Skip to main content

TLS for Secure Element Input Output (TLS-SE-IO)
draft-urien-core-tls-se-io-02

Document Type Active Internet-Draft (individual)
Author Pascal Urien
Last updated 2024-02-25
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-urien-core-tls-se-io-02
CORE Working Group                                           P. Urien 
  Internet Draft                                          Telecom Paris 
  Intended status: Experimental                                         
                                                                        
                                                       February 25 2024 
  Expires: August 2024 
 
                  TLS for Secure Element Input Output (TLS-SE-IO) 
                      draft-urien-core-tls-se-io-02.txt 
    
    
Abstract 
    
   The goal of TLS-SE-IO is to provide virtual IO pins for secure 
   elements running TLS servers, in order to interact with sensors and 
   actuators. TLS-SE device processes TLS packets in secure element. It 
   may work like a black box (server mode) that exchanges fully 
   encrypted packets. It may also export encrypted packet in clear 
   form, in order to provide virtual output pin. Output messages may 
   include cookies and/or cryptographic materials. Virtual input pin 
   forwards input messages, triggered by previous output messages, and 
   sent to TLS-SE device for further processing. 
    
    
Requirements Language 
    
   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
   document are to be interpreted as described in RFC 2119. 
    
Status of this Memo 
    
   This Internet-Draft is submitted in full conformance with the 
   provisions of BCP 78 and BCP 79. 
    
   Internet-Drafts are working documents of the Internet Engineering 
   Task Force (IETF). Note that other groups may also distribute 
   working documents as Internet-Drafts. The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/. 
    
   Internet-Drafts are draft documents valid for a maximum of six 
   months and may be updated, replaced, or obsoleted by other documents 
   at any time. It is inappropriate to use Internet-Drafts as reference 
   material or to cite them other than as "work in progress." 
    
   This Internet-Draft will expire on August 2024. 
    

   Urien                      Expire August 2024              [Page 1] 


Copyright Notice 
    
   Copyright (c) 2024 IETF Trust and the persons identified as the 
   document authors. All rights reserved. 
    
   This document is subject to BCP 78 and the IETF Trust's Legal 
   Provisions Relating to IETF Documents 
   (http://trustee.ietf.org/license-info) in effect on the date of 
   publication of this document. Please review these documents 
   carefully, as they describe your rights and restrictions with 
   respect to this document. Code Components extracted from this 
   document must include Simplified BSD License text as described in 
   Section 4.e of the Trust Legal Provisions and are provided without 
   warranty as described in the Simplified BSD License. 
    
    

   Urien                      Expires August 2024             [page 2] 

 
                                 TLS-SE-IO                February 2024 
 
Table of Contents 
   Abstract........................................................... 1 
   Requirements Language.............................................. 1 
   Status of this Memo................................................ 1 
   Copyright Notice................................................... 2 
   1 Overview......................................................... 4 
   2 TLS-SE-IO........................................................ 4 
   3 TLS-SE-IO Protocol............................................... 5 
      3.1 Output messages............................................. 5 
      3.2 Input message............................................... 6 
   4 Example.......................................................... 6 
   5 Security Considerations.......................................... 8 
   6 IANA Considerations.............................................. 8 
   7 References....................................................... 8 
      7.1 Normative References........................................ 8 
      7.2 Informative References...................................... 9 
   8 Authors' Addresses............................................... 9 
 

   Urien                       Expires August 2024            [Page 3] 

 
                                 TLS-SE-IO                February 2024 
 
1 Overview 
    
   Input output (IO) interfaces are used in the internet of things 
   context (IoT) to manage sensors and actuators. 
    
   Output pin has two binary states, one or zero, and can generate a 
   bit stream, i.e. messages comprising a set of bytes.  
    
   Input pin detects two binary states, one or zero, which can realize 
   a bit stream, i.e. messages comprising a set of bytes. 
    
   Usually input messages are triggered by previous output messages. 
    
   Secure elements, mainly specified by [ISO7816] standards have 
   multiple form factors, such as SIM card, or surface mounted device 
   (SMD). They provide tamper resistant computing resources. According 
   to Common Criteria (CC) standards, their Evaluation Assurance Level 
   ranges between EAL4 to EAL6+, EAL7 being the highest level. 
    
   Nevertheless secure elements have no IO pins, and are not able to 
   physically communicate with sensors and actuators. However they may 
   be connected to processors, with physical IO capacities (i.e. 
   equipped with IO pins) 
    
   This document describes the processing of output and input messages 
   by secure elements that execute TLS server. Output messages are 
   exported from the secure element in clear form; they provide an 
   output byte stream. Input messages are triggered by output messages; 
   a byte stream is forwarded to secure element for further processing. 
    
2 TLS-SE-IO 
    
   The draft [TLS-SE] defines [TLS 1.3] support for secure elements. 
   Two procedures RECV and SEND realize a logical bridge between TLS 
   packets and [ISO7816] messages. 
    
