Provisions and are provided without | |||
| warranty as described in the Simplified BSD License. | warranty as described in the Simplified BSD License. | |||
| Internet of Secure Elements October 2021 | ||||
| Table of Contents | Table of Contents | |||
| Abstract........................................................... 1 | Abstract........................................................... 1 | |||
| Requirements Language.............................................. 1 | Requirements Language.............................................. 1 | |||
| Status of this Memo................................................ 1 | Status of this Memo................................................ 1 | |||
| Copyright Notice................................................... 2 | Copyright Notice................................................... 2 | |||
| 1 Overview......................................................... 4 | 1 Overview......................................................... 4 | |||
| 2. About Secure Elements........................................... 5 | 2. About Secure Elements........................................... 5 | |||
| 3. Network Architecture............................................ 6 | 3. Network Architecture............................................ 6 | |||
| 4 Unified Resource Identifier (URI)................................ 7 | 4 Unified Resource Identifier (URI)................................ 7 | |||
| 5 URI Example...................................................... 7 | 5 URI Example...................................................... 7 | |||
| skipping to change at page 4, line 4 ¶ | skipping to change at page 4, line 4 ¶ | |||
| 8.2 SE-App Downloading......................................... 11 | 8.2 SE-App Downloading......................................... 11 | |||
| 8.3 SE-App Certificate......................................... 11 | 8.3 SE-App Certificate......................................... 11 | |||
| 8.4 User Notification.......................................... 12 | 8.4 User Notification.......................................... 12 | |||
| 8.5 User Enrollment............................................ 12 | 8.5 User Enrollment............................................ 12 | |||
| 9 IANA Considerations............................................. 12 | 9 IANA Considerations............................................. 12 | |||
| 10 Security Considerations........................................ 12 | 10 Security Considerations........................................ 12 | |||
| 11 References..................................................... 12 | 11 References..................................................... 12 | |||
| 11.1 Normative References...................................... 12 | 11.1 Normative References...................................... 12 | |||
| 11.2 Informative References.................................... 13 | 11.2 Informative References.................................... 13 | |||
| 12 Authors' Addresses............................................. 13 | 12 Authors' Addresses............................................. 13 | |||
| Internet of Secure Elements October 2021 | ||||
| 1 Overview | 1 Overview | |||
| This draft defines an infrastructure for the deployment of secure | This draft defines an infrastructure for the deployment of secure | |||
| elements over internet, and features needed for their secure remote | elements over internet, and features needed for their secure remote | |||
| use. | use. | |||
| Secure elements [ISO7816] are tamper resistant micro-controllers, | Secure elements [ISO7816] are tamper resistant micro-controllers, | |||
| whose security Evaluation Assurance Levels (EAL) are in the range | whose security Evaluation Assurance Levels (EAL) are in the range | |||
| EAL5+/EAL6+ according to Common Criteria standards [CC], which | EAL5+/EAL6+ according to Common Criteria standards [CC], which | |||
| define up to 7 levels. | define up to 7 levels. | |||
| skipping to change at page 5, line 4 ¶ | skipping to change at page 5, line 4 ¶ | |||
| selected secure element. | selected secure element. | |||
| The secure element URI [RFC3986] is | The secure element URI [RFC3986] is | |||
| schemeS://sen@server.com:443/?query, in which: | schemeS://sen@server.com:443/?query, in which: | |||
| - scheme indicates the application data interchange format, | - scheme indicates the application data interchange format, | |||
| - S means secured by TLS, | - S means secured by TLS, | |||
| - sen is the secure element name included in the TLS SNI extension, | - sen is the secure element name included in the TLS SNI extension, | |||
