[MLS] Message ordering
"Alexey Ermishkin" <scratch@virgilsecurity.com> Tue, 29 May 2018 20:04 UTC
Return-Path: <scratch@virgilsecurity.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB29B12EC8B for <mls@ietfa.amsl.com>; Tue, 29 May 2018 13:04:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.002
X-Spam-Level:
X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dcpn9Ei1GFla for <mls@ietfa.amsl.com>; Tue, 29 May 2018 13:04:28 -0700 (PDT)
Received: from VirgilSecurity.com (mail.virgilsecurity.com [199.58.211.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4672A128D2E for <mls@ietf.org>; Tue, 29 May 2018 13:04:28 -0700 (PDT)
Received: from BIGONE (unknown [176.226.241.68]) by VirgilSecurity.com (Postfix) with ESMTPSA id 02EB81057C759A for <mls@ietf.org>; Tue, 29 May 2018 16:04:26 -0400 (EDT)
From: Alexey Ermishkin <scratch@virgilsecurity.com>
To: mls@ietf.org
Date: Wed, 30 May 2018 01:04:24 +0500
Message-ID: <008b01d3f788$3f34bc70$bd9e3550$@virgilsecurity.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: ru
Thread-Index: AdP3h7f7Unw55RViQymgjSZar3QIiQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/sPqsTcJ8ixYNdn9qEaenM4HOtg4>
Subject: [MLS] Message ordering
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2018 20:04:41 -0000
I'd like to discuss the practical part of the requirement that MLS puts on all group participants. Hope that I haven't missed such discussion already. All messages (not only state change messages) must have a counter field which must be unique among all the messages and server must reject messages that have this field duplicated. This might be ok for a group of 3. But as MLS targets groups up to 50k users, I believe the percent of rejected messages will dramatically increase and affect user experience. I know that ART or TreeKem is, in the end, supposed to be bound to double ratchet's KDF chain which have one sequence of message numbers per "epoch" but that clearly won't work for large groups where participants will constantly have to work on some "consensus" during communication. I believe there's better solution to this problem. Maybe we should consider making a unique KDF chain (prefix?) for each group member and perform timestamp-based ordering, I'm not sure. Regards, Alex
- [MLS] Message ordering Alexey Ermishkin
- Re: [MLS] Message ordering Karthikeyan Bhargavan
- Re: [MLS] Message ordering Eric Rescorla
- Re: [MLS] Message ordering Alexey Ermishkin
- Re: [MLS] Message ordering Martin Thomson