Re: [Cfrg] Encrypt in place guidance

Björn Haase <bjoern.haase@endress.com> Wed, 01 April 2020 06:49 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 706F63A0DD9 for <cfrg@ietfa.amsl.com>; Tue, 31 Mar 2020 23:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=JJUbvKPF; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=uBW7NlIU
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mDF4hI9bXPTL for <cfrg@ietfa.amsl.com>; Tue, 31 Mar 2020 23:49:23 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0610.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::610]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFF583A0DDA for <cfrg@ietf.org>; Tue, 31 Mar 2020 23:49:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gOSltwBCxHli5NXt6yEeA8xjquxXEnY6MigV2ArjO5o=; b=JJUbvKPFu6oUa+knbJKXNkFus6/x0S6I0JiyZBn93g1SIJpngzHNmYmMcIJxBqX91VTLTVhH5YSRLEJriZ5PhpbsQg3z8M1uK8Gg3saNckRpBPpkl1XgGAR62SMxBH/yKtuQM2WPu5Vnm3pr5pgR9T4EhRjb7fkA5KOhHbyrgpA=
Received: from VI1PR04CA0135.eurprd04.prod.outlook.com (2603:10a6:803:f0::33) by VI1PR05MB5983.eurprd05.prod.outlook.com (2603:10a6:803:df::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.20; Wed, 1 Apr 2020 06:49:16 +0000
Received: from VE1EUR03FT062.eop-EUR03.prod.protection.outlook.com (2603:10a6:803:f0:cafe::16) by VI1PR04CA0135.outlook.office365.com (2603:10a6:803:f0::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.19 via Frontend Transport; Wed, 1 Apr 2020 06:49:16 +0000
Authentication-Results: spf=pass (sender IP is 52.233.195.251) smtp.mailfrom=endress.com; ietf.org; dkim=fail (body hash did not verify) header.d=endress.com;ietf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 52.233.195.251 as permitted sender) receiver=protection.outlook.com; client-ip=52.233.195.251; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (52.233.195.251) by VE1EUR03FT062.mail.protection.outlook.com (10.152.18.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2856.17 via Frontend Transport; Wed, 1 Apr 2020 06:49:16 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Wed, 1 Apr 2020 08:49:15 +0200
Received: from EUR05-AM6-obe.outbound.protection.outlook.com ([104.47.18.104]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Wed, 1 Apr 2020 08:49:14 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cPuljmIWqSQqziENbFufOPhxqWiYmvUXex0sT6cDS0OKKikdCKJjNBdqd0/Jwef6RgMzs5+zGa1Z+BU8m24Z+A1YtVJ+pZUDO79LIVeWGMzy9pTTnIqSzHRgbj6I0uc682bNyN/91LY5HNJv7d0870pEFmosdJq1oYhEwlLgCDWCVAN5Q/TNUFDbXT46777Zn/P/GT74i8NzaWMj/lBYl/IB5TCr9cbfDH01AbHGJts7kI933OARORuoVYpjKILfwSTdZCRJsGPW4QdJYwZP5McbHB4hg3SZYCF7NYl3JZVNmv4U4p9c1BRTUHrUvQe6S4zqlY+S4EyE3K6DnYkMMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vuBLld2nQzGA5UHhwSLO4g4+fbhBsh6k691SGzlsDzg=; b=E2hKAtZiRMIjaP74IJgu7rD0xUXmfz6GIeNWwrhOq4rVVcyqZ3OjIlfP5LPljUp1AiDGFNCUYNOPOEDNSLX6FkeTEO33YnY2yk31X9IEm6XJfBcoKNejBUb2pQU8urORHu0ZIJYd/5KQZE+ShWWTxa8w/NRkot+4+hL6cH+uE1J2bWWC7VqNOCks6PQJJBFiOyQZpP1L4V7O2BcovpXNSw6COkCmB/Rj3iooniI6Uqzxyp2FhGd/rftRoQiwVC0rJKyn/374fmqyyIbNH1zrhcUFrDJbP14D3+bLO7tLafOdiq5ITlpdPTT/SWG9WlwMupK4RXqPUmzzarc8bmlv7g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vuBLld2nQzGA5UHhwSLO4g4+fbhBsh6k691SGzlsDzg=; b=uBW7NlIUR0Jg9zoTR1wIdI6GFee/7wN/dyY60vvL7kiXDKmPlKgWFSjN4qH0X4UTLoZZG5sdjh4FNCzq5uWrfi3Cxgdjfy8NUUkYX6HbF8m6d2cvHFcu0kzVoovS+IdEgFqCzCMQxnBWIUntWDGV6yOSOlHpe73awfR1IK/Fq7A=
