Internet-Draft | BPSec COSE | November 2024 |
Sipos | Expires 25 May 2025 | [Page] |
This document defines a security context suitable for using CBOR Object Signing and Encryption (COSE) algorithms within Bundle Protocol Security (BPSec) integrity and confidentiality blocks. A profile for COSE, focused on asymmetric-keyed algorithms, and for PKIX certificates are also defined for BPSec interoperation.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 25 May 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The Bundle Protocol Security (BPSec) Specification [RFC9172] defines structure and encoding for Block Integrity Block (BIB) and Block Confidentiality Block (BCB) types but does not specify any security contexts to be used by either of the security block types. The CBOR Object Signing and Encryption (COSE) specifications [RFC9052] and [RFC9053] defines a structure, encoding, and algorithms to use for cryptographic signing and encryption.¶
This document describes how to use the algorithms and encodings of COSE within BPSec blocks to apply those algorithms to Bundle security in Section 2. A bare minimum of interoperability algorithms and algorithm parameters is specified by this document in Section 3. The focus of the recommended algorithms is to allow BPSec to be used in a Public Key Infrastructure (PKI) as described in Section 1.2 using a certificate profile defined in Section 4.¶
Examples of specific uses are provided in Appendix A to aid in implementation support of the interoperability algorithms.¶
This document describes a profile of COSE which is tailored for use in BPSec and a method of including full COSE messages within BPSec security blocks. This document does not address:¶
This specification gives requirements about how to use PKIX certificates issued by a Certificate Authority (CA), but does not define any mechanisms for how those certificates come to be.¶
To support the PKIX uses defined in this document, the CA(s) issuing certificates for BP nodes are aware of the end use of the certificate, have a mechanism for verifying ownership of a Node ID, and are issuing certificates directly for that Node ID. BPSec security verifiers and acceptors authenticate the Node ID of security sources when verifying integrity (see Section 2.6.1) using a public key provided by a PKIX certificate (see Section 2.6.1) following the certificate profile of Section 4.¶
This document defines CBOR structure using the Concise Data Definition Language (CDDL) of [RFC8610]. The entire CDDL structure can be extracted from the XML version of this document using the XPath expression:¶
'//sourcecode[@type="cddl"]'¶
The following initial fragment defines the top-level symbols of this document's CDDL, including the ASB data structure with its parameter/result sockets.¶
start = bpsec-cose-asb / external_aad / primary-block / extension-block / MAC_structure / Sig_structure / Enc_structure / COSE_KeySet¶
From the document [RFC9052] the definitions are taken for MAC_structure
, Sig_structure
, Enc_structure
, and COSE_KeySet
.
From the document [RFC9171] the definitions are taken for primary-block
and extension-block
.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document specifies a single security context for use in both BPSec integrity and confidentiality blocks. This is done to save code points allocated to this specification and to simplify the encoding of COSE-in-BPSec; the BPSec block type uniquely defines the acceptable parameters and COSE messages which can be present.¶
The COSE security context SHALL have the Security Context ID specified in Section 7.1.¶
Both types of security block can use the same parameters, defined in Section 2.2, to carry public key-related information and each type of security block allows specific COSE message results, defined in Section 2.3.¶
The scope here refers to the set of information used by the security context to cryptographically bind with the plaintext data being integrity-protected or confidentiality-protected. This information is generically referred to as additional authenticated data (AAD), which is also the term used by COSE to describe the same data.¶
The sources for AAD within the COSE context are described below, controlled by the AAD Scope parameter of Section 2.2.2, and implemented as defined in Section 2.5.1. The purpose of this parameter is similar to the AAD Scope parameter and Integrity Scope parameter of [RFC9173] but expanded to allow including any block in the bundle as AAD.¶
Each COSE context parameter value SHALL consist of the COSE structure indicated by Table 1 in its decoded (CBOR item) form. Each security block SHALL contain no more than one of each parameter type per target block.¶
Parameter ID | Parameter Structure | Reference |
---|---|---|
3 |
additional-protected
|
Section 2.2.1 of this document |
4 |
additional-unprotected
|
Section 2.2.1 of this document |
5 |
AAD-scope
|
Section 2.2.2 of this document |
When a parameter is not present and a default value is defined below, the security acceptor SHALL use that default value to process the target:¶
additional-protected
is ''
(an empty byte string).¶
additional-unprotected
is ''
(an empty byte string).¶
AAD-scope
is {0:0b1,-1:0b1,-2:0b1}
(a map which indicates the AAD contains the metadata of the primary, security, and target blocks).¶
The two parameters Additional Protected and Additional Unprotected allow de-duplicating header items which are common to all COSE results.
Both additional header values contain a CBOR map which is to be merged with each of the result's unprotected headers.
