Re: [MLS] Purpose of path_secret in the Welcome message?

Théophile Wallez <theophile.wallez@inria.fr> Thu, 22 April 2021 15:38 UTC

Return-Path: <theophile.wallez@inria.fr>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D06FD3A16E7 for <mls@ietfa.amsl.com>; Thu, 22 Apr 2021 08:38:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Wa6m5H-gPa1 for <mls@ietfa.amsl.com>; Thu, 22 Apr 2021 08:38:08 -0700 (PDT)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C8693A1642 for <mls@ietf.org>; Thu, 22 Apr 2021 08:37:45 -0700 (PDT)
IronPort-HdrOrdr: =?us-ascii?q?A9a23=3AjpDoEKpdceHGuRGkgaqhN6YaV5uvLNV00zAX?= =?us-ascii?q?/kB9WHVpW+SCncGvg/gXkTfo4QxhAk0IscycOaWGXHPX/YN0545UBru5QAz6og?= =?us-ascii?q?KTRr1Kx43k3jHmBmni5vdQvJ0QLpRWJf/RKRxUjcPm7BLQKadH/PCr0oCNwd3f?= =?us-ascii?q?wXBkUB1wZ8hbnn5EIyuSD0Eefng2ObMVGJ+d+cZdqzflRHJ/VKuGL1UfRO7ZvZ?= =?us-ascii?q?n3kvvdEFA7LjE97g3mt0LT1JfeEwKEmj8EWTJO3rtKyxmfryXd5r+/99C2zwa0?= =?us-ascii?q?7R6W071ymMH9jvtPbfb8z/Q9DzX3l0KPeoNsQNS5zWgIicSu8ktvqd/Xvn4bTp?= =?us-ascii?q?1OwlbQZHzwmwfnwQP60D0jgkWSjmOwpHv4vIjEQygnANBKnoJTfnLimgwdlfVx?= =?us-ascii?q?yrhC0W7cl5c/N2K9oA3Y59zFEy5njVC1p31Kq59vs1VnSocVZLJcqoYSlXklUe?= =?us-ascii?q?ZBIAvA5IoqEPZjAajnjZ48HD36DwG7zwsfp+CEZXg9EgyLRUIPoKWuokdrtUt0?= =?us-ascii?q?1k4JgPEY901wua4VcZVC6ujeW54Y141mdNMcbq52GY46MIGKI1HKKCi8Tl66EB?= =?us-ascii?q?DNFLIOPHzEwqSHq4kd1aWFY5AZyZsphf36ISBlnF93XkTpEKS1rdF22yGIZG28?= =?us-ascii?q?WDj3o/sul6RRi/nZTLrvKzCZThQQm9Chq/4bDtezYYfASedrKs6mC3DvF4ZP1w?= =?us-ascii?q?i7YZ9PMnMTFO0t0+xLL26mk4bsMY3ltuvSdbLvItPWfQoMayfFDnwKQTTpYP9N?= =?us-ascii?q?9V+mQVjxhBS5YQKkRmXPual9F6DG8/NW8pEEMqdFrhIY4G7Jr/2jGHl4vqs/YU?= =?us-ascii?q?dkZIn/mqeAr2+s8Q/znhNUEysYNUpT6KjtSDdxvAcPCV79bLprgaTpRUlimEGK?= =?us-ascii?q?PgNySMnbeTQv6GhfyOaJL4eN32QZAdqhNW6W5kFjwAPwc74s3pKC/tv+PqkkBo?= =?us-ascii?q?s7QsVKZGC7byBdqEJsriNKcwUERlDSfwmey5mYsA=3D=3D?=
X-IronPort-AV: E=Sophos;i="5.82,242,1613430000"; d="scan'208";a="504547152"
Received: from apoitiers-658-1-144-74.w90-16.abo.wanadoo.fr (HELO [192.168.42.138]) ([90.16.71.74]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/AES256-GCM-SHA384; 22 Apr 2021 17:37:16 +0200
To: Messaging Layer Security WG <mls@ietf.org>
References: <894d5000-fa72-ad62-d5d4-e5e7ad01a3f7@inria.fr> <CAL02cgTgxjtyXD_0O+pCCWNbePd42OY1QKgrzQoqbRn_P0xMgg@mail.gmail.com>
From: =?UTF-8?Q?Th=c3=a9ophile_Wallez?= <theophile.wallez@inria.fr>
Message-ID: <13d9cf9c-7a1d-164f-e739-07b8da6a291e@inria.fr>
Date: Thu, 22 Apr 2021 17:37:14 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <CAL02cgTgxjtyXD_0O+pCCWNbePd42OY1QKgrzQoqbRn_P0xMgg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/_8-FCLu_1iFhu6s9inu-Qvx-t-U>
Subject: Re: [MLS] Purpose of path_secret in the Welcome message?
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2021 15:38:19 -0000

Hi Richard,

On 22/04/2021 14:29, Richard Barnes wrote:

> It is used the next time there's a group operation and an UpdatePath 
> is sent.

I don't get why this is true?
 From my understanding, a new leaf will be in the `unmerged_leaves` list 
of all the non-blank nodes above it [0]. Given this fact, the new leaf 
will be in the resolution of all the nodes above it, therefore the new 
leaf will be able to decipher the path secrets for the following 
UpdatePath without using the `path_secret` of the Welcome message.
Also, in the worst case the `path_secret` might correspond to the path 
secret of the root node (since it is the path secret of the lowest 
common ancestor of the leaf sending the Welcome message and the leaf 
receiving the Welcome message [1]), which would not be useful to process 
an UpdatePath message.


[0] 
https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#section-11.1.1-5.2
[1] 
https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#section-11.2.2-9.4.2.2

Thanks,
Théophile.