idnits 2.17.1 draft-urien-core-tls-se-io-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 191 has weird spacing: '... Length outpu...' -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Outdated reference: A later version (-07) exists of draft-urien-tls-se-03 == Outdated reference: A later version (-08) exists of draft-urien-coinrg-iose-04 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 CORE Working Group P. Urien 3 Internet Draft Telecom Paris 4 Intended status: Experimental 6 February 4 2022 7 Expires: August 2022 9 TLS for Secure Element Input Output (TLS-SE-IO) 10 draft-urien-core-tls-se-io-01.txt 12 Abstract 14 The goal of TLS-SE-IO is to provide virtual IO pins for secure 15 elements running TLS servers, in order to interact with sensors and 16 actuators. TLS-SE device processes TLS packets in secure element. It 17 may work like a black box (server mode) that exchanges fully 18 encrypted packets. It may also export encrypted packet in clear 19 form, in order to provide virtual output pin. Output messages may 20 include cookies and/or cryptographic materials. Virtual input pin 21 forwards input messages, triggered by previous output messages, and 22 sent to TLS-SE device for further processing. 24 Requirements Language 26 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 27 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 28 document are to be interpreted as described in RFC 2119. 30 Status of this Memo 32 This Internet-Draft is submitted in full conformance with the 33 provisions of BCP 78 and BCP 79. 35 Internet-Drafts are working documents of the Internet Engineering 36 Task Force (IETF). Note that other groups may also distribute 37 working documents as Internet-Drafts. The list of current Internet- 38 Drafts is at http://datatracker.ietf.org/drafts/current/. 40 Internet-Drafts are draft documents valid for a maximum of six 41 months and may be updated, replaced, or obsoleted by other documents 42 at any time. It is inappropriate to use Internet-Drafts as reference 43 material or to cite them other than as "work in progress." 45 This Internet-Draft will expire on August 2022. 47 Copyright Notice 49 Copyright (c) 2022 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (http://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with 57 respect to this document. Code Components extracted from this 58 document must include Simplified BSD License text as described in 59 Section 4.e of the Trust Legal Provisions and are provided without 60 warranty as described in the Simplified BSD License. 62 TLS-SE-IO February 2022 64 Table of Contents 65 Abstract........................................................... 1 66 Requirements Language.............................................. 1 67 Status of this Memo................................................ 1 68 Copyright Notice................................................... 2 69 1 Overview......................................................... 4 70 2 TLS-SE-IO........................................................ 4 71 3 TLS-SE-IO Protocol............................................... 5 72 3.1 Output messages............................................. 5 73 3.2 Input message............................................... 6 74 4 Example.......................................................... 6 75 5 Security Considerations.......................................... 8 76 6 IANA Considerations.............................................. 8 77 7 References....................................................... 8 78 7.1 Normative References........................................ 8 79 7.2 Informative References...................................... 9 80 8 Authors' Addresses............................................... 9 81 TLS-SE-IO February 2022 83 1 Overview 85 Input output (IO) interfaces are used in the internet of things 86 context (IoT) to manage sensors and actuators. 88 Output pin has two binary states, one or zero, and can generate a 89 bit stream, i.e. messages comprising a set of bytes. 91 Input pin detects two binary states, one or zero, which can realize 92 a bit stream, i.e. messages comprising a set of bytes. 