Although the additional header items are all treated as unprotected from the perspective of the COSE message, the additional protected map is included within the external_aad
(see Section 2.5.1).
The expected use of additional header map is to contain a certificate (chain) or identifier (see Section 3.3) which applies to all results in the same security block.¶
Following the same pattern as COSE, when both additional header maps are present in a single security block they SHALL not contain any duplicated labels. Security verifiers and acceptors SHALL treat a pair of additional header maps containing duplicated labels as invalid.¶
No more than one of each Additional Protected and Additional Unprotected parameter SHALL be present in a single security block. Security verifiers and acceptors SHALL treat a security block with multiple instances of either additional header type as invalid. There is no well-defined behavior for a security acceptor to handle multiple Additional Protected parameters.¶
Security sources SHOULD NOT include an additional header parameter which represents an empty map.
Security verifiers and acceptors SHALL handle empty header map parameters, specifically the Additional Protected parameter because it is part of the external_aad
.¶
Security verifiers and acceptors SHALL treat the aggregate of both additional header maps as being present in the unprotected
header map of the highest-layers of the COSE message of each result.
For single-layer messages (i.e., COSE_Encrypt0, COSE_MAC0, and COSE_Sign1) the additional headers apply to the message itself (layer 0) and for other messages the additional headers apply to the final recipients.
If the same header label is present in a additional header map and a COSE layer's headers the item in the result header SHALL take precedence (i.e., the additional header items are added only if they are not already present in a layer's header).¶
Additional header maps SHALL NOT contain any private key material. The security parameters are all stored in the bundle as plaintext and are visible to any bundle handlers.¶
The AAD Scope parameter controls what data is included in the AAD for both integrity and confidentiality operations. The AAD Scope parameter SHALL be encoded as a CBOR map containing keys referencing bundle blocks (as int items) and values representing a collection of bit flags (as uint items) defined in Table 2.¶
All non-negative AAD Scope keys SHALL correspond with block numbers in the bundle containing the AAD Scope parameter. Security verifiers and acceptors SHALL treat any AAD Scope with block numbers not actually present in the containing bundle as invalid. The AAD Scope key -1 SHALL be interpreted as corresponding to the target block of the security operation when the AAD is generated from the AAD Scope parameter. The AAD Scope key -2 SHALL be interpreted as corresponding to the security block which contains the AAD Scope parameter.¶
Bit Position¶ (from LSbit)¶ |
Name | Description |
---|---|---|
0 |
AAD-metadata
|
If bit is set, indicates that the block metadata is included in the AAD. |
1 |
AAD-btsd
|
If bit is set, indicates that the BTSD is included in the AAD. |
Any AAD Scope value bits SHALL NOT all be set to zero, which would represent the lack of presence in the AAD and serves no purpose.
When the map key identifies the primary block (block number zero) the bits SHALL only have AAD-metadata
set, as the primary block has no BTSD.
When the map key identifies the containing security block the bits SHALL only have AAD-metadata
set, as the security block BTSD does not yet exist.
When the map key identifies the target block the bits SHALL only have AAD-metadata
set, as the target block BTSD is already part of the security operation (integrity or confidentiality).
All reserved bits SHALL be set to zero (which will be elided by CBOR encoding) by security sources.
All reserved bits SHALL be ignored by security verifiers and acceptors.¶
A CDDL representation of this definition is included in Figure 3 for reference.¶
The default value for this parameter (in Section 2.2) includes the primary, target, and security block metadata.¶
For the same reasons that security blocks are restricted from overlapping functions by [RFC9172], when a block is included as AAD with the AAD-btsd
flag set that block SHALL NOT be the target of a BCB or other BTSD-altering function.¶
Although each COSE context result is a COSE message, the types of message allowed depend upon the security block type in which the result is present: only MAC or signature messages are allowed in a BIB and only encryption messages are allowed in a BCB.¶
The code points for Result ID values are identical to the existing COSE message-marking tags in Section 2 of [RFC9052]. This avoids the need for value-mapping between code points of the two registries.¶
When embedding COSE messages, the message CBOR structure SHALL be encoded as a byte string used as the result value. This allows a security acceptor to skip over unwanted results without needing to decode the result structure. When embedding COSE messages, the CBOR-tagged form SHALL NOT be used. The Result ID values already provide the same information as the COSE tags (using the same code points).¶
These generic requirements are formalized in the CDDL fragment of Figure 4.¶
When used within a Block Integrity Block, the COSE context SHALL allow only the Result IDs from Table 3. Each integrity result value SHALL consist of the COSE message indicated by Table 3 in its non-tagged encoded form.¶
Result ID | Result Structure | Reference |
---|---|---|
97 | encoded COSE_Mac
|
[RFC9052] |
17 | encoded COSE_Mac0
|
[RFC9052] |
98 | encoded COSE_Sign
|
[RFC9052] |
18 | encoded COSE_Sign1
|
[RFC9052] |
Each integrity result SHALL use the "detached" payload form with null
payload value.
