Network Working Group Seung Wook Jung Internet Draft Soongsil University Intended status: Standards Track Souhwan Jung Expires: January 11, 2014 Soongsil University July 11, 2013 Private Key Hiding for Transport Layer Security (TLS) draft-jj-tls-private-key-hiding-00.txt Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on January 11, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Jung & Jung Expires January 10, 2014 [Page 1] Internet-Draft Private Key Hiding for TLS July 10, 2013 Abstract This document describes a private key hiding protocol and a joint private key operation protocol for Transport Layer Security (TLS) without needing to modify existing TLS. Table of Contents 1. Introduction ................................................ 3 2. Conventions used in this document............................ 4 3. Private Key Hiding Setup Protocol for TLS .................... 4 3.1. Private Key Hiding Setup Protocol Overview .............. 4 3.2. Private Key Hiding Setup Message ........................ 5 4. Joint Private Key Operation Protocol for TLS ................. 6 4.1. Joint Private Key Operation Protocol Overview ........... 6 4.2. Joint Private Key Operation Message ..................... 7 5. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the RSA [RSA] Key Exchange Algorithm ............... 8 5.1. Private Key Hiding Setup Protocol for the RSA Key Exchange Algorithm ................................................... 9 5.2. Joint Private Key Operation for the RSA Key Exchange Algorithm .................................................. 10 6. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DHE_RSA [TLS] Key Exchange Algorithm .......... 11 6.1. Private Key Hiding Setup Protocol for the DHE_RSA Key Exchange Algorithm ......................................... 11 6.2. Joint Private Key Operation Protocol for the DHE_RSA Key Exchange Algorithm ......................................... 12 7. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DHE_DSS [TLS] Key Exchange Algorithm .......... 13 7.1. Private Key Hiding Setup Protocol for the DHE_DSS Key Exchange Algorithm ......................................... 13 7.2. Joint Private Key Operation Protocol for DHE_DSS Key Exchange Algorithm .................................................. 14 8. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DH_RSA [TLS] and the DH_DSS [TLS] Key Exchange Algorithm ..................................................... 16 8.1. Private Key Hiding Setup Protocol for the DH_RSA and the DH_DSS Key Exchange Algorithm............................... 16 8.2. Joint Private Key Operation Protocol for the DH_RSA and the DH_DSS Key Exchange Algorithm............................... 17 9. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the ECDHE_ECDSA [TLSECC] Key Exchange Algorithm.... 18 9.1. Private Key Hiding Setup Protocol for the ECDHE_ECDSA Key Exchange Algorithm ......................................... 18 Jung & Jung Expires January 10, 2014 [Page 2] Internet-Draft Private Key Hiding for TLS July 10, 2013 9.2. Joint Private Key Operation Protocol for the ECDHE_ECDSA Key Exchange Algorithm ......................................... 19 10. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the ECDH_ECDSA [TLSECC] and the ECDH_RSA [TLSECC] Key Exchange Algorithm ............................................ 21 10.1. Private Key Hiding Setup Protocol for the ECDH_ECDSA and the ECDH_RSA Key Exchange Algorithm............................. 21 10.2. Joint Private Key Operation Protocol for the ECDH_ECDSA and the ECDH_RSA Key Exchange Algorithm ......................... 21 11. Security Considerations.................................... 22 12. IANA Considerations........................................ 22 13. References ................................................ 23 13.1. Normative References.................................. 23 13.2. Informative References................................ 23 14. Acknowledgments ........................................... 