Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits-01
John Mattsson <john.mattsson@ericsson.com> Tue, 17 November 2020 09:03 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB2B13A0A4F for <cfrg@ietfa.amsl.com>; Tue, 17 Nov 2020 01:03:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IAE4ioY4Kmtb for <cfrg@ietfa.amsl.com>; Tue, 17 Nov 2020 01:03:19 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2082.outbound.protection.outlook.com [40.107.20.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFCF33A0822 for <cfrg@irtf.org>; Tue, 17 Nov 2020 01:03:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zb9icOWWWwc5nD4ckDMhipvRvgigFaaWB4ehgFdRidynOSGBMT6YY4aMhzbuYkihceqES/42SU/anPE0WCE8REKDzsFPoJscMGWn8tVHH4IDJz05EvgAQuKfbdpmXTvtf49oABCzhs9CDb2qDwM3lfK6M6Ko2kZRwuCUgxW/6zcV06nSy5ugUkyhn4ttlIkD4b+XxVUm70ugg4wQ7NYRCqgKHTBtdj1DmClyEjwE1UqGzAZZcLWkGgVJfb6vEIbxLFWczhI8SlRooLNyMy9+GK/ZCV4aHxB3fHrFaem5tks/7sDMcxhhxVVJG2ti59FOB49ONfh7H3Bh58kiQAkK0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NUXyrFWpe1we1dUheNOn5e1+ySCyKUwLvfAtbiA+/wQ=; b=Xom7NWzr6W8YEJlrc0QAlNV3zNHNM9TZ+k5B7ivOby6mZWQCpc6AhnEkFf8O4AgPA4vxM0hVPU7fWHWif4ezPEyf5n8/OuiXdLdptZB/38KQJxq7GgK1lXtbvathYkOE4CyCfmI8WHhCATbbBbg3573EojNObruI8hivFW49CY/tQNujCTd+RBQmcn10FcRlG/obSb+sKVP9GlfKL/grqyHZ4S2QpvuT6zgUdSlGUAIuFv/AG8F6rtdAAJ9LqgrBhDMtB3ABM/SX4LSZ5p0AmutNc+rpTKX94+XERCsTiWjzoRMGWsGYFL56dyYmF44D5l2xaNw/cdElEJUdP5WvDQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NUXyrFWpe1we1dUheNOn5e1+ySCyKUwLvfAtbiA+/wQ=; b=FLjtdkgkveRpu5rrnax8ele6rZwUHZffKPkf09EHJJiTl1AFJEv+Hgon8s7+mOmSSzRrTGDegMs2Fyehzw+jAMBq2A/Um+doFAHQso3euHb2HL7ET2B6GgA2g0ZufMiz7FLBusU+BhSoAElIAb3PuQP6pm+6L8euvBe1j3KSNmI=
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com (2603:10a6:20b:17::24) by AS8PR07MB7464.eurprd07.prod.outlook.com (2603:10a6:20b:2ad::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3589.16; Tue, 17 Nov 2020 09:03:16 +0000
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c]) by AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c%5]) with mapi id 15.20.3589.017; Tue, 17 Nov 2020 09:03:16 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Martin Thomson <mt@lowentropy.net>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] Comment on draft-irtf-cfrg-aead-limits-01
Thread-Index: AQHWvCVZoFTeCQ5e9UCcNMyvepSzH6nLV3AAgADCAQA=
Date: Tue, 17 Nov 2020 09:03:16 +0000
Message-ID: <653C7FCD-0566-466B-A3F9-0EF877E2051E@ericsson.com>
References: <A3C540A2-6B18-42E0-8F0F-B4723BC5F0DA@ericsson.com> <38d47a3c-40dd-494a-833e-7597e2e4be67@www.fastmail.com>
In-Reply-To: <38d47a3c-40dd-494a-833e-7597e2e4be67@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.42.20101102
authentication-results: lowentropy.net; dkim=none (message not signed) header.d=none;lowentropy.net; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f9abbb37-d806-468e-63a8-08d88ad79f23
x-ms-traffictypediagnostic: AS8PR07MB7464:
x-microsoft-antispam-prvs: <AS8PR07MB7464C6494F25F93F82C1A55E89E20@AS8PR07MB7464.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: EUq9S83TgyMS4DQIGkyLoJEILSZv6yYvohha7R8SYdM8Ucp7cV/PyQoIOypAmXRv6QXPswpEUPA5cOnOp9BglpKTN8qvoRd3ajVfQKzw/glw9OcBvthMDyJYNqCcghK+q4jEOZvIrESHJh5UHbX5co1+9TJFO0xRRqz5T02s75JWUsrfce2FbfXjJZkjEazZq/USWGB5HS2Snk0S57ji8aLoYGezFHXEDi5lE67SSifE+h2nYR/vVPVRD1UBDM6LgkZLcx8hrUrgP/r9Q2WjuIM4qr0hnCvK2ZI3yGlC+v216EUf6wQPJxoOkHilPF3Eux0C2XNLGuqNsOdQLxYYHhfUDbjDvOWBO8v3V17yBMpwo5YcarmPJJIWBe2g2UOndxSRJh6Si57nHF9NF3ntlw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB4584.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(376002)(39860400002)(396003)(366004)(478600001)(71200400001)(6506007)(53546011)(83380400001)(76116006)(966005)(91956017)(66946007)(66476007)(66556008)(110136005)(44832011)(6486002)(8936002)(2616005)(36756003)(316002)(2906002)(64756008)(66446008)(6512007)(8676002)(26005)(86362001)(186003)(5660300002)(33656002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: FKvhIlMQIgs6KG8wnZoS7VG+s/Xu4q/EsGd18j/URvDf0KhgXQVE/Iq0e6nzmdKvOeZBFol6+4tGPELsqwj6ZrugsYuNyp40Zudu/Ho89ZF15+qijZWp9uTYNtSNKcl6jXYgCJ35WugILwYj8/rkfu65qdjFvb7cj716Mmuu41lI9DWhaFvXODPF6pzUoH8+Dc4ZBotDxK0QmPuOuZYyljPzhXz8AqU7RJx+0WGd8a2zooIibffGvWcJ0Hf+h5IklPoCsxnH4tvyJ09rZs8B7k+40oXb6dL59/12GPNBIC65FA043sIjoVV4qwNtQXjpF91mMoAcifkYcfLJVdua7sApHBluJzBqpCEqlMIuUDmXhdtKrnv9GS7u5SjQb4C4AVvUJ+wG0ATNRf+z51sRm6QryXhjkTFHfjsnDr2rVCKhfVo2S0g1P4AGl04Dr2zgGa8HBeAziTeOyygrEoG0q+hObWofCMFrIzRvVwPcyf3DLN4ypcPOYug2X80HVn0cJ8VwuQjjylhs5oVaY+IGRUpGlAMSc2Dm1lWFV8NuaK/GQ2D9pTSFRtIc8hh/qRNxPzgIdFxcNbGT9GHS4HTOat1RicnghyE1pwKQ9leur3wx/X69nV/rGJF4cXFuk1+H8yr83d3kwlN/0Qu8O7Ariw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <9F3ABB22AE1C664F8E8F83EE7B5CBBB1@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB4584.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f9abbb37-d806-468e-63a8-08d88ad79f23
