niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/ops/legacy/ASL-AUTH-HOST v0-1 - Threat Model.md
Carl Niklas Rydberg 74efedf62c Rework ops specs
2026-01-17 09:21:47 +01:00

6 KiB
Raw Blame History

Absolutely. Below is a formal threat model write-up for the system as it now stands. This is not theoretical; it is written to match your exact design choices, maturity level, and operational reality.

Ill keep it structured, explicit, and grounded.

ASL-AUTH-HOST v0.1 — Threat Model

1. Scope and Assumptions

1.1 In Scope

This threat model covers:

  • Offline ASL-AUTH-HOST
  • USB-mediated intake and output
  • PEL execution
  • Receipt (PER) generation and signing
  • Domain admission and rescue bootstrap
  • Published artifact creation

1.2 Explicit Assumptions

  1. Physical access = ultimate trust boundary

    • The attacker may have physical access to USB media.
    • The attacker may not have unsupervised access to the auth host hardware.

  2. Auth host is air-gapped

    • No network interfaces.
    • No radios.
    • No background services.

  3. Offline root keys are uncompromised

    • Root compromise is out of scope (catastrophic).

  4. Operator is present

    • Console interaction is intentional and visible.

2. Assets to Protect

Asset Description
Root authority keys Domain trust anchors
Domain signing keys Used to mint DAMs and receipts
Execution receipts (PERs) Portable truth of execution
Published artifacts Immutable outputs
Domain identity Correct domain binding
Policy hash Guarantees semantic compliance

3. Adversary Model

3.1 Adversary Capabilities

The attacker may:

  • Supply malicious USB content
  • Replay old requests
  • Attempt malformed PEL programs
  • Attempt filesystem abuse via USB
  • Attempt to confuse domain identity
  • Attempt to exfiltrate private artifacts

The attacker cannot:

  • Inject network traffic
  • Modify host binaries (unless physical compromise)
  • Access signing keys without operator approval

4. Trust Boundaries

[ USB ] ────(read-only)────> [ AUTH HOST ]
                                 |
                                 | (PEL execution)
                                 v
                            [ ASL Store ]
                                 |
                                 └──> (write-only) → [ USB RESPONSE ]

Critical principle:

Data flows in one direction per phase, never bidirectional.

5. Threat Analysis (STRIDE-like)

5.1 Spoofing

Threat: Fake domain requests or forged admission.

Mitigations:

  • Manifest + signature verification
  • Policy hash enforcement
  • Offline root verification
  • Domain IDs generated and signed by authority

5.2 Tampering

Threat: USB content modified to alter inputs or outputs.

Mitigations:

  • Intake is read-only

  • Hashes over all inputs

  • Response signature covers:

    • Request manifest hash
    • Receipt hash
    • Published artifact hashes

5.3 Repudiation

Threat: Requester denies what was executed.

Mitigations:

  • Receipt includes:

    • Program hash
    • Input hashes
    • Snapshot ID

  • Receipt signed by authority

  • Deterministic replay possible

5.4 Information Disclosure

Threat: Private data leaks from auth host.

Mitigations:

  • No shell access to arbitrary tools
  • No network
  • Explicit publish rules
  • Unpublished artifacts never leave host
  • Encrypted blocks allowed in public domains

5.5 Denial of Service

Threat: USB floods, huge inputs, malformed PEL.

Mitigations:

  • Operator-mediated execution
  • Explicit size limits in manifest
  • Deterministic PEL subset
  • No automatic execution

5.6 Elevation of Privilege

Threat: PEL program escapes sandbox or invokes host capabilities.

Mitigations:

  • PEL is declarative
  • No exec, no syscalls, no I/O primitives
  • Host enforces operator whitelist of ops
  • Canonical PEL interpreter only

6. Specific High-Risk Scenarios

6.1 Malicious USB with filesystem exploits

Mitigation:

  • Mount read-only
  • No traversal outside /REQUEST
  • No symlink following
  • No execution from USB

6.2 Replay of old admission request

Mitigation:

  • request_id uniqueness
  • Receipt records snapshot
  • Authority tracks processed request IDs

6.3 Confused domain attack

Threat: Attacker attempts to get artifacts bound to wrong domain.

Mitigation:

  • Domain ID assigned by authority
  • Domain binding part of receipt hash
  • No requester-supplied domain ID is trusted

6.4 Side-channel via timing or output size

Mitigation:

  • Coarse-grained execution
  • Deterministic output
  • Optional output padding

(Residual risk acknowledged but acceptable.)

7. What This Model Explicitly Does Not Protect Against

Out of Scope Reason
Physical compromise of host Catastrophic
Malicious operator Social problem
Root key exfiltration Ends trust
Covert EM attacks Beyond scope

8. Security Posture Summary

Strengths:

  • Minimal attack surface
  • Explicit authority boundaries
  • Deterministic execution
  • Portable, signed truth (PER)
  • No ambient trust

Residual risks:

  • Physical compromise
  • Operator error
  • Supply-chain attacks on binaries

9. Alignment With Your Design Philosophy

This system:

  • Treats authority as a press, not a server
  • Treats data as artifacts, not files
  • Treats execution as a receipt, not a side effect
  • Treats trust as explicit and finite

It is hard to misuse, easy to audit, and honest about its limits.

10. Recommended Next Documents (in order)

  1. PEL canonical encoding spec
  2. Receipt canonicalization & hash rules
  3. DAM final schema
  4. Operator checklist (human protocol)
  5. Minimal reference implementation

If you want, next I can write the operator checklist, which is often the missing piece that keeps systems like this safe in practice.

Just say the word.