Closed OYTIS closed 5 years ago
Hi,
Best practice in all current cryptography is to separate key usage. Signing keys should never be used for encryption keys (and vice versa). This is important to get right (including for RSA).
Cheers,
Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic http://sites.google.com/site/highnorthinc mailto: blueroofmusic@gmail.com Jan-April: 579 Park Place Saline, MI 48176 734-944-0094 May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434
On Thu, Sep 27, 2018 at 10:19 AM OYTIS notifications@github.com wrote:
Today Uptane specifies one ECU key that is used to sign ECU manifest and also to send encrypted firmware to ECU. It might work fine for RSA, but e.g. with ED/EC crypthography we normally have ED keys for signatures and a separate pair of EC keys for encryption. It shoud be supported in uptane.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/uptane/uptane-standard/issues/3, or mute the thread https://github.com/notifications/unsubscribe-auth/ATe6O-Xl1htJKnvNGSri4hpIVAe7BE3jks5ufN5mgaJpZM4W8xDK .
Agreed. We'll clarify this case.
On Thu, Sep 27, 2018 at 12:45 PM iramcdonald notifications@github.com wrote:
Hi,
Best practice in all current cryptography is to separate key usage. Signing keys should never be used for encryption keys (and vice versa). This is important to get right (including for RSA).
Cheers,
- Ira
Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic http://sites.google.com/site/highnorthinc mailto: blueroofmusic@gmail.com Jan-April: 579 Park Place Saline, MI 48176 734-944-0094 May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434
On Thu, Sep 27, 2018 at 10:19 AM OYTIS notifications@github.com wrote:
Today Uptane specifies one ECU key that is used to sign ECU manifest and also to send encrypted firmware to ECU. It might work fine for RSA, but e.g. with ED/EC crypthography we normally have ED keys for signatures and a separate pair of EC keys for encryption. It shoud be supported in uptane.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/uptane/uptane-standard/issues/3, or mute the thread < https://github.com/notifications/unsubscribe-auth/ATe6O-Xl1htJKnvNGSri4hpIVAe7BE3jks5ufN5mgaJpZM4W8xDK
.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/uptane/uptane-standard/issues/3#issuecomment-425162967, or mute the thread https://github.com/notifications/unsubscribe-auth/AA0XDxeAI4oZUmVTZ-7Dyb8zpMeWHxa4ks5ufQDGgaJpZM4W8xDK .
@iramcdonald Yes, I totally agree, that's why I created this issue. As far as I understand current Uptane specification (the one in Google docs), it defines just one entity called "ECU Key" for both signatures and encryption. I think it should be changed.
I made a proposed change in section A.2 of the Deployment Considerations just above this bookmark. Let me know if you think this addresses the issue.
I feel this has addressed it. If anyone objects, please reopen and we can discuss.
Today Uptane specifies one ECU key that is used to sign ECU manifest and also to send encrypted firmware to ECU. It might work fine for RSA, but e.g. with ED/EC crypthography we normally have ED keys for signatures and a separate pair of EC keys for encryption. It shoud be supported in uptane.