Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve Scoping of Encryption Keys for Trusted Servers #1334

Open
palenica opened this issue Nov 12, 2024 · 0 comments
Open

Improve Scoping of Encryption Keys for Trusted Servers #1334

palenica opened this issue Nov 12, 2024 · 0 comments

Comments

@palenica
Copy link

The Protected Audience API in Chrome sends encrypted data to trusted services such as the Bidding and Auction service and the Trusted Key Value Service. In today's implementation, a set of globally-scoped keys is used to encrypt all traffic.

To reduce the impact of a key compromise, we might consider encrypting traffic to different recipients (TEEs operated by different adtechs) using different keys.

In this proposal, Chrome would encrypt data in a Key-Value Server V2 API request using a key that is specific to the adtech operating the KV server.

Similarly, a ProtectedAudienceInput blob would be encrypted using a key specific to the SSP responsible for running the auction. Each BuyerInput sub-component would be encrypted using a key specific to the corresponding DSP. This way, IG data of a buyer participating in the auction are further protected should a compromise of a seller’s key occur.

Representing recipient identity

It might make sense to associate each HPKE key with the origin at which an instance of a trusted service is hosted. For example, the navigator.getInterestGroupAdAuctionData() method already accepts the origin of the seller and each interest group is associated with the origin of its 'owner'.

Some Open Questions

Is origin an appropriate scope? Should we consider e.g. a site (e.g. eTLD+1) or a URL scope instead?

Can multiple trusted service instances be hosted at the same origin? If yes, can these instances use the same HPKE key?

Example: a trusted key-value server instance is represented by a trustedBiddingSignalsURL attribute of an interestGroup or a trustedScoringSignalsURL attribute of an auctionConfig. This raises the possibility of hosting multiple trusted KV instances at the same origin.

Can an adtech operate trusted service instances at multiple origins? If yes, can each origin still be assigned a separate set of keys?

When provisioning private keys to a TEE instance, how can a Coordinator verify that the TEE instance is indeed associated with a given origin?
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 24, 2025
@brusshamilton
Modify B&A key fetcher code to retain the full key ID
5624b16 
Changes the B&A key fetcher code so that it stores the full key
identifier instead of the first two bytes parsed as a hexadecimal
number. This will be needed to support features like Private Model
Training that include the full key ID as part of the message.

This CL also does some refactoring in order to support per-adtech
keys/origin scoped keys as described in
WICG/turtledove#1334.

NO_IFTTT=Just moving the enums.

Bug: 390160246
Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
Reviewed-by: Orr Bernstein <[email protected]>
Commit-Queue: Russ Hamilton <[email protected]>
Auto-Submit: Russ Hamilton <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1423990}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 24, 2025
Revert "Modify B&A key fetcher code to retain the full key ID"
35bc5ec 
This reverts commit 5624b16.

Reason for revert: Causing many different bots to fail. Ex: https://ci.chromium.org/ui/p/chromium/builders/ci/mac11-arm64-rel-tests/53490/overview

Original change's description:
> Modify B&A key fetcher code to retain the full key ID
>
> Changes the B&A key fetcher code so that it stores the full key
> identifier instead of the first two bytes parsed as a hexadecimal
> number. This will be needed to support features like Private Model
> Training that include the full key ID as part of the message.
>
> This CL also does some refactoring in order to support per-adtech
> keys/origin scoped keys as described in
> WICG/turtledove#1334.
>
> NO_IFTTT=Just moving the enums.
>
> Bug: 390160246
> Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> Reviewed-by: Orr Bernstein <[email protected]>
> Commit-Queue: Russ Hamilton <[email protected]>
> Auto-Submit: Russ Hamilton <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1423990}

Bug: 390160246
Change-Id: I06748eed467ec1f088daca1006ab0d9a552e2fd5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6298475
Bot-Commit: Rubber Stamper <[email protected]>
Commit-Queue: Riley Tatum <[email protected]>
Owners-Override: Riley Tatum <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1424062}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 25, 2025
@brusshamilton
Reland "Modify B&A key fetcher code to retain the full key ID"
9f44fe6 
This is a reland of commit 5624b16

