Re: [openpgp] AEAD Chunk Size

Bill Frantz <frantz@pwpconsult.com> Mon, 18 March 2019 21:11 UTC

Return-Path: <frantz@pwpconsult.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF0B512EB11 for <openpgp@ietfa.amsl.com>; Mon, 18 Mar 2019 14:11:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5vgl64de4Cqr for <openpgp@ietfa.amsl.com>; Mon, 18 Mar 2019 14:11:42 -0700 (PDT)
Received: from elasmtp-masked.atl.sa.earthlink.net (elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9E0A12D4E6 for <openpgp@ietf.org>; Mon, 18 Mar 2019 14:11:42 -0700 (PDT)
Received: from [47.143.125.151] (helo=Williams-MacBook-Pro.local) by elasmtp-masked.atl.sa.earthlink.net with esmtpa (Exim 4) (envelope-from <frantz@pwpconsult.com>) id 1h5zXp-0009td-CJ for openpgp@ietf.org; Mon, 18 Mar 2019 17:11:41 -0400
Date: Mon, 18 Mar 2019 14:11:41 -0700
From: Bill Frantz <frantz@pwpconsult.com>
To: openpgp@ietf.org
X-Priority: 3
In-Reply-To: <87o968i95v.wl-neal@walfield.org>
Message-ID: <r480Ps-10143i-149CE78B9B3A43A29B3D767B6660A08D@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.4.3 (480)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec79e8723706e5625eecc08ab560e5432836350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 47.143.125.151
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0vnNIE0d9ySZh6yX66avPzOCatU>
Subject: Re: [openpgp] AEAD Chunk Size
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 21:11:45 -0000

On 3/18/19 at 6:50 AM, neal@walfield.org (Neal H. Walfield) wrote:

>If
>an application wants to protect itself against truncation attacks,
>then it can buffer the output, or the openpgp implementation can have
>a flag.

When processing streamed messages, you have already bought into 
the idea that you may be processing early data in the message 
before the later data has even been sent.

To protect against truncation attacks you can borrow an idea 
from the database people and not commit your changes until you 
have a complete message.

Cheers - Bill

------------------------------------------------------------------------
Bill Frantz        |"Insofar as the propositions of mathematics 
refer to
408-356-8506       | reality, they are not certain; and insofar 
they are
www.pwpconsult.com | certain, they do not refer to reality.” 
-- Einstein