           +-----------+ recv +------------+ RECV +-----------+ 
           |     IP    + ---> |   TCP/IP   | ---> |  TLS 1.3  | 
           |  Network  +------+ Constraint +------+  Secure   | 
           |           | <--- |    Node    | <--- |  Element  | 
           +-----------+ send +------------+ SEND +-----------+ 
                          |                   | 
                   Network Interface    ISO7816 interface 
    
   A processor physically connected to secure element (the secure 
   element processor, SEP) can read TLS packets transparently 
   transported by ISO7816 requests and responses. It also knows if the 
   secure channel is opened, thanks to a dedicated ISO7816 status word 
   (sw-open = 0x9001) 
    
    

   Urien                       Expires August 2024            [Page 4] 

 
                                 TLS-SE-IO                February 2024 
 
    
                 +------------+ TLS-Packet +-----------+ 
                 |            | ---------> |  TLS 1.3  | 
                 | Processor  +------------+  Secure   | 
                 |   (SEP)    | <--------_ |  Element  | 
                 +------------+ TLS-Packet +-----------+ 
                  SE Processor             Secure Element 
    
   TLS-SE provides two classes of service: 
    
   - TLS-SE as server, this is the technological basis for [IOSE] 
   framework. The secure element is a black box providing secure 
   storage and tamper resistant computing resources. 
    
   - TLS-SE as stack. The secure element fully processes TLS session 
   opening, i.e. TLS flights. It provides TLS packets encryption (TLS-
   Encrypt) and decryption (TLS-Decrypt) procedures. 
    
           +------------+                     +------------+ 
           |            +-<----- Output ----<-+-+          | 
           |            |                     | |Decryption| 
           |            +-- Rx-TLS-Packets ->-+-+          | 
           |    SEP     |                     |   TLS-SE   | 
           |            +-<- Tx-TLS-Packets <-+-+          | 
           |            |                     | |Encryption| 
           |            +->------Input ----->-+-+          | 
           +------------+                     +------------+ 
    
   The main idea of TLS-SE-IO is to provide virtual Input/Output (IO) 
   resources (i.e. virtual IO pins) to TLS-SE secure element. 
    
   - Output requests MUST be received in encrypted TLS record messages. 
   Clear messages are returned by secure element. 
    
   - Input messages are triggered by output requests. They MUST be 
   encrypted by the secure element thanks to the SEND procedure 
   described in [TLS-SE] 
    
3 TLS-SE-IO Protocol 
    
   The SEP entity can read incoming and outgoing TLS packets. 
    
   A TLS record packet has a five bytes header in clear form, which 
   comprises 3 fields, type (one byte), version (2 bytes), and length 
   (2 bytes) 
    
3.1 Output messages 
    
   An output message is received in encrypted TLS record packet. It is 
   decrypted within TLS-SE secure element. It MUST contain an attribute 
   ('output-mark') that triggers the output message exportation. 

   Urien                       Expires August 2024            [Page 5] 

 
                                 TLS-SE-IO                February 2024 
 
    
   The TLS-SE secure element produces a TLS packet with the first three 
   bytes (type and version) set to zero, and a length. The payload 
   comprises the data and the TLS type in clear form. 
    
         Type=0x00  Version=0x0000  Length  output-message  TLS-Type 
    
   An output message MAY be encrypted. It MAY also contains cookie to 
   be used in input messages. 
    
   Output messages are processed by SEP device. They contain any kind 
   of information, such as object or data serialization, script, or AT 
   commands for cellular serial modems. 
    
    
3.2 Input message 
    
   Input message is triggered by a previous output message. It MAY be 
   encrypted. It MAY also contains cookie found in a previous output 
   message. 
    
   Input message is sent to the secure element thanks to the procedure 
   RECV(F-Encrypt,input-message), as specified in[TLS-SE]. It MAY 
   trigger a TLS record packet, according to the RECV procedure. 
    
4 Example 
    
   PSK= 
   0102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20 
   DHE= 
   45A4CB06906CD3426E9F8E02FD0EAA39E016729A8F00D08E34B907418723007E 
    
   TLS Reset 
   Tx: 00D8000000 
   Rx: 9000 
    
   RECV(F-First,ClientHello) 
   Tx: 00D80001F0 1603030103010000FF0303 
       749F4A35B3E76B4554517F221F8BD54C 
       C7DD96E9B70A0DBF4652821AD8AF095C 
       0000021304010000D4002D0003020001 
       002B0003020304000D001E001C060305 
       03040302030806080B0805080A080408 
       09060105010401020100330047004500 
       170041047ED91D5E7DC92EBF5D26444B 
       A267299D8D5A89481C121E7691A7D782 
       77668F366DEC65B6B35D707777F523C0 
       05B48CC7165EC151E8D9A28F22B8603B 
       14C11975000A00060004001800170000 
       000D000B0000086B6579312E636F6D00 
       29003A0015000F436C69656E745F6964 