23 1. Introduction The most web services, including cloud computing, take advantage of [TLS] for secure communication. In the case of cloud computing, a Service Provider (later called SP) hosted in a Cloud Service Provider (later called CSP) has to store SP's private key for [TLS] in the computer machines of CSP. However, in the case of the public cloud computing model, CSP is a third-party and not trustworthy. Therefore, mechanisms that SP can hide SP's private key from untrustworthy entity (later called UTE), CSP, are required, but the private key operations for [TLS] can be properly conducted without changing TLS protocols. This document describes a private key hiding setup protocol for TLS. The purpose of the private key hiding setup protocol is that SP sends a Piece of Private Key for UTE (PPKU) derived from the private key of SP to UTE. At the end of the private key hiding setup protocol, SP has a Piece of Private Key for SP (PPKS), and UTE has PPKU. It is infeasible that UTE makes the private key from PPKU. This document only considers the non-anonymous key exchanges defined in [TLS]. In addition to the private key hiding setup protocol, a joint private key operation protocol is described in this document. UTE cannot properly conduct private key operations only with his/her secret, PPKU. Therefore, the purpose of the joint private key operation protocol between SP and UTE is that SP and UTE conduct private key operations in a cooperative way for TLS using PPKS and PPKU, respectively. The advantages of using the private key hiding setup protocol and the joint private key operation protocol are: Jung & Jung Expires January 10, 2014 [Page 3] Internet-Draft Private Key Hiding for TLS July 10, 2013 o Security level is higher than traditional TLS from the point of view of key management, because the attack has to subvert both SP and UTE in order to get the private key information. o SP can know when the private key information is used by UTE. The goals of this document are: 1. Security: the secure private key hiding setup protocol and the secure joint private key operation protocol for TLS should be defined, and the private key hiding setup protocol and the joint private key operation protocol should not reduce the security of TLS. 2. Compatibility: the private key hiding setup protocol and the joint private key operation protocol should not require changing TLS handshake protocols. 3. Interoperability: Independent programmers should be able to develop applications utilizing the private key hiding setup protocol and the joint private key operation protocol that can successfully conduct without the knowledge of one another's code. 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]. 3. Private Key Hiding Setup Protocol for TLS 3.1. Private Key Hiding Setup Protocol Overview The overview of the private key hiding setup protocol is depicted in following diagram. UTE SP <-- PrivateKeyHidingSetupRequest PrivateKeyHidingSetupResponse --> Figure 1 At the setup phase, SP generates the keying material, and generates the Piece of Private Key for UTE (later called PPKU) using some secret sharing mechanisms. SP sends a PrivateKeyHidingSetupRequest Jung & Jung Expires January 10, 2014 [Page 4] Internet-Draft Private Key Hiding for TLS July 10, 2013 which includes PPKU to UTE. UTE sends a PrivateKeyHidingSetupResponse to SP after receiving the PrivateKeyHidingSetupRequest. 3.2. Private Key Hiding Setup Message This section shows the structure of messages for the private key hiding setup protocol. The used representation language is the same as that used in [TLS]. These messages will be sent for keying material setup between SP and UTE. enum{ private_key_hiding_setup_request(0), private_key_hiding_setup_response(1) } PrivateKeyHidingSetupType; enum {rsa(0), dss(1), dh(2), ecdsa(3), ecdh(4)} KeyType; struct { PrivateKeyHidingSetupType msg_type; unit8 version; unit24 length; /* bytes in message */ KeyType keyType; select (PrivateKeyHidingSetupType){ case private_key_hiding_setup_request : PrivateKeyHidingSetupRequest; case private_key_hiding_setup_response : SetupResult result; }; } PrivateKeyHidingSetup; A PrivateKeyHidingSetup message with the private_key_hiding_setup_request type means a PrivateKeyHidingSetupRequest and A PrivateKeyHidingSetup message with the private_key_hiding_setup_response type means a PrivateKeyHidingSetupResponse. struct { select (KeyType){ case rsa : RSA_setup; case dss : DSS_setup; case dh : DH_setup; case ecdsa : case ecdh : EC_setup; }; } PrivateKeyHidingSetupRequest; Jung & Jung Expires January 10, 2014 [Page 5] Internet-Draft Private Key Hiding for TLS July 10, 2013 KeyType means a long-term key type such as RSA, DSA [DSS], DH, ECDSA, and ECDH. Each message structure for each key type will be described throughout this document. enum {success(0), fail(1)} SetupResult; SetupResult indicates the success or the failure of the private key hiding setup request message. 