| - server.com:port is a TCP/IP node and associated port | - server.com:port is a TCP/IP node and associated port | |||
| - query is the command to be executed by the secure element | - query is the command to be executed by the secure element | |||
| Internet of Secure Elements October 2021 | ||||
| TLS sessions MUST use mutual authentication between client and | TLS sessions MUST use mutual authentication between client and | |||
| server, either based either on pre-shared-key (PSK) or X509 | server, either based either on pre-shared-key (PSK) or X509 | |||
| certificates. | certificates. | |||
| The TCP/IP server MAY manage multiple secure elements. As an | The TCP/IP server MAY manage multiple secure elements. As an | |||
| illustration, according to the IETF draft [RACS] a grid of Secure | illustration, according to the IETF draft [RACS] a grid of Secure | |||
| Elements (GoSE) is a server hosting a set of secure elements. | Elements (GoSE) is a server hosting a set of secure elements. | |||
| In summary the Internet of Secure Element (IoSE) is a set of secure | In summary the Internet of Secure Element (IoSE) is a set of secure | |||
| elements providing TLS servers, communication interfaces, and | elements providing TLS servers, communication interfaces, and | |||
| skipping to change at page 6, line 5 ¶ | skipping to change at page 6, line 5 ¶ | |||
| They are several ways to provide a host name for a secure element | They are several ways to provide a host name for a secure element | |||
| (i.e. a server name), which is referred as secure element name (SEN) | (i.e. a server name), which is referred as secure element name (SEN) | |||
| by this draft,: | by this draft,: | |||
| - The [TLS-SE] draft uses historical bytes (up to 15 bytes) inserted | - The [TLS-SE] draft uses historical bytes (up to 15 bytes) inserted | |||
| in the ISO7816 ATR (Answer To Reset), which is a response triggered | in the ISO7816 ATR (Answer To Reset), which is a response triggered | |||
| by a physical reset. A javacard application may define the value of | by a physical reset. A javacard application may define the value of | |||
| historical bytes. | historical bytes. | |||
| Internet of Secure Elements October 2021 | ||||
| - The [RACS] IETF draft describes Grid of Secure Elements (GoSE), | - The [RACS] IETF draft describes Grid of Secure Elements (GoSE), | |||
| and introduces Secure Element Identifier (SEID) as unique identifier | and introduces Secure Element Identifier (SEID) as unique identifier | |||
| indicating that a given SE is hosted by a GoSE. SEID also implicitly | indicating that a given SE is hosted by a GoSE. SEID also implicitly | |||
| refers the physical slot (SlotID) to which the secure element is | refers the physical slot (SlotID) to which the secure element is | |||
| plugged. SEID MAY be used as SEN. | plugged. SEID MAY be used as SEN. | |||
| 3. Network Architecture | 3. Network Architecture | |||
| The network architecture is based on TLS1.3 servers and future | The network architecture is based on TLS1.3 servers and future | |||
| versions. | versions. | |||
| skipping to change at page 7, line 5 ¶ | skipping to change at page 7, line 5 ¶ | |||
| TLS protocol MUST be used with mutual authentication between client | TLS protocol MUST be used with mutual authentication between client | |||
| and secure element. PSK is a symmetric cryptographic scheme for one | and secure element. PSK is a symmetric cryptographic scheme for one | |||
| client-to-one-secure-element, while PKI is an asymmetric | client-to-one-secure-element, while PKI is an asymmetric | |||
| cryptographic scheme adapted to multiple-clients-to-one-secure- | cryptographic scheme adapted to multiple-clients-to-one-secure- | |||
| element. | element. | |||
| Nevertheless it should be noticed that secure elements have not | Nevertheless it should be noticed that secure elements have not | |||
| clock and therefore are not able to check validity date or | clock and therefore are not able to check validity date or | |||
| certificate revocation. | certificate revocation. | |||
| Internet of Secure Elements October 2021 | ||||
| 4 Unified Resource Identifier (URI) | 4 Unified Resource Identifier (URI) | |||
| According to [RFC3986] the URI comprises a scheme name ended by the | According to [RFC3986] the URI comprises a scheme name ended by the | |||
| 'S' character, the secure element name, the client-facing name and | 'S' character, the secure element name, the client-facing name and | |||
| port (server.com:port), and a query. | port (server.com:port), and a query. | |||
| URI= schemeS://sen@server.com:port/?query | URI= schemeS://sen@server.com:port/?query | |||