Original change's description:
> Modify B&A key fetcher code to retain the full key ID
>
> Changes the B&A key fetcher code so that it stores the full key
> identifier instead of the first two bytes parsed as a hexadecimal
> number. This will be needed to support features like Private Model
> Training that include the full key ID as part of the message.
>
> This CL also does some refactoring in order to support per-adtech
> keys/origin scoped keys as described in
> WICG/turtledove#1334.
>
> NO_IFTTT=Just moving the enums.
>
> Bug: 390160246
> Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> Reviewed-by: Orr Bernstein <[email protected]>
> Commit-Queue: Russ Hamilton <[email protected]>
> Auto-Submit: Russ Hamilton <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1423990}

Bug: 390160246
Change-Id: I968311418baf9b487654f294f065f893a5b217ac
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299239
Commit-Queue: Russ Hamilton <[email protected]>
Reviewed-by: Orr Bernstein <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1424577}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 25, 2025
Revert "Reland "Modify B&A key fetcher code to retain the full key ID""
b6201cc 
This reverts commit 9f44fe6.

Reason for revert: Suspect to break multiple content_browsertests, e.g. https://ci.chromium.org/ui/p/chromium/builders/ci/mac13-arm64-rel-tests/44103/overview

Original change's description:
> Reland "Modify B&A key fetcher code to retain the full key ID"
>
> This is a reland of commit 5624b16
>
> Original change's description:
> > Modify B&A key fetcher code to retain the full key ID
> >
> > Changes the B&A key fetcher code so that it stores the full key
> > identifier instead of the first two bytes parsed as a hexadecimal
> > number. This will be needed to support features like Private Model
> > Training that include the full key ID as part of the message.
> >
> > This CL also does some refactoring in order to support per-adtech
> > keys/origin scoped keys as described in
> > WICG/turtledove#1334.
> >
> > NO_IFTTT=Just moving the enums.
> >
> > Bug: 390160246
> > Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> > Reviewed-by: Orr Bernstein <[email protected]>
> > Commit-Queue: Russ Hamilton <[email protected]>
> > Auto-Submit: Russ Hamilton <[email protected]>
> > Cr-Commit-Position: refs/heads/main@{#1423990}
>
> Bug: 390160246
> Change-Id: I968311418baf9b487654f294f065f893a5b217ac
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299239
> Commit-Queue: Russ Hamilton <[email protected]>
> Reviewed-by: Orr Bernstein <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1424577}

Bug: 390160246
Change-Id: I72173bb1c576cc7ea6dd49306bfc9ab04273ac8e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6302100
Reviewed-by: Russ Hamilton <[email protected]>
Commit-Queue: Russ Hamilton <[email protected]>
Bot-Commit: Rubber Stamper <[email protected]>
Auto-Submit: Chan Li <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1424661}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 25, 2025
@brusshamilton
Reland "Reland "Modify B&A key fetcher code to retain the full key ID""
61333e4 
This is a reland of commit 9f44fe6

Original change's description:
> Reland "Modify B&A key fetcher code to retain the full key ID"
>
> This is a reland of commit 5624b16
>
> Original change's description:
> > Modify B&A key fetcher code to retain the full key ID
> >
> > Changes the B&A key fetcher code so that it stores the full key
> > identifier instead of the first two bytes parsed as a hexadecimal
> > number. This will be needed to support features like Private Model
> > Training that include the full key ID as part of the message.
> >
> > This CL also does some refactoring in order to support per-adtech
> > keys/origin scoped keys as described in
> > WICG/turtledove#1334.
> >
> > NO_IFTTT=Just moving the enums.
> >
> > Bug: 390160246
> > Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> > Reviewed-by: Orr Bernstein <[email protected]>
> > Commit-Queue: Russ Hamilton <[email protected]>
> > Auto-Submit: Russ Hamilton <[email protected]>
> > Cr-Commit-Position: refs/heads/main@{#1423990}
>
> Bug: 390160246
> Change-Id: I968311418baf9b487654f294f065f893a5b217ac
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299239
> Commit-Queue: Russ Hamilton <[email protected]>
> Reviewed-by: Orr Bernstein <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1424577}

Bug: 390160246
Change-Id: I9f885c1fd667e094dd2cdf17eb21237fda1057e3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6297865
Reviewed-by: Orr Bernstein <[email protected]>
Commit-Queue: Russ Hamilton <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1424802}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 26, 2025
Revert "Reland "Reland "Modify B&A key fetcher code to retain the ful…
a552da9 
…l key ID"""

This reverts commit 61333e4.

Reason for revert: Breaks multiple content_browsertests and content_unittests (see b/399215594) for the failure list.