4. Joint Private Key Operation Protocol for TLS 4.1. Joint Private Key Operation Protocol Overview The overview of the joint private key operation protocol is depicted in following diagram. Client UTE SP | | | | | | | TLS Client Hello ---->| | | | | | |-->JointPrivateKeyOperationRequest | | | | | |<--JointPrivateKeyOperationResponse | | | | | TLS Finished Message <--| | | | | Figure 2 After a TLS handshake protocol is started by a TLS client hello message, UTE sends a joint private key operation request to SP at some point of the TLS handshaking which depends on the cipher suites of [TLS]. UTE conducts private key operations with PPKU and the result of private key operations with PPKU is inserted into the joint private key operation request message. UTE sends the joint private key operation request message to SP. Upon the private key operation request, SP conducts private key operations, and then inserts the result of private key operation using PPKS into a joint private key operation response. SP sends the joint private key operation response to UTE. Jung & Jung Expires January 10, 2014 [Page 6] Internet-Draft Private Key Hiding for TLS July 10, 2013 After that, UTE and the client send to each other the Finished Message for finishing TLS handshaking. The protocol between the client and UTE is the same as the TLS handshake protocol exactly defined in [TLS] and the client does not know that there exists SP. 4.2. Joint Private Key Operation Message This section shows the structure of messages for the joint private key operation protocol. enum{ private_key_operation_request(0), private_key_operation_response(1) } JointPrivateKeyOperationProtocolType; enum { RSA(0), DHE_RSA(1), DHE_DSS(2), DH_RSA(3), DH_DSS(4), ECDHE_RSA(5), ECDHE_ECDSA(6), ECDH_ECDSA(7), ECDH_RSA(8) } JointPrivateKeyOperationType; struct { JointPrivateKeyOperationProtocolType msg_type; unit8 version; unit24 length; /* bytes in message */ JointPrivateKeyOperationType pko_type; select (JointPrivateKeyOperationProtocolType) { case private_key_operation_request : PreComputedMessage pre_computed_message; case private_key_operation_response : ComputedMessage computed_message; }; } JointPrivateKeyOperation; The JointPrivateKeyOperation message with the private_key_operation_request type means a JointPrivateKeyOperationRequest and the JointPrivateKeyOperation message with the private_key_operation_response type means a JointPrivateKeyOperationResponse. struct { select (JointPrivateKeyOperationType) { case RSA : RSA_pre_computed; case DHE_RSA : DHE_RSA_pre_computed; case DHE_DSS : DHE_DSA_pre_computed; case DH_RSA : Jung & Jung Expires January 10, 2014 [Page 7] Internet-Draft Private Key Hiding for TLS July 10, 2013 case DH_DSS : DH_pre_computed; case ECDHE_RSA : ECDHE_RSA_pre_computed; case ECDHE_ECDSA : ECDHE_ECDSA_pre_computed; case ECDH_ECDSA : case ECDH_RSA: ECDH_pre_computed; }; } PreComputedMessage; The JointPrivateKeyOperationType means key exchange algorithms defined in Section 7.4.2 of [TLS]. UTE sends these messages as request for conducting private key operations to SP. Each message structure for each JointPrivateKeyOperationType will be described throughout this document. struct { select (JointPrivateKeyOperationType) { case RSA : PreMasterSecret; case DHE_RSA : DHE_RSA_computed; case DHE_DSS : DHE_DSA_computed; case DH_RSA : case DH_DSS : DH_computed; case ECDHE_RSA : ECDHE_RSA_computed; case ECDHE_ECDSA : ECDHE_ECDSA_computed; case ECDH_ECDSA : case ECDH_RSA : ECDH_computed; }; } ComputedMessage; After receiving the JointPrivateKeyOperationRequest, SP conducts private key operations and generates a ComputedMessage. SP sends then the ComputedMessage to UTE. 5. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the RSA [RSA] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the RSA key exchange algorithm of which key to be used for encryption. The connection between SP and UTE must be secure such as [TLS]. Jung & Jung Expires January 10, 2014 [Page 8] Internet-Draft Private Key Hiding for TLS July 10, 2013 5.1. Private Key Hiding Setup Protocol for the RSA Key Exchange Algorithm For setup, SP generates RSA private keying material and public keying material as following. p, q : a random or pseudorandom prime number of which bit length is longer than 1024 bits N = p * q e = encryption key d = private key which satisfies e*d = 1 mod (p-1)(q-1) SP then requests a certificate to a trusted Certificate Authority as the part of the X.509 protocol [PKIX]. Upon the certificate, SP selects a random or pseudorandom number (d_1) as a Piece of Private Key for UTE (PPKU). SP computes a Piece of