Re: [Cfrg] Call for adoption for draft-wood-cfrg-aead-limits
Martin Thomson <mt@lowentropy.net> Mon, 27 July 2020 04:31 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 321AE3A16A1 for <cfrg@ietfa.amsl.com>; Sun, 26 Jul 2020 21:31:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=ikbF/tNt; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=DEEH6rVO
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sIyXVenhSJ_Z for <cfrg@ietfa.amsl.com>; Sun, 26 Jul 2020 21:31:47 -0700 (PDT)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A51B43A169F for <cfrg@irtf.org>; Sun, 26 Jul 2020 21:31:47 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id DBE335C0084 for <cfrg@irtf.org>; Mon, 27 Jul 2020 00:31:46 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Mon, 27 Jul 2020 00:31:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm2; bh=+OxAf /NxHtxXTRas/Si7t3kPXFqu5rsHdAmZTTIhRf4=; b=ikbF/tNtT65pT4UTFU0Ru hAhZaeSTfW2BONeRgbf1/zvEP0MC5/5MgtFXuTacA9MS58UWinspJMaVi66tmUDN ECJV1dRsbKv+1MWSgtXKFR/QWf3BiEHH4L6/MwB+UCxY6kOtuIf539R7eDe3T7lN kRNSwAMxsiMig/TSp/+xluMTmd3kHxFhyw3hSROnECWAusDlJyWEand3Hzrw1FSO ysMFXYqXYrdoldpGW77T5H7ldx1x/GeZOSgcCYp5wrsBW6EkPrf2gFH+7lCIGR4G W7l/Y5+uTOQSj4/ZWVQb64JB0HFP4PftVruw9dZgMAenpktOwI/EGZLXWeJgM+33 w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=+OxAf/NxHtxXTRas/Si7t3kPXFqu5rsHdAmZTTIhR f4=; b=DEEH6rVOd7M4z7AeWuW39GTCk0Bf7onRf7aA1/r1rWn9BOTdp9Tb6gjp/ ympNY2kjQuRXfhvSkDbPOI3EeFWUJTn06qK4GGNvpABPlqzLJ2nY1OZZCpOVXcD/ Z6Jvw4MxAu0v3ZnrJA/39LfSHpxGdPODNqrB71uCuTFOhp/ane8/ViLUzkmSSa/8 XngyPsYRsgyU1xVO+kl+aJeakVbd1sG193FWGQKLoCEmzp5WpG/Bu1CTGYBtIedK k4mRDfGZCfpextVP0K0XHeP7aUPMdiaovQs0AMNOx4sDfhL0N+99mpOY9/txsgyv 8RS/PS7cXwvU6QcCn8e002xTFtZHg==
X-ME-Sender: <xms:slgeX4us_cVS7mt8slCRVrhwG-yQWskVWtiW7c6-DrjcVcGeKtLs7Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrheelgdefudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgfgsehtqh ertderreejnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeejhfffleehvedufeejfe dvvdfhvdeiteduheeuffduveduueegleefffffledvfeenucffohhmrghinhepghhithhh uhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:slgeX1d1IRi1rkhm9aJfBvaW-CxKIGZE8H4HrhrC5FY0JF85u4GorQ> <xmx:slgeXzx4P-sNBzr9pSbsA2svAa25PhJw5hzqi9GXdNF-mgRP_Ce9uw> <xmx:slgeX7OFP1RwauhcOv9TMWWiceQ-zDGFOcr4CpGYA0kswkw_a6Rapg> <xmx:slgeX6f4xWVCdIUxcrFzxM7dL0SBlJp9FdZ4x2m_uYZLMXs_z9wDNQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 81F77E00A6; Mon, 27 Jul 2020 00:31:46 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-92-g11c785d-fm-20200721.004-g11c785d5
Mime-Version: 1.0
Message-Id: <e2fde94d-5d94-4b9e-8fef-f0d8fc442a54@www.fastmail.com>
In-Reply-To: <932316cb-7df0-b59a-c673-3579f9f4b8df@lounge.org>
References: <CAMr0u6kb1_o_DEuz=xDdkLF4zXARem3_mbwECLhu7E0TzZcwcQ@mail.gmail.com> <CACEhwkSyYAGUQkSy6KPz8tCaYRQsP=KqPFsYH2f+DjWCkG8OCQ@mail.gmail.com> <9faed709-58bd-4720-b132-d5e8256dd49f@www.fastmail.com> <932316cb-7df0-b59a-c673-3579f9f4b8df@lounge.org>
Date: Mon, 27 Jul 2020 14:31:28 +1000
From: Martin Thomson <mt@lowentropy.net>
To: cfrg@irtf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/L7XbFaXYHh0cWxhaL05i0QXLaCY>
Subject: Re: [Cfrg] Call for adoption for draft-wood-cfrg-aead-limits
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jul 2020 04:31:50 -0000
Hi Dan, On Sat, Jul 25, 2020, at 12:46, Dan Harkins wrote: > But as I mentioned on the virtual meeting I'd like to see some > analysis on > the impact that the amount of AAD has on the integrity (and if > applicable, the > encryption) bound. I know this draft is motivated by the use of AEAD > algorithms > with QUIC and TLS where the AAD will be a fraction of the ciphertext, but it > should address other uses of AEAD algorithms that may do things differently. This is good feedback. Counting the AAD alongside the plaintext was a simplification that made sense, but I agree that it isn't always that way. From memory, CCM was one that had clear separation, and that was a factor of 2 difference (because the limits count applications of the block cipher). Generally, I would not concern myself with a mere factor of 2, but the margins on some CCM variants are pretty dismal, so could probably benefit from the extra margin. Chris opened an issue so that we don't forget this feedback: https://github.com/chris-wood/draft-wood-cfrg-aead-limits/issues/16
- [Cfrg] Call for adoption for draft-wood-cfrg-aead… Stanislav V. Smyshlyaev
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Paterson Kenneth
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Salz, Rich
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Dmitry Belyavsky
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Russ Housley
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… David McGrew (mcgrew)
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Loganaden Velvindron
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Mihir Bellare
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Martin Thomson
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Dan Harkins
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Joseph Salowey
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Martin Thomson
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Hal Murray
- Re: [Cfrg] Call for adoption for draft-wood-cfrg-… Stanislav V. Smyshlyaev