The integrity result for COSE_Mac and COSE_Mac0 messages are computed by the procedure in Section 6.3 of [RFC9052].
The integrity result for COSE_Sign and COSE_Sign1 messages are computed by the procedure in Section 4.4 of [RFC9052].¶
The COSE "protected attributes from the application" used for a signature or MAC result SHALL be the encoded data defined in Section 2.5.1. The COSE payload used for a signature or MAC result SHALL be either the BTSD of the target, if the target is not the primary block, or an empty byte string if the target is the primary block.¶
When used within a Block Confidentiality Block, COSE context SHALL allow only the Result IDs from Table 4. Each confidentiality result value SHALL consist of the COSE message indicated by Table 4 in its non-tagged encoded form.¶
Result ID | Result Structure | Reference |
---|---|---|
96 | encoded COSE_Encrypt
|
[RFC9052] |
16 | encoded COSE_Encrypt0
|
[RFC9052] |
Only algorithms which support Authenticated Encryption with Authenticated Data (AEAD) SHALL be usable in the first (content) layer of a confidentiality result. Because COSE encryption with AEAD appends the authentication tag with the ciphertext, the size of the BTSD will grow after an encryption operation. Security verifiers and acceptors MUST NOT assume that the size of the plaintext is the same as the size of the ciphertext.¶
Each confidentiality result SHALL use the "detached" payload form with null
payload value.
The confidentiality result for COSE_Encrypt and COSE_Encrypt0 messages are computed by the procedure in Section 5.3 of [RFC9052].¶
The COSE "protected attributes from the application" used for an encryption result SHALL be the encoded data defined in Section 2.5.1. The COSE payload used for an encryption result SHALL be the BTSD of the target. Because confidentiality of the primary block is disallowed by BPSec, there is no logic here for handling a BCB with a target on the primary block.¶
This specification does not impose any additional key requirements beyond those already specified for each COSE algorithm required in Section 3.¶
Generating or processing COSE messages for the COSE context follows the profile defined in Section 3 with the "protected attributes from the application" (i.e., the external_aad
item) generated as defined in Section 2.5.1.¶
The AAD contents and encoding defined in this section are used for both integrity and confidentiality messages. The encoding of this AAD is different from AAD of Section 4.7.2 of [RFC9173] and the front items of IPPT of Section 3.7 of [RFC9173] due to support for binding AAD to an arbitrary number of blocks in the same bundle.¶
When used as the external_aad
for COSE operations, the AAD SHALL be encoded in accordance with the core deterministic encoding requirements of Section 4.2.1 of [RFC8949].
The AAD SHALL consist of a CBOR sequence containing the following:¶
For each entry of the AAD Scope map, in ascending block number order followed by the negative sentinel values in descending order, the next items SHALL be one or both of the following:¶
If the map value has the AAD-metadata
flag set, the next item is block metadata taken from either:¶
AAD-btsd
flag set and the map key is not block number zero, the next item is the BTSD of the block identified by the block number in the map key.¶
bstr
, and has a default value of the empty bstr
.¶
A CDDL representation of this data is shown below in Figure 5.¶
When correlating between BPSec target BTSD and COSE plaintext or payload, any byte string SHALL be handled in its decoded (CBOR item) form. This means any CBOR header or tag in a source encoding are ignored for the purposes of security processing. This also means that if the source byte string was encoded in a non-conforming way, for example in indefinite-length form or with a non-minimum-size length, the security processing always treats it in a deterministically encoded CBOR form.¶
This section describes block-level requirements for handling COSE security data.¶
All security results generated for BIB or BCB blocks SHALL conform to the COSE profile of Section 3 with header augmentation as defined in Section 2.2.1.¶
This section explains how the certificate profile of Section 4 is used by a security acceptor to both validate an end-entity certificate and to use that certificate to authenticate the security source for an integrity result. For a confidentiality result, some of the requirements in this section are implicit in an implementation using a private key associated with a certificate used by a result recipient. It is an implementation matter to ensure that a BP agent is configured to generate or receive results associated with valid certificates.¶
A security source MAY prohibit generating a result (either integrity or confidentiality) for an end-entity certificate which is not considered valid according to Section 2.6.1.2. Generating a result which is likely to be discarded is wasteful of bundle size and transport resources.¶
Because of the standard policy of using separate certificates for transport, signing, and encryption (see Section 4.1) a single Node ID is likely to be associated with multiple certificates, and any or all of those certificates MAY be present within an "x5bag" in an Additional Protected parameter (see Section 2.2.1). When present, a security verifier or acceptor SHALL use an "x5chain" or "x5t" to identify an end-entity certificate to use for result processing. Security verifiers and acceptors SHALL NOT assume that a validated certificate containing a NODE-ID matching a security source is enough to associate a certificate with a COSE message or recipient (see Section 3.3).¶