94 Usually input messages are triggered by previous output messages. 96 Secure elements, mainly specified by [ISO7816] standards have 97 multiple form factors, such as SIM card, or surface mounted device 98 (SMD). They provide tamper resistant computing resources. According 99 to Common Criteria (CC) standards, their Evaluation Assurance Level 100 ranges between EAL4 to EAL6+, EAL7 being the highest level. 102 Nevertheless secure elements have no IO pins, and are not able to 103 physically communicate with sensors and actuators. However they may 104 be connected to processors, with physical IO capacities (i.e. 105 equipped with IO pins) 107 This document describes the processing of output and input messages 108 by secure elements that execute TLS server. Output messages are 109 exported from the secure element in clear form; they provide an 110 output byte stream. Input messages are triggered by output messages; 111 a byte stream is forwarded to secure element for further processing. 113 2 TLS-SE-IO 115 The draft [TLS-SE] defines [TLS 1.3] support for secure elements. 116 Two procedures RECV and SEND realize a logical bridge between TLS 117 packets and [ISO7816] messages. 119 +-----------+ recv +------------+ RECV +-----------+ 120 | IP + ---> | TCP/IP | ---> | TLS 1.3 | 121 | Network +------+ Constraint +------+ Secure | 122 | | <--- | Node | <--- | Element | 123 +-----------+ send +------------+ SEND +-----------+ 124 | | 125 Network Interface ISO7816 interface 127 A processor physically connected to secure element (the secure 128 element processor, SEP) can read TLS packets transparently 129 transported by ISO7816 requests and responses. It also knows if the 130 secure channel is opened, thanks to a dedicated ISO7816 status word 131 (sw-open = 0x9001) 132 TLS-SE-IO February 2022 134 +------------+ TLS-Packet +-----------+ 135 | | ---------> | TLS 1.3 | 136 | Processor +------------+ Secure | 137 | (SEP) | <--------_ | Element | 138 +------------+ TLS-Packet +-----------+ 139 SE Processor Secure Element 141 TLS-SE provides two classes of service: 143 - TLS-SE as server, this is the technological basis for [IOSE] 144 framework. The secure element is a black box providing secure 145 storage and tamper resistant computing resources. 147 - TLS-SE as stack. The secure element fully processes TLS session 148 opening, i.e. TLS flights. It provides TLS packets encryption (TLS- 149 Encrypt) and decryption (TLS-Decrypt) procedures. 151 +------------+ +------------+ 152 | +-<----- Output ----<-+-+ | 153 | | | |Decryption| 154 | +-- Rx-TLS-Packets ->-+-+ | 155 | SEP | | TLS-SE | 156 | +-<- Tx-TLS-Packets <-+-+ | 157 | | | |Encryption| 158 | +->------Input ----->-+-+ | 159 +------------+ +------------+ 161 The main idea of TLS-SE-IO is to provide virtual Input/Output (IO) 162 resources (i.e. virtual IO pins) to TLS-SE secure element. 164 - Output requests MUST be received in encrypted TLS record messages. 165 Clear messages are returned by secure element. 167 - Input messages are triggered by output requests. They MUST be 168 encrypted by the secure element thanks to the SEND procedure 169 described in [TLS-SE] 171 3 TLS-SE-IO Protocol 173 The SEP entity can read incoming and outgoing TLS packets. 175 A TLS record packet has a five bytes header in clear form, which 176 comprises 3 fields, type (one byte), version (2 bytes), and length 177 (2 bytes) 179 3.1 Output messages 181 An output message is received in encrypted TLS record packet. It is 182 decrypted within TLS-SE secure element. It MUST contain an attribute 183 ('output-mark') that triggers the output message exportation. 185 TLS-SE-IO February 2022 187 The TLS-SE secure element produces a TLS packet with the first three 188 bytes (type and version) set to zero, and a length. The payload 189 comprises the data and the TLS type in clear form. 191 Type=0x00 Version=0x0000 Length output-message TLS-Type 193 An output message MAY be encrypted. It MAY also contains cookie to 194 be used in input messages. 196 Output messages are processed by SEP device. They contain any kind 197 of information, such as object or data serialization, script, or AT 198 commands for cellular serial modems. 