Private Key for SP (PPKS) as following. d_1: a random or pseudorandom number in the interval [1, (p-1)*(q-1)- 1] d = d_1 * d_2 mod (p-1)*(q-1) PPKU: d_1 PPKS: d_2 SP generates a RSA_setup message as following. struct { opaque e<1..2^16-1>; opaque N<1..2^16-1>; opaque d_1<1..2^16-1>; Certificate certificate; } RSA_setup; opaque ASN.1Cert<1..2^24-1>; struct { ASN.1Cert certificate_list<0..2^24-1>; } Certificate; Then, SP sends a PrivateKeyHidingSetup request with the private_key_hiding_setup_request type as the Jung & Jung Expires January 10, 2014 [Page 9] Internet-Draft Private Key Hiding for TLS July 10, 2013 PrivateKeyHidingSetupType and the rsa as the KeyType. UTE sends a PrivateKeyHidingSetup response with the private_key_hiding_setup_response type for the PrivateKeyHidingSetupType and the rsa type as the KeyType. The Certificate message is defined in Section 7.4.2 of [TLS]. UTE stores the RSA_setup securely. SP stores d_2, e, N, and the certificate. SP should securely store d_2. 5.2. Joint Private Key Operation for the RSA Key Exchange Algorithm When UTE received a ClientKeyExchange message in Section 7.4.7.1 of [TLS] which includes a EncryptedPreMasterSecret in Section 7.4.7.1 of [TLS], UTE computes m_1 = (EncryptedPreMasterSecret.pre_master_secret)^d_1 mod N, where d_1 is PPKU. Then, UTE generates a RSA_pre_computed message as following. struct { opaque m_1<1..2^16-1> } RSA_pre_computed; The EncryptedPreMasterSecret message is defined in Section 7.4.7.1 of [TSL] as following. struct { ProtocolVersion client_version; opaque random[46]; } PreMasterSecret; struct { public-key-encrypted PreMasterSecret pre_master_secret; } EncryptedPreMasterSecret; UTE inserts the RSA_pre_computed message into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType and the RSA type as the JointPrivateKeyOperationType. When SP receives the JointPrivateKeyOperation request which includes the RSA_pre_computed message, SP computes a PreMasterSecret = m_1^d_2 mod N, where d_2 is PPKS. SP inserts the PreMasterSecret into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response with the private_key_operation_response type as the Jung & Jung Expires January 10, 2014 [Page 10] Internet-Draft Private Key Hiding for TLS July 10, 2013 JointPrivateKeyOperationProtocolType and the RSA type as the JointPrivateKeyOperationType. The procedure of the joint private key operation protocol for the RSA key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. 2. The client securely generates a random or pseudorandom premaster secret, PreMasterSecret.random. 3. The client generates a ClientKeyExchange message in Section 7.4.3 of [TLS] which includes the EncryptedPreMasterSecret. 4. The client sends the ClientKeyExchange message to UTE. 5. UTE generates a RSA_pre_computed message using d_1. 6. UTE generates a JointPrivateKeyOperation request and send it to SP. 7. SP generates a PreMasterSecret message and generates a JointPrivateKeyOperation response using the PreMasterSecret message. 8. SP sends the JointPrivateKeyOperation response to UTE. 9. UTE sends a ChangeCipherSpec message to the client. This mechanism and protocol may be extended for RSA_PSK defined in [TLSPSK] 6. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DHE_RSA [TLS] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the DHE_RSA key exchange algorithm where DHE represents Ephemeral Diffie-Hellman. RSA is used for signing DHE parameters. The connection between SP and UTE must be secure such as [TLS]. 6.1. Private Key Hiding Setup Protocol for the DHE_RSA Key Exchange Algorithm SP generates RSA private keying material and public keying material as described in Section 4.1. Also, PPKU and PPKS are the same in Section 4.1. The RSA_setup message and the PrivateKeyHidingSetup message also are the same in Section 4.1. Jung & Jung Expires January 10, 2014 [Page 11] Internet-Draft Private Key Hiding for TLS July 10, 2013 6.2. Joint Private Key Operation Protocol for the DHE_RSA Key Exchange Algorithm Before UTE sends a ServerKeyExchange in Section 7.4.3 of [TLS], UTE generates a ServerDHParams in Section 7.4.3 of [TLS]. UTE computes s_1 = H(signed_params)^d_1 mod N, where d_1 is PPKU. Finally UTE generates a DHE_RSA_pre_computed message and inserts the DHE_RSA_pre_computed message into a JointPrivateKeyOperation message. SP sends the JointPrivateKeyOperation with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType, and the DHE_RSA as the JointPrivateKeyOperationType. struct { opaque s_1<1..2^16-1> } DHE_RSA_pre_computed; struct { opaque ClientHello.random; opaque ClientHello.random; ServerDHParams params; } signed_params; struct { opaque dh_p<1..2^16-1>; opaque dh_g<1..2^16-1>; opaque dh_Ys<1..2^16-1>; } ServerDHParams When SP receives the JointPrivateKeyOperation request message, SP computes s = s_1^d_1 mod N and generates a DHE_RSA_computed message. SP inserts the DHE_RSA_computed message into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation message with the private_key_operation_response type as the JointPrivateKeyOperationProtocolType and the DHE_RSA type as the JointPrivateKeyOperationType. struct { opaque s<1..2^16-1> } DHE_RSA_computed; The procedure of the joint private key operation protocol for the DHE_RSA key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. Jung & Jung Expires January 10, 2014 [Page 12] Internet-Draft Private Key Hiding for TLS July 10, 2013 2. UTE generates the ServerDHParams message defined in Section 7.4.3 of [TLS]. 3. UTE generates a DHE_RSA_pre_computed message and insert it into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request message with the private_key_operation_request type and the DHE_RSA type to SP. 4. SP generates a DHE_RSA_computed and inserts it into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response message with the private_key_operation_response type and the DHE_RSA type to UTE. 5. UTE generates a ServerKeyExchange message using the DHE_RSA_computed message. 6. UTE sends the ServerKeyExchange message to the client. The private key hiding setup protocol and the joint private operation protocol may be extended for the ECDHE_RSA defined in [TLSECC]. 7. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DHE_DSS [TLS] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the DHE_DSS key exchange algorithm where DSS stands for digital signature Standard [DSS]. DSA [DSS] is used for signing DHE parameters with the hash algorithm. The connection between SP and UTE is secure such as [TLS]. 7.1. Private Key Hiding Setup Protocol for the DHE_DSS Key Exchange Algorithm For setup, SP generates DSA private keying material and public keying material as following. p: a random or pseudorandom prime number where 2^(L-1) < p < 2^L for 512 <=L<=1024 and L a multiple of 64. q: a prime divisor of (p-1), where 2^159 < q < 2^160. g = h^((p-1)/q) mod p, where h is any integer with 1 < h < (p-1) such that h^((p-1)/q) mod p > 1. x : a random or pseudorandom private key with 0 < x < q. y = g^x mod p. Jung & Jung Expires January 10, 2014 [Page 13] Internet-Draft Private Key Hiding for TLS July 10, 2013 SP then requests a certificate to a trusted Certificate Authority as the part of the X.509 protocol [PKIX]. Upon the certificate, SP generates a Piece of Private Key for UTE (PPKU) and a Piece of Private Key for SP (PPKS) as following. x = x_1 + x_2 mod q, where x_1 is a random or pseudorandom number with x_1 < q PPKU: x_1 PPKS: x_2 SP generates a DSS_setup message as following. struct { opaque x_1<1..2^16-1>; opaque p<1..2^16-1>; opaque q<1..2^16-1>; opaque g<1..2^16-1>; Certificate certificate; } DSS_setup; Then, SP inserts the DSS_setup message into a PrivateKeyHidingSetup request message. SP sends the PrivateKeyHidingSetup request message with the private_key_hiding_setup_request type as the PrivateKeyHidingSetupType and the dss type as KeyType. UTE responses a PrivateKeyHidingSetup response message with the private_key_hiding_setup_response type as the PrivateKeyHidingSetupType and the dss type for the KeyType. SP stores x_2, p, q, g, and the certificate. SP should securely store x_2. UTE securely stores the DSS_setup. 7.2. Joint Private Key Operation Protocol for DHE_DSS Key Exchange Algorithm Before UTE sends the ServerKeyExchange in Section 7.4.3 of [TLS], UTE generates the ServerDHParams in Section 7.4.3 of [TLS]. UTE selects a random or pseudorandom value k in the interval [1, q-1]. Then UTE generates a DHE_DSS_pre_computed as following. struct { opaque s_1<1..2^16-1>; opaque r<1..2^16-1>; opaque k<1..2^16-1>; Jung & Jung Expires January 10, 2014 [Page 14] Internet-Draft Private Key Hiding for TLS July 10, 2013 } DHE_DSS_pre_computed; s_1 = (k^(-1)*(H(signed_params) + x_1*r)) mod q r = (g^k mod p) mod q x_1 is PPKU, H() is a secure one-way hash function, and the signed_params is defined in Section 6.1. Finally, UTE inserts the DHE_DSS_pre_computed into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request message with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType and the DHE_DSS type as the JointPrivateKeyOperationType. When SP receives the JointPrivateKeyOperation request, SP computes s = s_1 + k^(-1) * x_2 * r mod q and generates a DHE_DSS_computed message as following. struct { opaque s<1..2^16-1> } DHE_DSS_computed; SP inserts the DHE_DSS_computed message into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response message with the private_key_operation_response type as the JointPrivateKeyOperationProtocolType and the DHE_DSS type as the JointPrivateKeyOperationType. The procedure of the joint private key operation protocol for the DHE_DSS key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. 