Re: [hybi] AES-128-CTR not much safer, but not fast either
Cedric Vivier <cedricv@neonux.com> Wed, 12 January 2011 15:57 UTC
Return-Path: <neonux@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 990243A69ED for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 07:57:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.902
X-Spam-Level:
X-Spam-Status: No, score=-2.902 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TLRc0JMTF+pm for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 07:57:23 -0800 (PST)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by core3.amsl.com (Postfix) with ESMTP id 9CDCA3A67D8 for <hybi@ietf.org>; Wed, 12 Jan 2011 07:57:23 -0800 (PST)
Received: by wwa36 with SMTP id 36so676324wwa.13 for <hybi@ietf.org>; Wed, 12 Jan 2011 07:59:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:from :date:x-google-sender-auth:message-id:subject:to:cc:content-type; bh=jGvX/e8VoUo33pfpNe9cwKDmISToS1W9/GBu3o3Qjfo=; b=UyLPpgJED9tTEGnfWFTaSDLWQFo0RfAgmClWzepVkYgNJTDZezJOqJdtQDt8qhrvep Zm97Xi17hPsealwMeq/sx82Xy+9NV9i4zbpmiepuyNvLf36XMoUNUN0D4gJHgctP8ihm SUkQr75unmWoRP54Pjss6e60g9lnA4Z4mnXwc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=Xhj0SO5WWBmAN+H+IXqjwOpCv+TFemJLfaRNhakFWjMg+5RIfvtDjL3jOLMfuclkOs ygOxQPcivW8e7m5Jw50T003r8VTULWXh8Ckk0y0l2iCKzxqlDC8wgCBtdsO5QD/vBUr4 ybmO2egZbAslrHNxpfoYeCtxa6837l1Ui7jF8=
Received: by 10.227.132.77 with SMTP id a13mr1136413wbt.127.1294847982696; Wed, 12 Jan 2011 07:59:42 -0800 (PST)
MIME-Version: 1.0
Sender: neonux@gmail.com
Received: by 10.227.3.19 with HTTP; Wed, 12 Jan 2011 07:58:57 -0800 (PST)
In-Reply-To: <20110112094147.GB24790@1wt.eu>
References: <20110110000908.GD5743@1wt.eu> <AANLkTi=LBeH6RReypRb1BoH=2-jw-_qxRsaqQCT13MNA@mail.gmail.com> <20110112094147.GB24790@1wt.eu>
From: Cedric Vivier <cedricv@neonux.com>
Date: Wed, 12 Jan 2011 23:58:57 +0800
X-Google-Sender-Auth: QE2MA3lTXw9TnRDuQkUEb5wLc_A
Message-ID: <AANLkTi=GOyehATLpPHgbHOLtEbQ1819hNJzP4wMaVbkT@mail.gmail.com>
To: Willy Tarreau <w@1wt.eu>
Content-Type: text/plain; charset="UTF-8"
Cc: Hybi <hybi@ietf.org>, Yuta Kitamura <yutak@chromium.org>
Subject: Re: [hybi] AES-128-CTR not much safer, but not fast either
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jan 2011 15:57:24 -0000
On Wed, Jan 12, 2011 at 17:41, Willy Tarreau <w@1wt.eu> wrote: > I agree it's random enough, just as the simple 32-bit random XOR is ! And > that was my point : there is no vulnerability that would remain with the > simple XOR that the AES would solve since in the end, we're down to just > a 32-bit randomness. +1 If there really has to be masking (to protect against potential intermediaries broken beyond reason), AES cannot protect those 4 bytes any more than a simple XOR on a 32-bit key. It is faster to process and simplifies development. Sure, you can link to OpenSSL or your favorite crypto library from C/C++, it still adds unnecessary bloat/complexity while also limiting possibility of using other programming languages to write small/prototype/test WebSocket servers without installing crypto bindings... (think Lua, Python [AES not in standard library], ...). Regards,
- Re: [hybi] AES-128-CTR not much safer, but not fa… Thomson, Martin
- [hybi] AES-128-CTR not much safer, but not fast e… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Scott Ferguson
- Re: [hybi] AES-128-CTR not much safer, but not fa… Bruce Atherton
- Re: [hybi] AES-128-CTR not much safer, but not fa… Yuta Kitamura
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Cedric Vivier