| A client software entity able to process this URI, MUST retrieves | A client software entity able to process this URI, MUST retrieves | |||
| the PSK or the certificate chain to be used within the TLS protocol. | the PSK or the certificate chain to be used within the TLS protocol. | |||
| skipping to change at page 8, line 5 ¶ | skipping to change at page 8, line 5 ¶ | |||
| shellS://mykeystore@server.com:443/?s010102030405060708090A0B0C0D0E0 | shellS://mykeystore@server.com:443/?s010102030405060708090A0B0C0D0E0 | |||
| F101112131415161718191A1B1C1D1E1F20%0D%0A | F101112131415161718191A1B1C1D1E1F20%0D%0A | |||
| The software client opens a TLS session with the server | The software client opens a TLS session with the server | |||
| server.com:443, with the name "mykeystore" inserted the SNI | server.com:443, with the name "mykeystore" inserted the SNI | |||
| extension. Upon success a TLS secure channel is established with the | extension. Upon success a TLS secure channel is established with the | |||
| secure element. The client sends the query, the secure element | secure element. The client sends the query, the secure element | |||
| computes the signature and returns its value encoded in hexadecimal | computes the signature and returns its value encoded in hexadecimal | |||
| text. | text. | |||
| Internet of Secure Elements October 2021 | ||||
| 6 Overview of Internet Of Secure Elements Framework | 6 Overview of Internet Of Secure Elements Framework | |||
| +---------------------------------+ | +---------------------------------+ | |||
| | User Application | | | User Application | | |||
| +---------------------------------+ | +---------------------------------+ | |||
| | APIs | | | APIs | | |||
| +---------------------------------+ | +---------------------------------+ | |||
| | TCP/IP Client | | | TCP/IP Client | | |||
| +---------------------------------+ +----------------+ | +---------------------------------+ +----------------+ | |||
| | TCP/IP Server |<--| | | | TCP/IP Server |<--| | | |||
| skipping to change at page 9, line 5 ¶ | skipping to change at page 9, line 5 ¶ | |||
| MAY provide privacy features such as server name encryption. | MAY provide privacy features such as server name encryption. | |||
| - The secure element application layer defines data interchange | - The secure element application layer defines data interchange | |||
| format and available procedures | format and available procedures | |||
| - The secure element hardware layer defines security profile | - The secure element hardware layer defines security profile | |||
| (according to Common Criteria standards) and communication | (according to Common Criteria standards) and communication | |||
| interfaces | interfaces | |||
| - The administration layer is in charge of secure elements | - The administration layer is in charge of secure elements | |||
| application deployment and lifetime. These operations are performed | application deployment and lifetime. These operations are performed | |||
| locally or remotely (through the internet). | locally or remotely (through the internet). | |||
| Internet of Secure Elements October 2021 | ||||
| 7 Functional Entities | 7 Functional Entities | |||
| +---------------------------+ +-------------------+ | +---------------------------+ +-------------------+ | |||
| | | | | | | | | | | |||
| | Infrastructure Provider +----+ SE-App Provider | | | Infrastructure Provider +----+ SE-App Provider | | |||
| | (Secure Element Server) | | | | | (Secure Element Server) | | | | |||
| | | +------+-----+------+ | | | +------+-----+------+ | |||
| +------------+--------------+ | | | +------------+--------------+ | | | |||
| | | | | | | | | |||
| | | | | | | | | |||
| skipping to change at page 10, line 5 ¶ | skipping to change at page 10, line 5 ¶ | |||
| - The SE-App Provider (SE-AppP) designs secure and trusted software | - The SE-App Provider (SE-AppP) designs secure and trusted software | |||
| (SE-App) for secure elements. | (SE-App) for secure elements. | |||
| 8 Attestation Procedure | 8 Attestation Procedure | |||
| The goal of the attestation procedure is to allocate a secure | The goal of the attestation procedure is to allocate a secure | |||
| element, and to prove to its user the exclusive access to a genuine | element, and to prove to its user the exclusive access to a genuine | |||
| secure element. | secure element. | |||
| Internet of Secure Elements October 2021 | ||||
| SE-App Provider Infrastructure Secure | SE-App Provider Infrastructure Secure | |||
| Provider Provider Element | Provider Provider Element | |||
| | | | | | | | | |||