For each end-entity certificate contained in or identified by by a COSE result, the security acceptor SHALL perform the certification path validation of Section 6 of [RFC5280] up to one of the acceptor's trusted CA certificates. When evaluating a certificate Validity period, the security acceptor SHALL use the bundle Creation Timestamp time (if not unknown) as the reference instead of the current time. If enabled by local policy, the entity SHALL perform an OCSP check of each certificate providing OCSP authority information in accordance with [RFC6960]. If certificate validation fails or if security policy disallows a certificate for any reason, the acceptor SHALL treat the associated security result as failed. Leaving out part of the certification chain can cause the entity to fail to validate a certificate if the left-out certificates are unknown to the entity (see Section 6.2).¶
For each end-entity certificate contained in or identified by a COSE context result, the security acceptor SHALL apply security policy to the Key Usage extension (if present) and Extended Key Usage extension (if present) in accordance with Section 4.2.1.12 of [RFC5280] and the profile in Section 4.¶
If required by security policy, for each end-entity certificate referenced by a COSE context integrity result the security acceptor SHALL validate the certificate NODE-ID in accordance with Section 6 of [RFC6125] using the NODE-ID reference identifier from the Security Source of the containing security block. If the NODE-ID validation result is Failure or if the result is Absent and security policy requires an authenticated Node ID, the security acceptor SHALL treat the result as failed.¶
A RECOMMENDED security policy is to enable the use of OCSP checking when internet connectivity is present.
A RECOMMENDED security policy is that if an Extended Key Usage is present that it needs to contain id-kp-bundleSecurity
of [IANA-SMI] to be usable as an end-entity certificate for COSE security results.
A RECOMMENDED security policy is to require a validated Node ID (of Section 2.6.1.3) and to ignore any other identifiers in the end-entity certificate.¶
This policy relies on and informs the certificate requirements in Section 3.3.1 and Section 4. This policy assumes that a DTN-aware CA (see Section 1.2) will only issue a certificate for a Node ID when it has verified that the private key holder actually controls the DTN node; this is needed to avoid the threat identified in Section 6.4. This policy requires that a certificate contain a NODE-ID and allows the certificate to also contain network-level identifiers. A tailored policy on a more controlled network could relax the requirement on Node ID validation and/or Extended Key Usage presence.¶
This section contains requirements which apply to the use of COSE within the BPSec security context defined in this document. Other variations of COSE within BPSec can be used but are not expected to be interoperable or usable by all security verifiers and acceptors.¶
When generating a BPSec result, security sources SHALL use only COSE labels with a uint value. When processing a BPSec result, security verifiers and acceptors MAY handle COSE labels with with a tstr value.¶
When used in a BPSec result, each COSE message SHALL contain an explicit algorithm identifier in the first (content) layers. When available and not implied by the bundle source, a COSE message SHALL contain a key identifier in the last (recipient) layer. See Section 3.3 for specifics about asymmetric key identifiers. When a key identifier is not available, BPSec acceptors SHALL use the Security Source (if available) and the Bundle Source to imply which keys can be used for security operations. Using implied keys has an interoperability risk, see Section 6.5 for details. A BPSec security operation always occurs within the context of the immutable primary block with its parameters (specifically the Source Node ID) and the security block with its optional Security Source.¶
The algorithms required by this profile focuses on networks using shared symmetric-keys, with recommended algorithms for Elliptic Curve (EC) keypairs and RSA keypairs. The focus of this profile is to enable interoperation between security sources and acceptors on an open network, where more explicit COSE parameters make it easier for BPSec acceptors to avoid assumptions and avoid out-of-band parameters. The requirements of this profile still allow the use of potentially not-easily-interoperable algorithms and message/recipient configurations for use by private networks, where message size is more important than explicit COSE parameters.¶
The set of integrity algorithms needed for interoperability is listed here. The full set of COSE algorithms available is managed at [IANA-COSE].¶
Implementations conforming to this specification SHALL support the symmetric keyed and key-encryption algorithms marked as "required" in Table 5. Implementations capable of doing so SHOULD support the asymmetric keyed and key-encryption algorithms marked as "recommended" in Table 5.¶
BPSec Block | COSE Layer | Name | Code | Implementation Requirements |
---|---|---|---|---|
Integrity | 0 | HMAC 256/256 | 5 | Required |
Integrity | 0 | ES256 | -7 | Recommended |
Integrity | 0 | EdDSA | -8 | Recommended |
Integrity | 0 | PS256 | -37 | Recommended |
Confidentiality | 0 | A256GCM | 3 | Required |
Confidentiality | 1 | A256KW | -5 | Required |
Confidentiality | 1 | direct | -6 | Recommended with caveats |