2. UTE generates a ServerDHParams message. 3. UTE generates a DHE_DSS_pre_computed using x_1. 4. UTE inserts the DHE_DSS_pre_computed into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request to SP. 5. SP computes s using x_2 and generates a DHE_DSS_computed message. Jung & Jung Expires January 10, 2014 [Page 15] Internet-Draft Private Key Hiding for TLS July 10, 2013 6. SP inserts the DHE_DSS_computed message into a JointPrivateKeyOperation response message and sends the JointPrivateKeyOperation resopnse message to UTE. 7. UTE generates a ServerKeyExchange message using the DHE_DSS_computed message. 8. UTE sends the ServerKeyExchange message to the client. 8. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the DH_RSA [TLS] and the DH_DSS [TLS] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the DH_DSS and the DH_RSA key exchange algorithm. The connection between SP and UTE must be secure such as [TLS]. 8.1. Private Key Hiding Setup Protocol for the DH_RSA and the DH_DSS Key Exchange Algorithm For setup, SP generates Diffie-Hellman private keying material and public keying material as following. dh_p : The prime modulus used for the Diffie-Hellman operation dh_g : The generator used for the Diffie-Hellman operation dh_X : The server's Diffie-Hellman private value dh_Ys : The server's Diffie-Hellman public value (g^dh_X mod p) SP then requests a certificate to a trusted Certificate Authority as the part of the X.509 protocol [PKIX]. Upon the certificate, SP generates a Piece of Private Key for UTE (PPKU) and a Piece of Private Key for SP (PPKS) as following. dh_X = x_1 * x_2 mod p-1, where x_1 is a random or pseudorandom number with x_1 < p-1 and GCD(x_1, p-1) = 1 PPKU: x_1 PPKS: x_2 SP generates a DH_setup message as following. struct { Jung & Jung Expires January 10, 2014 [Page 16] Internet-Draft Private Key Hiding for TLS July 10, 2013 opaque x_1<1..2^16-1>; opaque dh_p<1..2^16-1>; opaque dh_g<1..2^16-1>; Certificate certificate; } DH_setup; SP inserts the DH_setup into a PrivateKeyHidingSetup request message. SP then sends the PrivateKeyHidingSetup request message with the private_key_hiding_setup_request type as the PrivateKeyHidingSetupType and the dh type for KeyType. UTE generates a PrivateKeyHidingSetup response message with the private_key_hiding_setup_response type as the PrivateKeyHidingSetupType and the dh type as the KeyType, and sends it to SP. SP stores x_2, dh_p, dh_g, and the certificate. SP should securely store x_2. UTE securely stores the DH_setup. 8.2. Joint Private Key Operation Protocol for the DH_RSA and the DH_DSS Key Exchange Algorithm After UTE receives a CertificateVerify message in Section 7.4.8 of [TLS], UTE computes k_1 = dh_Yc^x_1 mod p, where x_1 is PPKU. UTE generates a DH_pre_computed message as following. struct { opaque k_1<1..2^16-1>; } DH_pre_computed; UTE inserts the DH_pre_computed message into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request message with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType, and the DH_RSA or the DH_DSS type as the JointPrivateKeyOperationType. When SP receives the JointPrivateKeyOperation request, SP computes k = k_1^x_2 mod p, where x_2 is PPKS. SP generates a DH_computed message as following. struct { opaque k<1..2^16-1> } DH_computed; SP inserts the DH_computed into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response message with the private_key_operation_response type as the Jung & Jung Expires January 10, 2014 [Page 17] Internet-Draft Private Key Hiding for TLS July 10, 2013 JointPrivateKeyOperationProtocolType. Also, the JointPrivateKeyOperation response message is set with the DH_RSA type or the DH_DSS type as the JointPrivateKeyOperationType. The procedure of the joint private key operation protocol for the DH_RSA and the DH_DSS key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. 