Received: from AM0PR05MB4786.eurprd05.prod.outlook.com (52.133.57.143) by AM0PR05MB4484.eurprd05.prod.outlook.com (52.134.124.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.20; Wed, 1 Apr 2020 06:49:14 +0000
Received: from AM0PR05MB4786.eurprd05.prod.outlook.com ([fe80::b16c:5fe0:ad0b:81af]) by AM0PR05MB4786.eurprd05.prod.outlook.com ([fe80::b16c:5fe0:ad0b:81af%3]) with mapi id 15.20.2856.019; Wed, 1 Apr 2020 06:49:14 +0000
From: =?utf-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Robert Moskowitz <rgm-sec@htt-consult.com>, "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Dan Brown <danibrown@blackberry.com>, "cfrg@ietf.org" <cfrg@ietf.org>
Thread-Topic: [Cfrg] Encrypt in place guidance
Thread-Index: AQHWB4p5ybGUApsUzkaNnRONe464GKhjIXEAgAASIACAAAfLAIAABbCAgAAf9ICAAHFLMA==
Content-Class:
Date: Wed, 1 Apr 2020 06:49:14 +0000
Message-ID: <AM0PR05MB478656B70C7F4AB26A6FC57A83C90@AM0PR05MB4786.eurprd05.prod.outlook.com>
References: <83571efb-a32f-6a59-a496-de56716f07da@htt-consult.com> <a16dcbe63aa745e482a3f435aa8e0470@blackberry.com> <f5e4c7a3-e039-ec7d-59b7-0c581d9022e6@htt-consult.com> <9ACD4ECA-CFBF-40DC-8CB8-BB7DAEFBB42D@ll.mit.edu> <d4383234-d452-dad8-52dc-dd35dbecbb8a@htt-consult.com> <95BC6180-32C1-4943-B8BC-FF40E1F6EB10@akamai.com>
In-Reply-To: <95BC6180-32C1-4943-B8BC-FF40E1F6EB10@akamai.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2020-04-01T06:49:12.3357042Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=f7e435a2-772e-4174-8bc3-b3e445b62057; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [178.2.113.20]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 8eb904b3-7009-4c27-469f-08d7d608cbaf
x-ms-traffictypediagnostic: AM0PR05MB4484:|VI1PR05MB5983:
X-Microsoft-Antispam-PRVS: <VI1PR05MB5983ACE4DB458FEB206D129083C90@VI1PR05MB5983.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:10000;
x-forefront-prvs: 03607C04F0
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR05MB4786.eurprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(346002)(39860400002)(136003)(366004)(396003)(376002)(478600001)(8676002)(2906002)(76116006)(8936002)(6506007)(7696005)(86362001)(26005)(55016002)(85182001)(81166006)(81156014)(9686003)(52536014)(110136005)(19627235002)(66476007)(66446008)(66556008)(316002)(33656002)(66946007)(64756008)(186003)(85202003)(4744005)(71200400001)(5660300002); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: bQmWVD5wBWO5ZuxxTbDCA6Gq4HiViGJ3YwFcD2aJ1qBD5OCGOXjCn72ZEwiZ478bVQatGrgdxtazoibr9xxvomKGfshOgXalHiW5SZJjGP/Keo7JtYCFmOxq4fHHIT/6p1Ew21uh/FrS62CJlRuPIpvXT5slaa/D3W/Ch2YKFwXgiX5vZdl2M52c5tox7RnRkl1qxbR6VM+Az2CIO4gnt86tpKTBWoKPSEXHYbi4T8RVufND8LNT8uQE0GLwOtCseiJMRxAgyRb7aa7LhQn192ckIkuwHLhb+ah5rPf1FniY8Wf2iB3vF1va3iN63ueNj78VrHfV2gNSgi8yVzt0X4SjNc1kx6ZxPEqAEwopoHEZM3v5kqn6Hx3ru6yhNdb8OiS1S6rvL6oX6NUYlvpU1noOfJa4roZY9SjUsDAcnXOiU2u4FgehT2l5uet9PIUc