Confidentiality | 1 | ECDH-ES + HKDF-256 | -25 | Recommended |
Confidentiality | 1 | ECDH-SS + HKDF-256 | -27 | Recommended |
Confidentiality | 1 | ECDH-ES + A256KW | -31 | Recommended |
Confidentiality | 1 | ECDH-SS + A256KW | -34 | Recommended |
Confidentiality | 1 | RSAES-OAEP w/ SHA-256 | -41 | Recommended |
The following are recommended key and recipient uses within COSE/BPSec:¶
When generating a BCB result from a symmetric key-encryption key (KEK), implementations SHOULD use a COSE_Encrypt message with a recipient containing an indirect (wrapped or derived) content encryption key (CEK). When a COSE_Encrypt is used with an overall KEK, the recipient layer SHALL include a key identifier for the KEK.¶
When generating a BCB result from a symmetric CEK, implementations SHOULD use COSE_Encrypt0 or COSE_Encrypt with direct CEK. Session CEKs MUST be managed to avoid overuse and the vulnerabilities associated with large amount of ciphertext from the same key.¶
Implementations conforming to this specification SHALL support the hash algorithms SHA-256 (code -16) and SHA-256/64 (code -15) for use with the "x5t" identifier.¶
This section applies when a BIB uses a public key for verification or key-wrap, or when a BCB uses a public key for encryption or key-wrap. When using asymmetric keyed algorithms, the security source SHALL include a public key container or public key identifier as a recipient header. The public key identifier SHALL be either an "x5t" or "x5chain" of [RFC9360], or "kid" of [RFC9052] and possibly "kid context" of [RFC8613], or an equivalent identifier.¶
When BIB result contains a "x5t" identifier, the security source MAY include an appropriate PKIX certificate container ("x5chain" or "x5bag" of [RFC9360]) in a direct COSE header or an additional header security parameter (see Section 2.2.1). When a BIB result contains an "x5chain", the security source SHOULD NOT also include an "x5t" as the first certificate in the chain is implicitly the applicable end-entity certificate. For a BIB, if all potential security verifiers and acceptors are known to possess related public key and/or certificate data then the public key or additional header parameters can be omitted. Risks of not including related data are described in Section 6.5 and Section 6.6.¶
When present, public keys and certificates SHOULD be included as additional header parameters rather than within result COSE messages. This provides size efficiency when multiple security results are present because they will all be from the same security source and likely share the same public key material. Security verifiers and acceptors SHALL still process public keys or certificates present in a result message or recipient as applying to that individual COSE level.¶
Security verifiers and acceptors SHALL aggregate all COSE_Key objects from all parameters within a single BIB or BCB, independent of encoded type or order of parameters. Because each context contains a single set of security parameters which apply to all results in the same context, security verifiers and acceptors SHALL treat all public keys as being related to the security source itself and potentially applying to every result.¶
The RECOMMENDED priority policy for including PKIX material for BIB results is as follows:¶
When PKIX certificates are used by security verifiers and acceptors and the end-entity certificate is not explicitly trusted (i.e. pinned), the security acceptor SHALL perform the certification path validation of Section 2.6.1.2 up to one or more trusted CA certificates. Leaving out part of the certification chain can cause the security acceptor to fail to validate a BIB if the left-out certificates are unknown to the acceptor (see Section 6.6).¶
Any end-entity certificate associated with a BPSec security source SHALL adhere to the profile of Section 4.¶
This section contains requirements on certificates used for the COSE context, while Section 3.3 contains requirements for how such certificates are transported or identified.¶
All end-entity certificates used for BPSec SHALL conform to [RFC5280], or any updates or successors to that profile.¶
This profile requires Version 3 certificates due to the extensions used by this profile. Security verifiers and acceptors SHALL reject as invalid Version 1 and Version 2 end-entity certificates.¶
Security verifiers and acceptors SHALL accept certificates that contain an empty Subject field or contain a Subject without a Common Name. Identity information in end-entity certificates SHALL be contained in the Subject Alternative Name extension in accordance with Section 4.2.1.6 of [RFC5280].¶
A BPSec end-entity certificate SHALL contain a NODE-ID in its Subject Alternative Name extension which authenticates the Node ID of the security source (for integrity) or the security acceptor (for confidentiality). The identifier type NODE-ID is defined in Section 4.4.1 of [RFC9174].¶
All end-entity and CA certificates used for BPSec SHOULD contain both a Subject Key Identifier extension in accordance with Section 4.2.1.2 of [RFC5280] and an Authority Key Identifier extension in accordance with Section 4.2.1.1 of [RFC5280]. Security verifiers and acceptors SHOULD NOT rely on either a Subject Key Identifier and an Authority Key Identifier being present in any received certificate. Including key identifiers simplifies the work of an entity needing to assemble a certification chain.¶
When allowed by CA policy, a BPSec end-entity certificate SHOULD contain a PKIX Extended Key Usage extension in accordance with Section 4.2.1.12 of [RFC5280].