   Urien                       Expires August 2024            [Page 6] 

 
                                 TLS-SE-IO                February 2024 
 
       656E7469747900000000002120F3793B 
       B581E86684 
       9000 
    
   RECV(F-Last,ClientHello)) 
   Tx: 00D8000218 6F72919312AEF766B56275 
       B26573A433A8BD1806A492620F 
   Rx: 6186 
    
   SEND(ServerHello) 
   Tx: 00C0000086 
   Rx: 1603030081 0200007D03030BBDF53C07 
       596AACAF7724DB911E11C92F418ED96C 
       008451A49E7AE08230B3D10013040000 
       55002900020000003300450017004104 
       07A637DCCBF63DE1A6EFB59ADDB796FE 
       BC9106A96379081BC3547FB42C7982B7 
       A8FA04A0F7E3F1784A1A0086CBCC03BE 
       F8FDE7526EED3DB4F85DAF5BD26443E2 
       002B00020304 
       9F1C 
    
   SEND(ServerEncryptedExtension) 
   Tx: 00C000001C 
   Rx: 1703030017CD418DE7D2E6E8F393A5AC 
       B0E4E2C06BFA0B0631C59A26 
       9F3A 
    
   SEND(ServerFinished) 
   Tx: 00C000003A 
   Rx: 17030300350F106E7DB08E7CCB69644D 
       7E0F9CB39FB2B5A0AC0D36FA462A9E40 
       0517A548E7F9E07191ECC1F869671E3B 
       1F1B39D9A38E09EE6DE8 
       9000 
    
   RECV(F-First||F-Last, ClientFinished) 
   Tx: 00D800033A 1703030035C407E727ACBC 
       7CE96EB6A81391FF8F8546976430B8F8 
       65A1C8A41F279B7B4A72934A0225021B 
       A4001793EBFFC2167FAE250A5B69A8 
   Rx: 9001 
    
   TLS Secure Channel is open 
    
   Encrypted opaque message 
    
   RECV(F-First||F-Last, TLS-Record-Message) 
   Tx: 00D800031F170303001AE4EBF10433EB 
       78B4454D7ACE9EBBCB74455F232EC1A6 
       A6D046B5 

   Urien                       Expires August 2024            [Page 7] 

 
                                 TLS-SE-IO                February 2024 
 
   Rx: 611C 
    
    
   Encrypted opaque response 
   SEND(TLS-Record-Message) 
   Tx: 00C000001C 
   Rx: 1703030017215C9D0932B76BBCD439C4 
       5D5FEDC4C4A4253A3EC736E7 
       9000 
    
   Encrypted output message 
   RECV(F-First||F-Last, TLS-Record-Message) 
   Tx: 00D800031D 1703030018AEBBB88F858C 
       C8325E85C75FF1C95FEFA2F5D3BBD1D3 
       C86B 
   Rx: 610D 
    
   Output message in clear form (value=#tempCrLf, Type=0x17) 
   Character '#' is the output mark 
   Tx: 00C000000D 
   Rx: 0000000008 2374656D700D0A 17 
       9000 
    
   An input message is triggered by the output message 
   Input message in clear form 
   RECV(F-Encrypt||F-First||F-Last, InputMessage=18.81CrLf, Type=0x17) 
   Tx: 00D8020308 31382E38310D0A 17 
   Encrypted TLS record packet 
   Rx: 611D 
   Tx: 00C000001D 
   Rx: 1703030018C14E29429EA6F071D13FB8 
       8653C7ABE7315423E9D1A2B58B 
       9000 
    
5 Security Considerations 
    
   This entire document is about security. 
    
6 IANA Considerations 
    
   This draft does not require any action from IANA. 
    
7 References 
    
7.1 Normative References 
    
   [TLS 1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol 
   Version 1.3", RFC 8446, August 2018. 
    

   Urien                       Expires August 2024            [Page 8] 

 
                                 TLS-SE-IO                February 2024 
 
   [ISO7816] ISO 7816, "Cards Identification - Integrated Circuit Cards 
   with Contacts", The International Organization for Standardization 
   (ISO). 
    
7.2 Informative References 
    
   [TLS-SE] IETF Draft, "Secure Element for TLS Version 1.3", draft-
   urien-tls-se-07.txt, 2024 
    
   [IOSE] IETF Draft, "Internet of Secure Elements", draft-urien-
   coinrg-iose-07.txt, 2023 
    
8 Authors' Addresses 
    
   Pascal Urien 
   Telecom Paris 
   19 place Marguerite Perey 
   91120 Palaiseau           Phone: NA 
   France                    Email: Pascal.Urien@telecom-paris.fr 

   Urien                       Expires August 2024            [Page 9]