| | RACS: Download --->|----------->|Private and Public Key | | RACS: Download --->|----------->|Private and Public Key | |||
| | TLS-PSK App in SE | |Generation | | TLS-PSK App in SE | |Generation | |||
| | With PSK-Provider | |TLS-PSK Ready | | With PSK-Provider | |TLS-PSK Ready | |||
| | <--------------Done|<-------Done| | | <--------------Done|<-------Done| | |||
| | | | | | | | | |||
| | RACS: Link ------>| | | | RACS: Link ------>| | | |||
| | SEN to SEID | | | | SEN to SEID | | | |||
| skipping to change at page 11, line 4 ¶ | skipping to change at page 11, line 4 ¶ | |||
| | | | | | | |||
| |<-------------Send rnd| | |<-------------Send rnd| | |||
| |Compute | | |Compute | | |||
| |Sign(HS | rnd) | | |Sign(HS | rnd) | | |||
| |Send Sign------------>| | |Send Sign------------>| | |||
| | | | | | | |||
| | Check Sign| | | Check Sign| | |||
| | | | | | | |||
| |<-------Write PSK-User| | |<-------Write PSK-User| | |||
| |Done----------------->| | |Done----------------->| | |||
| Internet of Secure Elements October 2021 | ||||
| 8.1 Service Request | 8.1 Service Request | |||
| The User requests to an on-line Service Provider a secure element | The User requests to an on-line Service Provider a secure element | |||
| for a specific application. | for a specific application. | |||
| 8.2 SE-App Downloading | 8.2 SE-App Downloading | |||
| The Service Provider requests the SE-App Provider to download the | The Service Provider requests the SE-App Provider to download the | |||
| user's application in a secure element hosted by an Infrastructure | user's application in a secure element hosted by an Infrastructure | |||
| Provider. | Provider. | |||
| skipping to change at page 12, line 5 ¶ | skipping to change at page 12, line 5 ¶ | |||
| The SE-App Provider opens a TLS (with PSK= PSK-App-Provider) session | The SE-App Provider opens a TLS (with PSK= PSK-App-Provider) session | |||
| with the SEN secure element, reads its SE-App-Pub-key, and computes | with the SEN secure element, reads its SE-App-Pub-key, and computes | |||
| a certificate (SE-Cert) for this public key. | a certificate (SE-Cert) for this public key. | |||
| The SE-Cert is remotely written in the secure element | The SE-Cert is remotely written in the secure element | |||
| The SE-App provider forwards the secure element URI and PSK-App- | The SE-App provider forwards the secure element URI and PSK-App- | |||
| Provider to the Service Provider or to the User, according to pre- | Provider to the Service Provider or to the User, according to pre- | |||
| defined agreements. | defined agreements. | |||
| Internet of Secure Elements October 2021 | ||||
| 8.4 User Notification | 8.4 User Notification | |||
| The User receives the secure element URI and pre-shared-key (i.e. | The User receives the secure element URI and pre-shared-key (i.e. | |||
| PSK-App-Provider). | PSK-App-Provider). | |||
| 8.5 User Enrollment | 8.5 User Enrollment | |||
| A secure element only manages a unique TLS session at a given time. | A secure element only manages a unique TLS session at a given time. | |||
| The User opens a TLS session with the secure element (with PSK-App- | The User opens a TLS session with the secure element (with PSK-App- | |||
| skipping to change at page 13, line 5 ¶ | skipping to change at page 13, line 5 ¶ | |||
| This entire document is about security. | This entire document is about security. | |||
| 11 References | 11 References | |||
| 11.1 Normative References | 11.1 Normative References | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
| https://www.rfc-editor.org/info/rfc8446. | https://www.rfc-editor.org/info/rfc8446. | |||
| Internet of Secure Elements October 2021 | ||||
| [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) | [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) | |||
| Extensions: Extension Definitions", RFC 6066, DOI 10.17487/RFC6066, | Extensions: Extension Definitions", RFC 6066, DOI 10.17487/RFC6066, | |||
| January 2011. | January 2011. | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | |||
| "Transport Layer Security (TLS) Application-Layer Protocol | "Transport Layer Security (TLS) Application-Layer Protocol | |||
| Negotiation Extension", RFC 7301, July 2014 | Negotiation Extension", RFC 7301, July 2014 | |||
| [RFC3986] Berners-Lee, Tim; Fielding, Roy T.; Masinter, Larry. | [RFC3986] Berners-Lee, Tim; Fielding, Roy T.; Masinter, Larry. | |||
| Uniform Resource Identifiers (URI): Generic Syntax. Internet | Uniform Resource Identifiers (URI): Generic Syntax. Internet | |||
| End of changes. 15 change blocks. | ||||
| 26 lines changed or deleted | 4 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||