When the PKIX Extended Key Usage extension is present, it SHALL contain a key purpose id-kp-bundleSecurity
of [IANA-SMI].
The id-kp-bundleSecurity
purpose MAY be combined with other purposes in the same certificate.¶
When allowed by CA policy, a BPSec end-entity certificate SHALL contain a PKIX Key Usage extension in accordance with Section 4.2.1.3 of [RFC5280]. The PKIX Key Usage bits which are consistent with COSE security are: digitalSignature, nonRepudiation, keyEncipherment, and keyAgreement. The specific algorithms used by COSE messages in security results determine which of those key uses are exercised. See Section 4.1 for discussion of key use policies across multiple certificates.¶
A BPSec end-entity certificate MAY contain an Online Certificate Status Protocol (OCSP) URI within an Authority Information Access extension in accordance with Section 4.2.2.1 of [RFC5280]. Security verifiers and acceptors are not expected to have continuous internet connectivity sufficient to perform OCSP verification.¶
A RECOMMENDED security policy is to limit asymmetric keys (and thus public key certificates) to single uses among the following:¶
id-kp-serverAuth
or id-kp-clientAuth
.¶
digitalSignature
and/or nonRepudiation
.¶
keyEncipherment
and/or keyAgreement
.¶
This policy is the same one recommended by Section 6 of [RFC8551] for email security and by Section 5.2 of [NIST-SP800-57] more generally. Effectively this means that a BP node uses separate certificates for transport (e.g., as a TCPCL entity), BIB signing (as a security source), and BCB encryption (as a security acceptor).¶
This section is to be removed before publishing as an RFC.¶
[NOTE to the RFC Editor: please remove this section before publication, as well as the reference to [RFC7942], [github-dtn-bpsec-cose], [github-dtn-demo-agent], and [github-dtn-wireshark].]¶
This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in [RFC7942]. The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs. Please note that the listing of any individual implementation here does not imply endorsement by the IETF. Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations can exist.¶
An example implementation of COSE over BPSec blocks has been created as a GitHub project [github-dtn-bpsec-cose] and is intended to use as a proof-of-concept and as a possible source of interoperability testing. This example implementation only handles CBOR encoding/decoding and cryptographic functions, it does not construct actual BIB or BCB and does not integrate with a BP Agent.¶
This section separates security considerations into threat categories based on guidance of BCP 72 [RFC3552].¶
All of the security considerations of the underlying BPSec [RFC9172] apply to these new security contexts.¶
The bundle's primary block contains fields which uniquely identify a bundle: the Source Node ID, Creation Timestamp, and fragment parameters (see Section 4.3.1 of [RFC9171]). These same fields are used to correlate Administrative Records with the bundles for which the records were generated. Including the primary block in the AAD Scope for integrity and confidentiality (see Section 2.2.2) binds the verification of the secured block to its parent bundle and disallows replay of any block with its BIB or BCB.¶
This profile of COSE limits the encryption algorithms to only AEAD in order to include the context of the encrypted data as AAD. If an agent mistakenly allows the use of non-AEAD encryption when decrypting and verifying a BCB, the possibility of block replay attack is present.¶
The profile in Section 2.6.1 uses end-entity certificates chained up to a trusted root CA. A security source can include a certificate set which does not contain the full chain, possibly excluding intermediate or root CAs. In an environment where security verifiers and acceptors are known to already contain needed root and intermediate CAs there is no need to include those CAs, but this has a risk of an acceptor not actually having one of the needed CAs.¶
Even when a security acceptor is operating properly an attacker can attempt to exploit vulnerabilities within certificate check algorithms or configuration to authenticate using an invalid certificate. An invalid certificate exploit could lead to higher-level security issues and/or denial of service to the Node ID being impersonated.¶
There are many reasons, described in [RFC5280] and [RFC6125], why a certificate can fail to validate, including using the certificate outside of its valid time interval, using purposes for which it was not authorized, or using it after it has been revoked by its CA. Validating a certificate is a complex task and can require network connectivity outside of the primary BP convergence layer network path(s) if a mechanism such as OCSP [RFC6960] is used by the CA. The configuration and use of particular certificate validation methods are outside of the scope of this document.¶
When certificates are referenced by BIB results it is possible that the certificate does not contain a NODE-ID or does contain one but has a mismatch with the actual security source (see Section 1.2). Having a CA-validated certificate does not alone guarantee the identity of the security source from which the certificate is provided; additional validation procedures in Section 2.6.1 bind the Node ID based on the contents of the certificate.¶