x-ms-exchange-antispam-messagedata: HvJAje61bbqkA+HjuWGKEO9EQGicGTzzx1A40gDHV9QTBUSkfZlC6EwKxcIyIkaVhy2Urrhte7MiIfEOG7j0OujhxBBLxPa8SLrqOQzW6Bep3Fb6KqmuoTfQFgGQ1K8ZQpzNNCTE6KDBZ3YvHAwSKw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR05MB478656B70C7F4AB26A6FC57A83C90AM0PR05MB4786eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR05MB4484
X-OriginalArrivalTime: 01 Apr 2020 06:49:14.0301 (UTC) FILETIME=[A81D3ED0:01D607F1]
X-Trailer: 1
X-GBS-PROC: lZ7WHonaU5Ji36aglYAHe50ucpMg3gHSaB0qms/e5g0=
X-GRP-TAN: IQWE02@06EFCF6EF1DA45448A3EBE8BC6BF698A
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT062.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:52.233.195.251; CTRY:NL; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:iqsuite.endress.com; PTR:InfoDomainNonexistent; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(396003)(39860400002)(376002)(136003)(346002)(46966005)(19627235002)(33656002)(356004)(5660300002)(15974865002)(336012)(70206006)(2906002)(52536014)(81166006)(478600001)(8676002)(7696005)(26005)(8936002)(86362001)(186003)(316002)(82740400003)(81156014)(66574012)(55016002)(47076004)(9686003)(110136005)(6506007)(85182001)(85202003)(70586007)(33964004); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 94c38f4b-39f3-4a34-e04f-08d7d608ca83
X-Forefront-PRVS: 03607C04F0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: GJfex3YeNjS1xCdQ1dlLJAzpYHcZdg79z0DthjvlIaWsCNVWqS2T6w2P3PkRh1t2mKywa9Xv28THnbKUgQM+KC6XPo28bQL0gEElZFhBdjl+BPQCI2H4fcGeqbStl8mkavFbfrn8OwQkNxEDKuUxxBC0ES3j678Wq2nm75r1CC7ElIBWfNAvJXz1na2CA2WpCoyuSv/m8jg1rg4Z6awb4+ILZGk8hdxhrdb5jWONq68TIGb4etkx5FDg5NtOqEourpmUbNux2I/YuthM8BNmMfrC22WLCRRih7BU6B/ulWCO2AUQwW3xYfaFIM2E8Jn4tp6HtAjoiOiUH+0ZzUU4TK0hgYXK5vtZUhUQRxOtu7iEQMHR/ISoy1PTy+VBxDdzhL3jet40rMyHbb4kW5t+LYyVVoZODbXn+tbcV1XdngzAX/+EVaBACSvTd/SD+/HNgB0k3B/PWmAw9iH1qx8yy4kd/DECs0VqsmMBQZCN5pP54uZqkKld/bMNHtqAQYMtqN9lIbvvC6dVwVQjgMO2ZZxTIo3kwMwAZef19lm2m7xDDU+JY/2pHHxHVNZ1EyVXx201of50+ozku0VtQuIA3N5eWGjxL6XPTsFd/2iQaNw=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Apr 2020 06:49:16.0798 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 8eb904b3-7009-4c27-469f-08d7d608cbaf
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[52.233.195.251]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB5983
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Ys8k4ivYLqAbdfeF8LjDC7Sn3HQ>
Subject: Re: [Cfrg] Encrypt in place guidance
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2020 06:49:27 -0000

I fear that you might actually need at least some more bytes of payload in order to get any sound scheme realized.
For preventing replay attacks a 32 bit nonce and a 32 bit authentication tag might have to be considered to form the bare minimum requirement ☹.

We have had a similar problem with the severely size-limited BluetoothLE advertising (broadcast) packets.
One option that we use is segmenting the information by splitting it into several packets. This way reception of two or more separate
packets is needed in order to get the full information.


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 


Senior Expert Electronics | TGREH Electronics Hardware

Endress+Hauser Liquid Analysis

Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 

Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.