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Nov 2020 09:03:16.4993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gpOT9rxb521WVuVGYS43B9hANCAXX7A/w+xiXXjXI79y/28akeIE6cDwPJrbUEFSIJFMihfQaZhQW6J0DYiYSTzi4V9DhQ4UJUuk+06CEd8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR07MB7464
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/meehLGpOIRe1irWQ2nzgHDq84b8>
Subject: Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits-01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2020 09:03:21 -0000
Splitting up the parameter l in that way sounds like an excellent idea! That makes the document applicable to RFC 5116 in general rather than just a special case of RFC 5116. Cheers, John -----Original Message----- From: CFRG <cfrg-bounces@irtf.org> on behalf of Martin Thomson <mt@lowentropy.net> Date: Monday, 16 November 2020 at 23:29 To: "cfrg@irtf.org" <cfrg@irtf.org> Subject: Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits-01 Thanks John, We have planned to split the input length into two variables: one for the plaintext length, one for the AAD length. This should help for those cases where the usage skews heavily toward one or the other and the bounds are substantially different based on that. For instance, the CCM analysis counts plaintext as consuming 2 blocks and AAD as consuming 1. For a protocol that mostly just authenticates, that might result in being able to send twice as many messages as an all encrypted protocol. That's not a big deal, but then CCM bounds aren't exactly generous, so that might turn out to be useful. On Tue, Nov 17, 2020, at 01:32, John Mattsson wrote: > Hi, > > The draft defines l as "Length of each message (in blocks)" While > https://protect2.fireeye.com/v1/url?k=4b68e622-14f3df66-4b68a6b9-861d41abace8-ca5386d0404249bd&q=1&e=fd208f4b-1d6f-42ac-9a1f-5b4b5afc427d&u=https%3A%2F%2Fwww.isg.rhul.ac.uk%2F%7Ekp%2FTLS-AEbounds.pdf defines l as "input > length in blocks" > > I assume the definition in the draft should be "input length in blocks" > and that the rewriting comes from TLS where A = "". It would also be > good to clearly define what "input" (or "message") is, none of the > terms are well-defined. Suggestion: > > OLD "Length of each message (in blocks)" > NEW ""input length (plaintext + additional authenticated data) in blocks" > > (I assume https://protect2.fireeye.com/v1/url?k=9b80f671-c41bcf35-9b80b6ea-861d41abace8-f5e131f6d996e9f7&q=1&e=fd208f4b-1d6f-42ac-9a1f-5b4b5afc427d&u=https%3A%2F%2Fwww.isg.rhul.ac.uk%2F%7Ekp%2FTLS-AEbounds.pdf means that > "input" is P and A, i.e. not K and N). > > Cheers, > John > > > > > > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://protect2.fireeye.com/v1/url?k=99f44065-c66f7921-99f400fe-861d41abace8-6df16c72f07ebf97&q=1&e=fd208f4b-1d6f-42ac-9a1f-5b4b5afc427d&u=https%3A%2F%2Fwww.irtf.org%2Fmailman%2Flistinfo%2Fcfrg > _______________________________________________ CFRG mailing list CFRG@irtf.org https://protect2.fireeye.com/v1/url?k=500254a6-0f996de2-5002143d-861d41abace8-51f58f0c7a1ecfea&q=1&e=fd208f4b-1d6f-42ac-9a1f-5b4b5afc427d&u=https%3A%2F%2Fwww.irtf.org%2Fmailman%2Flistinfo%2Fcfrg
- [CFRG] Comment on draft-irtf-cfrg-aead-limits-01 John Mattsson
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Martin Thomson
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Stephen Farrell
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Eric Rescorla
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Stephen Farrell
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Eric Rescorla
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Stephen Farrell
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… John Mattsson
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… John Mattsson
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Martin Thomson
- Re: [CFRG] Comment on draft-irtf-cfrg-aead-limits… Stephen Farrell