From: Patrick Oppenlander <patrick.oppenlander@gmail.com>
To: u-boot@lists.denx.de
Subject: Improvements to FIT ciphering
Date: Fri, 31 Jul 2020 08:51:17 +1000 [thread overview]
Message-ID: <CAEg67G=pKip-f7A3Y2uGK0W1RsHhJdqrLOL8_aizhUF2HbEKFw@mail.gmail.com> (raw)
In-Reply-To: <CAEg67Gku3s+cinzOYroAGxk7gv-jeHx74+QKRFGP_E9X00CLnw@mail.gmail.com>
Hi Simon & Philippe,
I've been thinking about this some more and have added a few points
below. I will need feedback before proposing any patches for the
remaining issues.
On Fri, Jul 24, 2020 at 12:06 PM Patrick Oppenlander
<patrick.oppenlander@gmail.com> wrote:
>
> Issue #1
> ========
>
> Currently, mkimage treats the IV in the same manner as the encryption
> key. There is an iv-name-hint property which mkimage uses to read the
> IV from a file in the keys directory. This can then be written to
> u-boot.dtb along with the encryption key.
>
> The problem with that is that u-boot.dtb is baked in at production
> time and is generally not field upgradable. That means that the IV is
> also baked in which is considered bad practice especially when using
> CBC mode (see CBC IV attack). In general it is my understanding that
> you should never use a key+IV twice regardless of cipher or mode.
>
> In my opinion a better solution would have been to write the IV into
> the FIT image instead of iv-name-hint (it's only 16 bytes!), and
> regenerate it (/dev/random?) each and every time the data is ciphered.
>
If U-Boot needs to continue supporting AES-CBC I think the only option
here is to deprecate the "iv-name-hint" property and replace it with
an "iv" property. This should be possible in a backward-compatible
manner.
>
> An even better solution is to use AES-GCM (or something similar) as
> this includes the IV with the ciphertext, simplifying the above, and
> also provides authentication addressing another issue (see below).
>
In my opinion it would be better to deprecate AES-CBC and replace it
with AES-GCM. I can see no advantages to supporting both, and can see
no reason to use AES-CBC over AES-GCM apart from a minor performance
advantage.
> Issue #2
> =======
>
> The current implementation uses encrypt-then-sign. I like this
> approach as it means that the FIT image can be verified outside of
> U-Boot without requiring encryption keys. It is also considered best
> practise.
>
> However, for this to be secure, the details of the cipher need to be
> included in the signature, otherwise an attacker can change the cipher
> or key/iv properties.
>
> I do not believe that properties in the cipher node are currently
> included when signing a FIT configuration including an encrypted
> image. That should be a simple fix. Fixing it for image signatures
> might be a bit more tricky.
I have posted a patch [1] which Philippe has reviewed which includes
the cipher node when signing a configuration.
It looks to be a much more intrusive (and incompatible) change to
include the cipher node in an image signature. Perhaps it would be
better for mkimage to issue a warning or error in this case and
document why it is not recommended?
I don't personally have a use case for signing an image. All of my FIT
images use configuration signatures instead. Is there a common use
case for which this needs to be solved or could we say that signing an
encrypted image is simply not supported?
> Issue #3
> =======
>
> Due to the nature of encrypt-then-sign U-Boot can verify that the
> ciphertext is unmodified, but it has no way of making sure that the
> key used to encrypt the image matches the key in u-boot.fit used for
> decryption. This can result in an attempt to boot gibberish and I
> think it can open up certain attack vectors.
>
> The best way I know of to fix this is to use an authenticated
> encryption mode such as AES-GCM or something similar.
I still think this is the best approach.
Patrick
[1] https://lists.denx.de/pipermail/u-boot/2020-July/421989.html
next prev parent reply other threads:[~2020-07-30 22:51 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-24 2:06 Improvements to FIT ciphering Patrick Oppenlander
2020-07-27 22:49 ` Patrick Oppenlander
2020-07-28 15:28 ` Simon Glass
2020-07-29 13:49 ` Philippe REYNES
2020-07-30 4:30 ` [PATCH] mkimage: fit: include image cipher in configuration signature patrick.oppenlander at gmail.com
2020-07-30 14:59 ` Philippe REYNES
2020-07-30 22:22 ` Patrick Oppenlander
2020-08-08 12:29 ` Tom Rini
2020-07-30 22:51 ` Patrick Oppenlander [this message]
2020-08-07 17:03 ` Improvements to FIT ciphering Philippe REYNES
2020-08-07 23:55 ` Patrick Oppenlander
2020-08-24 15:57 ` Philippe REYNES
2020-08-24 22:37 ` Patrick Oppenlander
2020-09-10 16:08 ` Philippe REYNES
2020-09-10 22:43 ` Patrick Oppenlander
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAEg67G=pKip-f7A3Y2uGK0W1RsHhJdqrLOL8_aizhUF2HbEKFw@mail.gmail.com' \
--to=patrick.oppenlander@gmail.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.