Re: [CFRG] RSA PSS Salt Length for HTTP Message Signatures

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 29 May 2021 09:22 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14ABE3A11B0 for <cfrg@ietfa.amsl.com>; Sat, 29 May 2021 02:22:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M8G2Dxh-Jg3q for <cfrg@ietfa.amsl.com>; Sat, 29 May 2021 02:22:06 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [180.189.28.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49C7E3A1182 for <cfrg@irtf.org>; Sat, 29 May 2021 02:22:05 -0700 (PDT)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2235.outbound.protection.outlook.com [104.47.71.235]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-101-osi_4FU3NkSJFdmB0p1gxg-1; Sat, 29 May 2021 19:22:01 +1000
X-MC-Unique: osi_4FU3NkSJFdmB0p1gxg-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SYXPR01MB0765.ausprd01.prod.outlook.com (2603:10c6:0:c::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.20; Sat, 29 May 2021 09:21:56 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7%6]) with mapi id 15.20.4173.027; Sat, 29 May 2021 09:21:54 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Neil Madden <neil.e.madden@gmail.com>
CC: Justin Richer <jricher@mit.edu>, IRTF CFRG <Cfrg@irtf.org>
Thread-Topic: [CFRG] RSA PSS Salt Length for HTTP Message Signatures
Thread-Index: AQHXUnA7SV7QXijvqUOIIFhol5Iw0Kr2Sg6AgAE3ngCAAA/dgIAAINMAgACGDfGAAfinAIAAAb3/
Date: Sat, 29 May 2021 09:21:54 +0000
Message-ID: <SY4PR01MB6251E99DBE130945AB7BCCADEE219@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <SY4PR01MB62518EDBDBF1867BDBC2EAE2EE229@SY4PR01MB6251.ausprd01.prod.outlook.com>, <D9B7C7B1-9677-4E7A-A8CE-D3822B067AEB@gmail.com>
In-Reply-To: <D9B7C7B1-9677-4E7A-A8CE-D3822B067AEB@gmail.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [14.1.76.172]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6b001ce9-9379-4575-6d9b-08d922833383
x-ms-traffictypediagnostic: SYXPR01MB0765:
x-microsoft-antispam-prvs: <SYXPR01MB0765C6582B3EBEFB1B6B7A25EE219@SYXPR01MB0765.ausprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:345
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: OrNz69DEqA6zqEi5ezH6J7zOdfwf42LINRCgehgymqz5zVqzODA5E0aOtNaa5O2olhqP2WbMqecp7ib1hNvZcFX/QhpztJ8XE30fC/dyCVBmIAADaeK/j5POW2WsV1QiM6xPhUeoKQJ/lZFSeG9tzDWbuOPZt2eo0HNAVRYiaTIGNZnyOlbnwRn1zkNEd/GZhkmrS65e1h5GkYmuGzk41pmvIIqUPlEH9fkSAI5y2Es9ukQagtoIubj3+2xLu04qZl6fACTcE/xKIRFn1Z4cIh2mdOv9mvsBl8lDtJn3tCnMIUMisq1kwfhopvsRLFx7iJYUW3Ci/2eGZzA+9oZGkLe0we9BFYSS9ith1XGf5hMBlbMYXybTN+ZKX76bUMDPyHWLK2Ah1IFP2Wfug38WsNXkWRAwDIgm1001ZBhoyG/Vnj4CTiKUdOKRR7RD6VkxgiMIQKnxllvFlit2HkTmGXSx3VJj9+JKYRsSsoPHPh2mMBtIQOiCL1Uca3qdN381iUoZRmEmgv5PCIRXN3hVRQ1M6XGYHNdvybjDXgBbycCpfmWRHsv+o68SEw5ZtgjpjEc1lPNL2mQIgH6chxBcGlV45DTvZdcW6gA2/K3Ednc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(54906003)(7696005)(186003)(76116006)(66476007)(6506007)(66446008)(66556008)(66946007)(64756008)(9686003)(4326008)(558084003)(6916009)(498600001)(55016002)(5660300002)(8936002)(26005)(33656002)(8676002)(52536014)(122000001)(38100700002)(2906002)(71200400001)(86362001); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata: =?iso-8859-1?Q?08Qo4FmUq7bxiSAD3mzSVm5ep8rzdh2MJi9Ymo8nG91Kt0lkhoPk1WzdKa?