DID + Trusted Hardware Agents! (yubico,hsm,enclave)

From IIW

DID + Trusted Hardware Agents! (yubico, hsm, enclave)


Tuesday 1J


Convener(s): Orie Steele, Transmute

Notes-taker(s): Heather Vescent & Karyl Fowler


Tags for the session - technology discussed/ideas considered:




Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Trusted Hardware Demo: Did.ai/iiw29


Notes:


Using a Yubikey to sign something using a DID.

Software extractable key – a key that can come off the yubikey

A verified credential that is issued from hardware


Other trusted hardware scenarios:


Very few people are using PGP and DID togethers.


Why. Are you super interested in trusted hardware agents.


Example

Did.btch.1234….

Did doc contains a PGP key (that has to go into the GPG Suite)


On Mac GPG Suite, keys that are associated with your keyring (key import of the PGP key from the DID document.

You can then use signatures from JSON-LD


Use case for trusted hardware key management – in journalism space

Using open PGP technology


Have PGP key of recipient

Encrypted payload (message)

Sign some information, plug in device, pin, signature


Operating systems (tails/linux) binary will be signed with GPG keys.

Connect GPG key to DID and use the


Can the camera hardware have a software/chip that does signing of the chip? Short answer – maybe.


Attestation, FIDO, IETF, EAT and RAT (remote attestation)


There have been recent attacks.

We need new key servers.


Who controls the interface where you manipulate/change the key?

Trusted hardware has usability features, they come at the cost of ultimate control by the user.


Trusted execution environment:


Secure enclave on the mobile device, compromise of one area of the app (where credentials are stored), how does that play with the secure enclave and other keys/credentials in the system.

Can you airgap those sections – yes – but can you trust how that works?


Key compromise in the lab – backdoor firmware updates


Two compromises

  1. Private key is exported
  2. Something goes wrong and escalate privileges


DID method that uses different enclaves

They are all different – they do different things. So it’s hard to discuss their security. Nuances are different - cryptographically elements. Varied capabilities. Trust in the hardware itself is the way we want to solve.


Attacks that need physical access vs ones that don’t.


Embedded keys linked to DID, can we trust the hardware that is attached.

Any sensor that tracks biometrics.

Or barcode/scanner devices. Confidence around the integrity of the systems.


What does it mean to trust the hardware.

Establish it with several signals.


Photo By Karyl Fowler:

IIW29 TU 1J DID + Trusted Hardware Agents! (yubico, hsm, enclave)(1).jpg