The profile in Section 3.2 recommends key identifiers when possible and the parameters in section Section 2.2 allow encoding public keys where available. If the application using a COSE Integrity or COSE Confidentiality context leaves out key identification data (in a COSE recipient structure), the security acceptor for those BPSec blocks only has the primary block available to use when verifying or decrypting the target block. This leads to a situation, identified in BPSec Security Considerations, where a signature is verified to be valid but not from the expected Security Source.¶
Because the key identifier headers are unprotected (see Section 3.3), there is still the possibility that an active attacker removes or alters key identifier(s) in the result. This can cause the security acceptor to not be able to properly verify a valid signature or not use the correct private key to decrypt valid ciphertext.¶
The profile in Section 3.2 allows the use of PKIX which typically involves end-entity certificates chained up to a trusted root CA. A BIB can reference or contain end-entity certificates not previously known to a security acceptor but the acceptor can still trust the certificate by verifying it up to a trusted CA. In an environment where security verifiers and acceptors are known to already contain needed root and intermediate CAs there is no need to include those CAs in a proper chain within the security parameters, but this has a risk of an acceptor not actually having one of the needed CAs.¶
Because the security parameters are not included as AAD, there is still the possibility that an active attacker removes or alters certification chain data in the parameters. This can cause the security acceptor to be able to verify a valid signature but not trust the public key used to perform the verification.¶
It is important that the key requirements of Section 2.2 apply only to public keys and PKIX certificates. Including non-public key material in ASB parameters will expose that material in the bundle data and over the bundle convergence layer during transport.¶
Because this use of COSE leaves the specific algorithms chosen for BIB and BCB use up to the applications securing bundle data, it is important to use only COSE algorithms which are marked as "recommended" in the IANA registry [IANA-COSE].¶
Registration procedures referred to in this section are defined in [RFC8126].¶
Within the "Bundle Protocol" registry group [IANA-BUNDLE], the following entry has been added to the "BPSec Security Context Identifiers" registry.¶
Value | Description | Reference |
---|---|---|
3 | COSE | [This specification] |
Within the "Bundle Protocol" registry group [IANA-BUNDLE], the IANA has created and now maintains a new registry named "BPSec COSE AAD Scope Flags". Table 7 shows the initial values for this registry.¶
The registration policy for this registry is Specification Required.¶
The value range is unsigned 8-bit integer.¶
Bit Position¶ (from LSbit)¶ |
Name | Reference |
---|---|---|
0 |
AAD-metadata
|
[This specification] |
1 |
AAD-btsd
|
[This specification] |
2-7 | Reserved | [This specification] |
These examples are intended to have the correct structure of COSE security blocks but in some cases use simplified algorithm parameters or smaller key sizes than are required by the actual COSE profile defined in this documents. Each example indicates how it differs from the actual profile if there is a meaningful difference.¶
All of these examples operate within the context of the bundle primary block of Figure 6 with a security target block of Figure 7. All example figures use the extended diagnostic notation [RFC8610].¶
All of the block integrity block examples operate within the context of the "frame" block of Figure 8, and block confidentiality block examples within the frame block of Figure 9.¶
All of the examples also operate within a security block containing the AAD Scope parameter with only has-primary-ctx
and has-target-ctx
flags set.
This results in a consistent AAD-list
as shown in Figure 10, which is encoded as the byte string for COSE external_aad
in all of the examples.¶
The only differences between these examples which use EC or RSA keypairs and a use of a PKIX public key certificate are: the parameters would have an x5chain parameter instead of a COSE_Key type, and the recipient would contain an "x5t" value instead of a "kid" value. Neither of these is a change to a protected header so, given the same private key, there would be no change to the signature or wrapped-key data.¶
Because each of the encryption examples use the same CEK within the same AAD, the target ciphertext is also identical. The target block after application of the encryption is shown in Figure 11.¶
This is an example of a MAC with recipient having a 256-bit symmetric key identified by a "kid".¶
The external_aad
is the encoded data from Figure 10.
The payload
is the encoded target BTSD from Figure 7.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850b0300005850810100018201662f2f7372632f818205 a2000101018181821158358443a10105a1044a4578616d706c654b6579f658205cf6 6fcdb1ae9514594c8854b30cec67898b12fb19bdb068dcb6e78d5935ae6485010100 00466568656c6c6fff'¶
This is an example of a signature with a recipient having a P-256 curve EC keypair identified by a "kid". The associated public key is included as a security parameter.¶
The external_aad
is the encoded data from Figure 10.