Original change's description:
> Reland "Reland "Modify B&A key fetcher code to retain the full key ID""
>
> This is a reland of commit 9f44fe6
>
> Original change's description:
> > Reland "Modify B&A key fetcher code to retain the full key ID"
> >
> > This is a reland of commit 5624b16
> >
> > Original change's description:
> > > Modify B&A key fetcher code to retain the full key ID
> > >
> > > Changes the B&A key fetcher code so that it stores the full key
> > > identifier instead of the first two bytes parsed as a hexadecimal
> > > number. This will be needed to support features like Private Model
> > > Training that include the full key ID as part of the message.
> > >
> > > This CL also does some refactoring in order to support per-adtech
> > > keys/origin scoped keys as described in
> > > WICG/turtledove#1334.
> > >
> > > NO_IFTTT=Just moving the enums.
> > >
> > > Bug: 390160246
> > > Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> > > Reviewed-by: Orr Bernstein <[email protected]>
> > > Commit-Queue: Russ Hamilton <[email protected]>
> > > Auto-Submit: Russ Hamilton <[email protected]>
> > > Cr-Commit-Position: refs/heads/main@{#1423990}
> >
> > Bug: 390160246
> > Change-Id: I968311418baf9b487654f294f065f893a5b217ac
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299239
> > Commit-Queue: Russ Hamilton <[email protected]>
> > Reviewed-by: Orr Bernstein <[email protected]>
> > Cr-Commit-Position: refs/heads/main@{#1424577}
>
> Bug: 390160246
> Change-Id: I9f885c1fd667e094dd2cdf17eb21237fda1057e3
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6297865
> Reviewed-by: Orr Bernstein <[email protected]>
> Commit-Queue: Russ Hamilton <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1424802}

Bug: 390160246
Change-Id: Ib3d6644251826caa3e2fca75f5fd50435c1c20d4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6303281
Auto-Submit: Chan Li <[email protected]>
Owners-Override: Chan Li <[email protected]>
Bot-Commit: Rubber Stamper <[email protected]>
Commit-Queue: Rubber Stamper <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1424882}
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 26, 2025
@brusshamilton
Reland "Reland "Reland "Modify B&A key fetcher code to retain the ful…
a85774c 
…l key ID"""

This is a reland of commit 61333e4

Fixes two more places where the logic was incorrect when DCHECKs were disabled.

Original change's description:
> Reland "Reland "Modify B&A key fetcher code to retain the full key ID""
>
> This is a reland of commit 9f44fe6
>
> Original change's description:
> > Reland "Modify B&A key fetcher code to retain the full key ID"
> >
> > This is a reland of commit 5624b16
> >
> > Original change's description:
> > > Modify B&A key fetcher code to retain the full key ID
> > >
> > > Changes the B&A key fetcher code so that it stores the full key
> > > identifier instead of the first two bytes parsed as a hexadecimal
> > > number. This will be needed to support features like Private Model
> > > Training that include the full key ID as part of the message.
> > >
> > > This CL also does some refactoring in order to support per-adtech
> > > keys/origin scoped keys as described in
> > > WICG/turtledove#1334.
> > >
> > > NO_IFTTT=Just moving the enums.
> > >
> > > Bug: 390160246
> > > Change-Id: I62ded0175dbbc559363685ada995c91ef2d9d2dc
> > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265963
> > > Reviewed-by: Orr Bernstein <[email protected]>
> > > Commit-Queue: Russ Hamilton <[email protected]>
> > > Auto-Submit: Russ Hamilton <[email protected]>
> > > Cr-Commit-Position: refs/heads/main@{#1423990}
> >
> > Bug: 390160246
> > Change-Id: I968311418baf9b487654f294f065f893a5b217ac
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299239
> > Commit-Queue: Russ Hamilton <[email protected]>
> > Reviewed-by: Orr Bernstein <[email protected]>
> > Cr-Commit-Position: refs/heads/main@{#1424577}
>
> Bug: 390160246
> Change-Id: I9f885c1fd667e094dd2cdf17eb21237fda1057e3
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6297865
> Reviewed-by: Orr Bernstein <[email protected]>
> Commit-Queue: Russ Hamilton <[email protected]>
> Cr-Commit-Position: refs/heads/main@{#1424802}

Bug: 390160246,399215594
Change-Id: If054e460a0d6991aa5f56bd3d28048fc234b5329
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6305962
Reviewed-by: Orr Bernstein <[email protected]>
Commit-Queue: Russ Hamilton <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1425308}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@palenica