2. Upon the CertificateVerify message defined in Section 7.4.8 of [TLS], UTE computes a DH_pre_computed message and inserts it into a JointPrivateKeyOperation request message. SP sends the JointPrivateKeyOperation request message to SP. 3. SP generates a DH_computed message and inserts it into a JointPrivateKeyOperation response message. SP sends in the JointPrivateKeyOperation response message to UTE. 4. UTE sends the ChangeCipherSpec message in Section 7.1 of [TLS] to the client. 9. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the ECDHE_ECDSA [TLSECC] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the DHE_ECDSA key exchange algorithm. The connection between SP and UTE must be secure such as [TLS]. 9.1. Private Key Hiding Setup Protocol for the ECDHE_ECDSA Key Exchange Algorithm For setup, SP generates ECDSA private keying material and public keying material as following. d: a random or pseudorandom integer in the interval [1, n-1], where n is the order of the base point G; d is a private key Q = d X G: Q is the public key, where X is the elliptic curve point multiplication by a scalar SP then requests a certificate to a trusted Certificate Authority as the part of the X.509 protocol [PKIX]. Upon the certificate, SP generates a Piece of Private Key for UTE (PPKU) and a Piece of Private Key for SP (PPKS) as following. Jung & Jung Expires January 10, 2014 [Page 18] Internet-Draft Private Key Hiding for TLS July 10, 2013 d = d_1 + d_2 mod n, where d_1 is a random or pseudorandom number in the interval [1, n-1]. PPKU: d_1 PPKS: d_2 SP generates a EC_setup as following. struct{ opaque d_1<1..2^16-1>; ECParameters ecParam; Certificate certificate; } EC_setup; The ECParameters is defiend in Section 5.3 of [TLSECC]. SP inserts the EC_setup into a PrivateKeyHidingSetup request message. SP then sends the PrivateKeyHidingSetup request message with the private_key_hiding_setup_request type as the PrivateKeyHidingSetupType and the ecdsa type as the KeyType. UTE sends a PrivateKeyHidingSetup response message with the private_key_hiding_setup_response type as the PrivateKeyHidingSetupType and the ecdsa type as the KeyType. SP stores d_2, the ECParameters, and the certificate. SP should securely store d_2. UTE stores securely the EC_setup. 9.2. Joint Private Key Operation Protocol for the ECDHE_ECDSA Key Exchange Algorithm Before UTE sends the ServerKeyExchange defined in Section 7.4.3 of [TLS], UTE generates a ServerECDHParams in Section 5.4 of [TLSECC]. UTE selects a random or pseudorandom integer k in the interval [1, n- 1]. Then UTE generates a ECDHE_ECDSA_pre_computed as following. struct { opaque k<1..2^16-1>; opaque r<1..2^16-1>; opaque s_1<1..2^16-1>; } ECDHE_ECDSA_pre_computed; r = x_1 mod n, where (x_1, y_1) = k X G s_1 = k^(-1)*(e + r*d_1) mod n, where e= H(ClientHello.random + serverHello.random + ServerECDHParams), d_1 is PPKU, and H() is a cryptographically secure one-way hash function. Jung & Jung Expires January 10, 2014 [Page 19] Internet-Draft Private Key Hiding for TLS July 10, 2013 UTE inserts the ECDHE_ECDSA_pre_computed into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request message with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType and the ECDHE_ECDSA type as the JointPrivateKeyOperationType. When SP receives the JointPrivateKeyOperation request, SP computes s = s_1 + k^(-1) * d_2 * r mod n and generates a ECDHE_ECDSA_computed message as following. struct { opaque s<1..2^16-1> } ECDHE_ECDSA_computed; SP sends a JointPrivateKeyOperation which includes the ECDHE_ECDSA_computed message with the private_key_operation_response type as the JointPrivateKeyOperationProtocolType, and the ECDHE_ECDSA as the JointPrivateKeyOperationType. The procedure of the joint private key operation protocol for the ECDHE_ECDSA key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. 2. Immediately after UTE sends a Server Certificate message in Section 7.4.2 of [TLS], UTE generates a ECDHE_ECDSA_pre_computed message. 3. UTE inserts the ECDHE_ECDSA_pre_computed message into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation request message to SP. 4. When SP receives the JointPrivateKeyOperation request message, SP generates a ECDHE_ECDSA_computed. 