The payload
is the encoded target BTSD from Figure 7.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850b0300005870810100018201662f2f7372632f818205 a2000101018181821258558443a10126a1044a4578616d706c65454332f658405552 647e6fa90156b908a84eddd2f631ed7005147afa1437d792fa5508586c20b5134c46 9ccacc44c4a3c26bef952823d789eb70eeecf4393d8c68182456514c850101000046 6568656c6c6fff'¶
This is an example of a signature with a recipient having a 1024-bit RSA keypair identified by a "kid". The associated public key is included as a security parameter.¶
This key strength is not supposed to be a secure configuration, only intended to explain the procedure. This signature uses a random salt, so the full signature output is not deterministic.¶
The external_aad
is the encoded data from Figure 10.
The payload
is the encoded target BTSD from Figure 7.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850b03000058b1810100018201662f2f7372632f818205 a2000101018181821258968444a1013824a1044a4578616d706c65525341f6588038 aab98a3681ba9d4ac014d1d70509447310e4d2d55ed450c8c0e17e98162dd5325ac0 6d7daa8a7d4c2903c4f4c6e47e707581a45056240a6393294c96845ed5b6ba3b4ff8 ea0bd52ed33e082d0b683d67644de88216cc291ee24aaa84d712dae1e6830bdf1801 7ac3903d418a779be32bc927315fe57ca7da5bad4d95241a4c850101000046656865 6c6c6fff'¶
This is an example of an encryption with a random CEK and an explicit key-encryption key (KEK) identified by a "kid". The keys used are shown in Figure 21.¶
The external_aad
is the encoded data from Figure 10.¶
The ASB item for this encryption operation is shown in Figure 23 and corresponds with the updated target block (containing the ciphertext) of Figure 11.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850c030000586d810100018201662f2f7372632f818205 a200010101818182186058518443a10103a1054c6f3093eba5d85143c3dc484af681 8340a20124044a4578616d706c654b454b5828917f2045e1169502756252bf119a94 cdac6a9d8944245b5a9a26d403a6331159e3d691a708e9984d8501010000561fd25f 64a2ee1152e3e33a3b4ad83d6b368a8949addeff'¶
This is an example of an encryption with an P-256 curve ephemeral sender keypair and a static recipient keypair identified by a "kid". The keys used are shown in Figure 24.¶
The external_aad
is the encoded data from Figure 10.¶
The ASB item for this encryption operation is shown in Figure 26 and corresponds with the updated target block (containing the ciphertext) of Figure 11.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850c03000058ba810100018201662f2f7372632f818205 a2000101018181821860589e8443a10103a1054c6f3093eba5d85143c3dc484af681 8340a301381e044a4578616d706c6545433220a401022001215820fedaba74888205 0d1bef8ba992911898f554450952070aeb4788ca57d1df6bcc225820ceaa8e7ff475 1a4f81c70e98f1713378b0bd82a1414a2f493c1c9c0670f28d625828cb530b03f1e4 b09ec1a0ca19afafbf280284106ab407aaf9bfed6e666c8f2f9ab5465cf11ef02756 8501010000561fd25f64a2ee1152e3e33a3b4ad83d6b368a8949addeff'¶
This is an example of an encryption with a recipient having a 1024-bit RSA keypair identified by a "kid". The associated public key is included as a security parameter.¶
This key strength is not supposed to be a secure configuration, only intended to explain the procedure. This padding scheme uses a random salt, so the full Layer 1 ciphertext output is not deterministic.¶
The external_aad
is the encoded data from Figure 10.¶
The ASB item for this encryption operation is shown in Figure 29 and corresponds with the updated target block (containing the ciphertext) of Figure 11.¶
The final bundle is encoded as the byte string:¶
h'9f880700008201692f2f6473742f7376638201662f2f7372632f8201662f2f7372 632f820018281a000f4240850c03000058c6810100018201662f2f7372632f818205 a200010101818182186058aa8443a10103a1054c6f3093eba5d85143c3dc484af681 8340a2013828044a4578616d706c65525341588008ae2d939e1d16d0be9f2ff6fc51 a7b5c1701359930212f0a3154cacf20d1eadf81896f6cb124457d8ffef207568f105 0a21b3ebc5030fab0cdc202d77ea1dece4cbf6730ce28b98e0090d72d28f45209c6f 3df086a94a9f91fb44795f152d59f70c38eccd5b7463d3e71a340b16b6a0644cf781 f125fce829410d851dda34b38501010000561fd25f64a2ee1152e3e33a3b4ad83d6b 368a8949addeff'¶
The interoperability minimum algorithms and parameters are based on those available in [RFC9173].¶