= =?iso-8859-1?Q?lP7t8Uo1Ma6JscglkkiB3e20WdNfQaJG4StuCmyQLCZPKoRRKmQr5vjrlu?= =?iso-8859-1?Q?Y2mApeVzE7OJknqV09LCxurdyJJr16bDnBQsZELPehAEBZMhZVwnugDYX2?= =?iso-8859-1?Q?f3N5aIG9M8RPqHkp7ONxrLAA8QvzBAcTs6Wfu08IHgqiEboBGG80sP5xIN?= =?iso-8859-1?Q?RjKzPhuCpDRFl3hqfq3AhybFqm/GNA8LbdYWb+U9kH8aJ8bOSAT7XhKWQc?= =?iso-8859-1?Q?HavMYV3LErpaP4Vs6oHU+SBGfpZrcRUCjT+hY8BMcJbOPwMuKS5m61LptH?= =?iso-8859-1?Q?XU6xcaEsrVULhrHNJaVNdbTGRDhkUXe9dB+ZxdrjWd9jO8d0oCVVCDOGt1?= =?iso-8859-1?Q?vCYhK0v14YIGiEmDEcdkjHxvBtOEiUO5V6aWLsI7WhMjUskEIu4HwMNTcQ?= =?iso-8859-1?Q?T49zyiXdhSw8oTE+yNY23/IeK2PBRwowJ4u8lQpXl/8J2wzlTT/+9Kdktr?= =?iso-8859-1?Q?OuvuEnTJzxKmH7Y3Do0XhsSLCjDVt0RqfWquvfK0yZ1NcH90x8TFwOA5g/?= =?iso-8859-1?Q?BFZtAsjLyt1zGhSwCuRjWnvPcZ0Xm6UFlX3KOA66DpHDxwX74A4P7K0IBG?= =?iso-8859-1?Q?rPV+39sYRTWVj/rhAgYOT/drlhK0ymwNYYfSXSWyAZEaxfgEN3ksZ3fIvJ?= =?iso-8859-1?Q?iRLoTILqB5VDkoCeSJAgbf9R4BYYaCFxRLcRfnkeW9Zy8173PNaCdt9MB5?= =?iso-8859-1?Q?Wb+nU4JWDd39Y7HYTHHTsFq2HZgDWKMAUYrMSTx1mIEla31pDET5IjniZl?= =?iso-8859-1?Q?zK0tBGVhJtt6pWw5je1OTv21pXWTV+ujZsT25tQRJPGMe0Jt5GwXSSzNlY?= =?iso-8859-1?Q?2EMAp5ABW1VvwYAi5ljYHgjrdvyVy2sd0fWmb+IKbjM3XaIlwucUYv5Jom?= =?iso-8859-1?Q?qTW3Uu4I9YTNCFtCK6ozHcbghAd6LMhmjEKPJ/bbWPN3Yck6pMm8CBeasd?= =?iso-8859-1?Q?xlkuq5go4veW658uMwtJpjHRYYAa5v3xCOIRoLbH5TegNMdiERDamMB4d/?= =?iso-8859-1?Q?5NOXDfweOwfHIIVFulQiu/+wlW2kNXmsOX/89JczMOHQgTu670MfY886dD?= =?iso-8859-1?Q?5qktTbNdax4SFORnipSHgZ0MrxeHqfnLVsZ7IEBx5M2zuiUJgMUtrC+EY0?= =?iso-8859-1?Q?GSeMb4wnNudmwjhUKuohRiWMQI1oAdIbrTMLhuZUsTXdDqEqMpBxseiZoD?= =?iso-8859-1?Q?/UDeVR8pcHlr8erF2jqW3lWdicHe9ozNn53oxhvm67jZ8hfZRIm9KU6mkI?= =?iso-8859-1?Q?gC/c8T7PFlLdKauqKWjJW+Tir/rgOPtsE+bl7wheQLPRUwA=3D?=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b001ce9-9379-4575-6d9b-08d922833383
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 May 2021 09:21:54.3455 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: iVl/BP4U4BMc7LKfF2YNRDfeO4JX2aiuBUZTwEqkgwBni5mWYUm6ffrvesHCXFcso0qTa97jyGL+AnvSGazjpDW4r1TMKSUFvq6hI+lYsL0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYXPR01MB0765
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/d7stivLpDI1tji_nahb5ucqt31g>
Subject: Re: [CFRG] RSA PSS Salt Length for HTTP Message Signatures
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 May 2021 09:22:09 -0000

Neil Madden <neil.e.madden@gmail.com> writes:

>By this do you mean *constant-time* memcmp? Otherwise that seems something
>quite easy to get wrong.

You're doing a memcmp() on known, public data, there's nothing to leak so no
need for a constant-time memcmp().

Peter.