imgtool: Support for SHA512 for ED25519 usage #2048
Conversation
de-nordic
requested review from
nvlsianpu,
davidvincze,
d3zd3z and
michalek-no
de-nordic
force-pushed
the
ed25519_single_sha
branch
3 times, most recently
from
332ac85
to
cee234c
Compare
|
Found a problem with signature. The problem is as follows:
|
|
@de-nordic I'm looking into this PR because I would like to have proper Ed25519 usage on one of the projects I'm currently working on. To me PureEdDSA should be favored if possible because of the higher collision resistance it provides compared to HashEdDSA. Wouldn't it be possible to use PureEdDSA by modifying this line: mcuboot/ext/fiat/src/curve25519.c Line 1110 in 52e2afc to something that would gradually read and hash the firmware image from flash memory, similarly to what is currently done by bootutil_img_hash? That would make possible to use PureEdDSA since it wouldn't be necessary anymore to load the entire image to RAM.
|
The PureEdDSA is supposed to be used for signature of entire message at once. Using hash of image as message in PureEdDSA dos not help to improve security.
What we have now is PureEdDSA(sha256(image)), what this PR was supposed to provide PureEdDSA on image and sha512, without introducing new TLV for signature, but it seems that, at this point, I have to do PureEdDSA on sha512, as this allows us, at the cost of lowered collision resistance and security, in respect to proper PureEdDSA, ability to easily support external images for which PureEdDSA may not always be possible; the PureEdDSA on external storage may not be possible if external storage can not be mapped to RAM, where external slot image could be verified at once, or there is not enough memory to just copy the image to RAM and validate it there.
This is not possible. The HashEdDSA has been provided for that purpose. The PureEdDSA is supposed to work on entire message at once. |
de-nordic
changed the title
I have moved back to, as discussed off-line, to doing PureEdDSA on hash of image. |
de-nordic
force-pushed
the
ed25519_single_sha
branch
from
cee234c
to
dd40e1b
Compare
de-nordic
force-pushed
the
ed25519_single_sha
branch
2 times, most recently
from
3d23b73
to
8261a11
Compare
scripts/imgtool/main.py
Outdated
| @@ -401,6 +402,9 @@ def convert(self, value, param, ctx): | |||
| @click.option('--sig-out', metavar='filename', | |||
| help='Path to the file to which signature will be written. ' | |||
| 'The image signature will be encoded as base64 formatted string') | |||
| @click.option('--sha', 'user_sha', type=click.Choice(valid_sha), default='auto', | |||
| help='selected sha algorithm to use; defaults to "auto" which is 256 if ' | |||
| 'no cryptographic sygnature is used, or default for signature type') | |||
scripts/imgtool/image.py
Outdated
| @@ -673,14 +740,17 @@ def verify(imgfile, key): | |||
| prot_tlv_size = tlv_off | |||
| hash_region = b[:prot_tlv_size] | |||
| digest = None | |||
| # Safe bet on sha256, the right one will be identified from TLV | |||
| digest_sha = '256' | |||
There was a problem hiding this comment.
nitpick: digest_sha doesn't seem to be used
de-nordic
force-pushed
the
ed25519_single_sha
branch
from
8261a11
to
0d42481
Compare
Note that there is still missing the ED25519 over sha512 configuration for MCUboot. |
Thanks for the details! The project I'm working on is using mbedTLS, not PSA, so I just had to modify a bit |
So, right here, you've summarized the entirety of the problem I have with EdDSA. The thing is, I have no problem with the algorithm itself, and as far as I can tell it is sound. But it seems to every implementation seems to have been done by someone who has actually never even tried to use it. There is absolutely no reason that an implementation of PureEdDSA would ever need to have the entire image in memory. But, as part of the hash, it does require hashing of the image multiple times, so can't just use a simplistic API. Given that we are basically stuck with the implementations that exist, however, using HashEdDSA seems perfectly fine. HashEdDSA basically reduces the security of EdDSA to the same as ECDSA, and, for that matter, every other signature algorithm. |
There was a problem hiding this comment.
A little bit about the commit text:
- I'd remove the "not a perfect usage". Using EdDSA to sign the hash of the image is perfectly acceptable, even described in the original documentation for the algorithm.
- Change "sing" to "sign", unless perhaps we've become musical in nature.
- I wouldn't really bother saying that larger hashes bring higher collision resistance. Unless we plan on doing something like signing all of the atoms in universe, individually, even SHA256 will never encounter a collision. Larger hashes are generally more about having more information to give to a large signature size.
| } | ||
|
|
||
| def key_and_user_sha_to_alg_and_tlv(key, user_sha): | ||
| """Matches key and user requested sha to sha alogrithm and TLV name. |
There was a problem hiding this comment.
