Attester Groups for Remote Attestation
draft-labiod-rats-attester-groups-00

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Authors Houda Labiod , Amine Lamouchi , zhang jun , Andrzej Duda , Henk Birkholz
Last updated 2024-07-03
RFC stream (None)
Formats
txt html xml htmlized bibtex bibxml
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
Email authors IPR References Referenced by Nits Search email archive
draft-labiod-rats-attester-groups-00 
RATS Working Group                                             H. Labiod
Internet-Draft                                               A. Lamouchi
Intended status: Informational                                  J. Zhang
Expires: 4 January 2025                              Huawei Technologies
                                                                 A. Duda
                                                            Grenoble INP
                                                             H. Birkholz
                                                          Fraunhofer SIT
                                                             3 July 2024

                 Attester Groups for Remote Attestation
                  draft-labiod-rats-attester-groups-00

Abstract

   This document proposes an extension to the Remote Attestation
   Procedures architecture as defined in [RFC9334] by introducing the
   concept of Attester Groups.  This extension aims to reduce
   computational and communication overhead by enabling collective
   attestation of devices with similar characteristics, thereby
   improving the scalability of attestation processes.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 4 January 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.

Labiod, et al.           Expires 4 January 2025                 [Page 1]
Internet-Draft   Attester Groups for Remote Attestation        July 2024

   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   2
   3.  Attester Group and Comparison to Composite Devices  . . . . .   3
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   3
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   Appendix A.  Implementation Considerations  . . . . . . . . . . .   4
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   4

1.  Introduction

   [RFC9334] defines Attesters as entities comprising at least one
   Attesting Environment and one Target Environment.  It also introduces
   configurations, such as Composite Devices and Layered Attesters.
   However, mechanisms for efficiently managing multiple, independent
   Attesters are missing.  Assessing the trustworthiness of large
   numbers of independent devices individually can result in high
   conveyance and processing overhead.  This comes into effect
   particularly when these devices share identical hardware or firmware
   components, which can lead to redundancy between all individual
   remote attestation procedures.  One example would be a smart factory
   scenario where numerous sensors of the same model monitor different
   parts of the manufacturing process.  These sensors share identical
   hardware and firmware configurations.  This document proposes a model
   by which these separate sensors devices can be grouped into a single
   Attester Group and a shared remote attestation procedure can appraise
   their authenticity collectively rather than individually.  Direct
   Anonymous Attestation (DAA) [I-D.ietf-rats-daa] has a similar concept
   of using one unique ID for one group of attesters, but its goal is to
   mitigate the issue of uniquely (re-)identifiable Attesting
   Environments, while the scalability is the major concern in this
   document.

2.  Terminology

   The following terms are imported from [RFC9334]: Attester, Composite
   Device, Evidence, Layered Attester, Verifier.  Newly defined terms
   for this document: Attester Group: A role performed by a group of
   Attesters whose Evidence must be appraised in order to infer the
   extent to which the individual Attesters comprising the group are
   considered trustworthy.

Labiod, et al.           Expires 4 January 2025                 [Page 2]
Internet-Draft   Attester Groups for Remote Attestation        July 2024

   group-id: A new Attester Identity type (see [I-D.ietf-rats-ar4si]
   section 2.2.1.).  It is a unique identifier assigned to each Attester
   Group, allowing the group to dynamically adjust its membership
   without redefining its fundamental identity.

3.  Attester Group and Comparison to Composite Devices

   An Attester Group is inherently a dynamic entity.  Attesters can join
   or leave the group, in contrast to Composite Devices that have a
   static composition with a pre-defined set of Attesting Environments
   and fixed parameters.  The dynamic nature of an Attester Group allows
   for the flexibility to tailor group parameters, such as the number of
   Lead Attesters in the group (if any), the range of devices included
   in the group, and which or how much Evidence is expected to be
   produced by each groups.  This kind of flexibility facilitates the
   implementation of various group aggregation schemes that can optimize
   the resources required to conduct remote attestation procedures for
   large device groups.  The table below summarizes the key differences
   between the Group Attester concept and the Composite Device concept.

   | Feature      | Composite Device | Attester Group          |
   |--------------|------------------|-------------------------|
   | Evidence     | One evidence     | More granular, e.g.,    |
   | Submission   |per composite     | one evidence            |
   |              |device            | per two members         |
   |-----------------------------------------------------------|
   | Lead Attester| One lead attester|Multiple or no           |
   |              | communicates     |lead attesters (i.e.     |
   |              | with Verifier    |distributed collection)  |
   |-----------------------------------------------------------|
   | Identity     | Identifiable by  | Identified by unique    |
   |              |its lead attester | group-id, independent   |
   |              |                  | of lead attester        |
   |-----------------------------------------------------------|
   | Flexibility  | Static, with     | Dynamic, members can    |
   | & Dynamics   | predefined       | join or leave           |
   |              | members and roles|                         |

4.  IANA Considerations

   This document has no IANA actions.

5.  References

Labiod, et al.           Expires 4 January 2025                 [Page 3]
Internet-Draft   Attester Groups for Remote Attestation        July 2024

   [I-D.ietf-rats-ar4si]
              Voit, E., Birkholz, H., Hardjono, T., Fossati, T., and V.
              Scarlata, "Attestation Results for Secure Interactions",
              Work in Progress, Internet-Draft, draft-ietf-rats-ar4si-
              06, 4 March 2024, <https://datatracker.ietf.org/doc/html/
              draft-ietf-rats-ar4si-06>.

   [I-D.ietf-rats-daa]
              Birkholz, H., Newton, C., Chen, L., and D. Thaler, "Direct
              Anonymous Attestation for the Remote Attestation
              Procedures Architecture", Work in Progress, Internet-
              Draft, draft-ietf-rats-daa-05, 4 March 2024,
              <https://datatracker.ietf.org/doc/html/draft-ietf-rats-
              daa-05>.

   [RFC9334]  Birkholz, H., Thaler, D., Richardson, M., Smith, N., and
              W. Pan, "Remote ATtestation procedureS (RATS)
              Architecture", RFC 9334, DOI 10.17487/RFC9334, January
              2023, <https://www.rfc-editor.org/info/rfc9334>.

Appendix A.  Implementation Considerations

   Details on creating and maintaining Attester Groups, choosing the
   number of Lead Attesters, and methods for evidence collection and
   signing are left to the implementer's discretion, allowing for
   tailored security measures.

Authors' Addresses

   Houda Labiod
   Huawei Technologies France, France

   Amine Lamouchi
   Huawei Technologies France, France

   Jun Zhang
   Huawei Technologies France, France

   Andrzej Duda
   Grenoble INP - Ensimag, LIG Lab, France

   Henk Birkholz
   Fraunhofer SIT

Labiod, et al.           Expires 4 January 2025                 [Page 4]