200 3.2 Input message 202 Input message is triggered by a previous output message. It MAY be 203 encrypted. It MAY also contains cookie found in a previous output 204 message. 206 Input message is sent to the secure element thanks to the procedure 207 RECV(F-Encrypt,input-message), as specified in[TLS-SE]. It MAY 208 trigger a TLS record packet, according to the RECV procedure. 210 4 Example 212 PSK= 213 0102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20 214 DHE= 215 45A4CB06906CD3426E9F8E02FD0EAA39E016729A8F00D08E34B907418723007E 217 TLS Reset 218 Tx: 00D8000000 219 Rx: 9000 221 RECV(F-First,ClientHello) 222 Tx: 00D80001F0 1603030103010000FF0303 223 749F4A35B3E76B4554517F221F8BD54C 224 C7DD96E9B70A0DBF4652821AD8AF095C 225 0000021304010000D4002D0003020001 226 002B0003020304000D001E001C060305 227 03040302030806080B0805080A080408 228 09060105010401020100330047004500 229 170041047ED91D5E7DC92EBF5D26444B 230 A267299D8D5A89481C121E7691A7D782 231 77668F366DEC65B6B35D707777F523C0 232 05B48CC7165EC151E8D9A28F22B8603B 233 14C11975000A00060004001800170000 234 000D000B0000086B6579312E636F6D00 235 29003A0015000F436C69656E745F6964 236 TLS-SE-IO February 2022 238 656E7469747900000000002120F3793B 239 B581E86684 240 9000 242 RECV(F-Last,ClientHello)) 243 Tx: 00D8000218 6F72919312AEF766B56275 244 B26573A433A8BD1806A492620F 245 Rx: 6186 247 SEND(ServerHello) 248 Tx: 00C0000086 249 Rx: 1603030081 0200007D03030BBDF53C07 250 596AACAF7724DB911E11C92F418ED96C 251 008451A49E7AE08230B3D10013040000 252 55002900020000003300450017004104 253 07A637DCCBF63DE1A6EFB59ADDB796FE 254 BC9106A96379081BC3547FB42C7982B7 255 A8FA04A0F7E3F1784A1A0086CBCC03BE 256 F8FDE7526EED3DB4F85DAF5BD26443E2 257 002B00020304 258 9F1C 260 SEND(ServerEncryptedExtension) 261 Tx: 00C000001C 262 Rx: 1703030017CD418DE7D2E6E8F393A5AC 263 B0E4E2C06BFA0B0631C59A26 264 9F3A 266 SEND(ServerFinished) 267 Tx: 00C000003A 268 Rx: 17030300350F106E7DB08E7CCB69644D 269 7E0F9CB39FB2B5A0AC0D36FA462A9E40 270 0517A548E7F9E07191ECC1F869671E3B 271 1F1B39D9A38E09EE6DE8 272 9000 274 RECV(F-First||F-Last, ClientFinished) 275 Tx: 00D800033A 1703030035C407E727ACBC 276 7CE96EB6A81391FF8F8546976430B8F8 277 65A1C8A41F279B7B4A72934A0225021B 278 A4001793EBFFC2167FAE250A5B69A8 279 Rx: 9001 281 TLS Secure Channel is open 283 Encrypted opaque message 285 RECV(F-First||F-Last, TLS-Record-Message) 286 Tx: 00D800031F170303001AE4EBF10433EB 287 78B4454D7ACE9EBBCB74455F232EC1A6 288 A6D046B5 289 TLS-SE-IO February 2022 291 Rx: 611C 293 Encrypted opaque response 294 SEND(TLS-Record-Message) 295 Tx: 00C000001C 296 Rx: 1703030017215C9D0932B76BBCD439C4 297 5D5FEDC4C4A4253A3EC736E7 298 9000 300 Encrypted output message 301 RECV(F-First||F-Last, TLS-Record-Message) 302 Tx: 00D800031D 1703030018AEBBB88F858C 303 C8325E85C75FF1C95FEFA2F5D3BBD1D3 304 C86B 305 Rx: 610D 307 Output message in clear form (value=#tempCrLf, Type=0x17) 308 Character '#' is the output mark 309 Tx: 00C000000D 310 Rx: 0000000008 2374656D700D0A 17 311 9000 313 An input message is triggered by the output message 314 Input message in clear form 315 RECV(F-Encrypt||F-First||F-Last, InputMessage=18.81CrLf, Type=0x17) 316 Tx: 00D8020308 31382E38310D0A 17 317 Encrypted TLS record packet 318 Rx: 611D 319 Tx: 00C000001D 320 Rx: 1703030018C14E29429EA6F071D13FB8 321 8653C7ABE7315423E9D1A2B58B 322 9000 324 5 Security Considerations 326 This entire document is about security. 328 6 IANA Considerations 330 This draft does not require any action from IANA. 332 7 References 334 7.1 Normative References 336 [TLS 1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol 337 Version 1.3", RFC 8446, August 2018. 339 TLS-SE-IO February 2022 341 [ISO7816] ISO 7816, "Cards Identification - Integrated Circuit Cards 342 with Contacts", The International Organization for Standardization 343 (ISO). 345 7.2 Informative References 347 [TLS-SE] IETF Draft, "Secure Element for TLS Version 1.3", draft- 348 urien-tls-se-03.txt, 2021 350 [IOSE] IETF Draft, "Internet of Secure Elements", draft-urien- 351 coinrg-iose-04.txt, 2021 353 8 Authors' Addresses 355 Pascal Urien 356 Telecom Paris 357 19 place Marguerite Perey 358 91120 Palaiseau Phone: NA 359 France Email: Pascal.Urien@telecom-paris.fr