As annoying as PEP8 might be in this case, this should be formatted as:
"""Summary of doc.
Longer description of documentation, not indented more than the triple quotes. Yes
it is weird, but nearly all python code will follow this.
"""
It is also important for the trailing triple quote to be on a line by itself, also indented to be under the open triple quote.
There was a problem hiding this comment.
It is also important for the trailing triple quote to be on a line by itself, also indented to be under the open triple quote.
Thanks, I have read-modify-write Python skill so sorry for no-Python proper behavior.
OK, will fix the comment.
Heh, no.
OK, will fix. Still some of implementations, like PSA ed25519, require sha512 otherwise they refuse to work. |
I think the general idea is to not let anyone feed you whatever they want as something you try to verify signature on. If you have some black-box crypto device you can just feed it message and signature and get verification for it, without pulling hash out of the black box. If you can provide hash, same may be possible for an attacker (?), which means that having valid signature-hash pair is enough to validate any message.
Above would be the reason, although if an implementation would just have callback "give-me-chunk" then that would be enough to pass whatever the implementation wants.
We do not have HashEdDSA, we have SHA256-ED25519-SHA512 or SHA512-ED25519-SHA512, as far as I understand http://ed25519.cr.yp.to/eddsa-20150704.pdf and https://www.rfc-editor.org/rfc/rfc8032.html#page-9 |
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
de-nordic
force-pushed
the
ed25519_single_sha
branch
from
0d42481
to
d1a19d1
Compare
There is no such thing as ED25519-SHA512. ed25519 is by definition built with curve25519-sha512, so what we currently have is SHA256-ED25519. Both primitives have 128 bit equivalent security. Using SHA512-ED25519 is adding a 256 bit equivalent hash in front a of 128 bit curve. If SHA256-ED25519 is unsecure because of the hash size, then SHA256-EC256 is also to be considered unsecure because of the hash size, since curve25519 and secp256r1 provide similar security. |
I think @de-nordic was referring to the notation used in the first paper he cited, i.e. EdDSA for more curves. The standard Ed25519 defined by RFC 8032 is indeed "Ed25519-SHA-512" in the paper. I agree that SHA-256-Ed25519, as done currently by MCUboot, provides a similar level of security as ECDSA with P-256 and SHA-256. So using SHA-256 pre-hashing with Ed25519 seems fine. However, the standard way of doing HashEdDSA with Edwards25519 is defined in RFC 8032 as Ed25519ph and Ed25519ph mandates the use of SHA-512 as the pre-hashing function. As said, I guess using SHA-256 instead is unlikely to cause any trouble, but I also think that staying as close as possible to the standard is a good practice, especially when we are talking about security. |
Good point, I stand corrected. Do you know any ed25519 implementation, in any library/language, that is not built with sha-512 as the hash?
Which section mentions this? Is there a rationale or do they just pick sha-512 because it's already there as the hash? Unrelated point but does mcumgr already support testing an image whose hash is sha-512? |
No. Still on the loop regarding the shaxyz-ed25519-sha512 naming? It is just a designation, and a correct one.
Actually they just state (in http://ed25519.cr.yp.to/eddsa-20150704.pdf) that you can use any hash function as input to the PureEdDSA, which kinda makes sense - it just signs/verifies message, it does not really know what it is. Using what you have is still a good rationale, considering the fact that you only need to bring in implementation of a single hash function; also if there is hardware support there may be sha512 accelerator, because there is ed25519 hardware support, it does not mean you will have other sha implementations - which again means that you have to bring either driver or software support for other sha.
Not yet, but I work on the implementation, with use of the PSA of PureEdDSA and the PureEdDSA(sha512) over image and have been using the imgtool here to generate images for tests. |
de-nordic
changed the title
Sorry for asking. |
No problem. |
de-nordic
changed the title
|
@d3zd3z I have addressed your comments, can you re-review? |
|
LGTM, using #2066 I was able to test the images generated by |
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Upstream PR: mcu-tools/mcuboot#2048 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Upstream PR: mcu-tools/mcuboot#2048 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Upstream PR: mcu-tools/mcuboot#2048 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Upstream PR: mcu-tools/mcuboot#2048 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The adds support for hashing image with SHA512, to allow SHA512-ED25519-SHA512 signature. To support above --sha parameter has been added that can take value: auto, 256, 384, 512 to select sha, where auto brings the default behaviour, or current, behaviour. The sha provided here is tested against key so not all combinations are supported. Upstream PR: mcu-tools/mcuboot#2048 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
imgtool changes to support the SHA512 and proper ED25519 signare.
This PR is alternative to #2029 where new TLV is introduced.
While working on image changes I have decided that it is not needed to provide new TLV for signature, because:
Depends on #1967