5. SP inserts the ECDHE_ECDSA_computed into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response to UTE. 6. UTE generates a ServerKeyExchange message in Section 4.3 of [TLSECC] using the ECDHE_ECDSA_computed and sends it to the client. Jung & Jung Expires January 10, 2014 [Page 20] Internet-Draft Private Key Hiding for TLS July 10, 2013 10. Private Key Hiding Setup Protocol and Joint Private Key Operation Protocol for the ECDH_ECDSA [TLSECC] and the ECDH_RSA [TLSECC] Key Exchange Algorithm This section describes a private key hiding setup protocol and a joint private key operation protocol for the ECDH_ECDSA and the ECDH_RSA key exchange algorithm. The connection between SP and UTE must be secure such as [TLS]. 10.1. Private Key Hiding Setup Protocol for the ECDH_ECDSA and the ECDH_RSA Key Exchange Algorithm SP generates ECDH private keying material and public keying material as described in Section 8.1. The EC_setup message is the same in Section 8.1 except PPKU and PPKS. d = d_1 * d_2 mod n, where d_1 is a random or pseudorandom number in the interval [1, n-1]. PPKU: d_1 PPKS: d_2 The PrivateKeyHidingSetup request message and the response message are the same as Section 8.1 except the KeyType. The KeyType SHOULD be the ecdh. 10.2. Joint Private Key Operation Protocol for the ECDH_ECDSA and the ECDH_RSA Key Exchange Algorithm After UTE receives a CertificateVerify message in Section 7.4.8 of [TLS], UTE computes (x_1, y_1) = ecdh_Yc X d_1, where ecdh_Yc is the client's public ECDH value. UTE generates a ECDH_pre_computed message as following. struct { opaque x_1<1..2^8-1>; opaque y_1<1..2^8-1>; } ECDH_pre_computed; UTE inserts the ECDH_pre_computed into a JointPrivateKeyOperation request message. UTE sends the JointPrivateKeyOperation with the private_key_operation_request type as the JointPrivateKeyOperationProtocolType. Also, the JointPrivateKeyOperationType should be the ECDH_RSA or the ECDH_ECDSA. Jung & Jung Expires January 10, 2014 [Page 21] Internet-Draft Private Key Hiding for TLS July 10, 2013 When SP receives the JointPrivateKeyOperation request, SP computes (x, y) = (x_1, y_1) X d_2, where d_2 is PPKS. SP generates a ECDH_computed message as following. struct { opaque x<1..2^8-1>; opaque y<1..2^8-1>; } ECDH_computed; SP inserts the ECDH_computed into a JointPrivateKeyOperation response message. SP sends the JointPrivateKeyOperation response with the private_key_operation_response type as the JointPrivateKeyOperationProtocolType and the ECDH_RSA or the ECDH_ECDSA as the JointPrivateKeyOperationType. The procedure of the joint private key operation protocol for the ECDH_ECDSA and the ECDH_RSA key exchange algorithm is as following. 1. A TLS client and UTE start a TLS handshake Protocol. 2. When UTE receives a CertificateVerify message, UTE generates a ECDH_pre_computed message. 3. UTE inserts the ECDH_pre_computed message into a JointPrivateKeyOperation request message. 4. UTE sends the JointPrivateKeyOperation request to SP 5. SP generates a ECDH_computed message and inserts the ECDH_computed message into a JointPrivateKeyOperation response message. 6. SP sends the JointPrivateKeyOperation response to UTE. 7. UTE sends a ChangeCipherSpec message in Section 7.1 of [TLS] to the client 11. Security Considerations Security issues are discussed throughout this memo. The security considerations are related to the security consideration of [TLS] and [TLSECC]. The security considerations in [TLS] and [TLSECC] should be applied properly. 12. IANA Considerations This document includes request to IANA. Jung & Jung Expires January 10, 2014 [Page 22] Internet-Draft Private Key Hiding for TLS July 10, 2013 13. References 13.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [DSS] NIST FIPS PUB 186-2, "Digital Signature Standard", National Institute of Standards and Technology, U.S. Department of Commerce, 2000. [RSA] R. Rivest, A. Shamir, and L. M. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, v. 21, n. 2, Feb 1978, pp. 120- 126. [TLS] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, August 2008. [TLSECC] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B. Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)", RFC 4492, May 2006. 13.2. Informative References [DSS-3] NIST FIPS PUB 186-3, "Digital Signature Standard (DSS)", National Institute of Standards and Technology, U.S. Department of Commerce, June 2009. [PKIX] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3280, April 2002. 14. Acknowledgments Jung & Jung Expires January 10, 2014 [Page 23] Internet-Draft Private Key Hiding for TLS July 10, 2013 Authors' Addresses Seung Wook Jung Soongsil University 511, Sangdo-Dong, Dongjak-Gu Seoul, 156-743, Korea Email: seungwookj@ssu.ac.kr Souhwan Jung Soongsil University 511, Sangdo-Dong, Dongjak-Gu Seoul, 156-743, Korea Email: souhwanj@ssu.ac.kr Jung & Jung Expires January 10, 2014 [Page 24]