Re: [openpgp] AEAD Chunk Size

Jon Callas <joncallas@icloud.com> Tue, 02 April 2019 17:42 UTC

Return-Path: <joncallas@icloud.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CEC912019D for <openpgp@ietfa.amsl.com>; Tue, 2 Apr 2019 10:42:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.849
X-Spam-Level:
X-Spam-Status: No, score=-1.849 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, KHOP_DYNAMIC=0.85, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swAMG6EcavMD for <openpgp@ietfa.amsl.com>; Tue, 2 Apr 2019 10:42:55 -0700 (PDT)
Received: from mr85p00im-zteg06021901.me.com (mr85p00im-zteg06021901.me.com [17.58.23.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87DEE120147 for <openpgp@ietf.org>; Tue, 2 Apr 2019 10:42:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=04042017; t=1554226974; bh=53OJTzVX/DWG/Pf49mKStZdLpilOprcwcy76BUbGd7o=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To; b=YWsdnalORGBrgZrtYd0uUTEIhFO5Os0hN37wJS1LZibM5tdqc7RFyq3ypH216bJKA d8uWs8Xi1bExa1QBNUizDC0YdEwP5rRBmNaSTrruGyPsg9Ju1kfJpsM0vzeqnMbJap GzZlglFk+l/lAfOxBa/45P4g+PjOQUE+girpahU7u41Kl6x02FD1rtHhih8j6WmdE6 oij5Pgxk1KY2/LcnMzcxINo6YjM/1AkPh0T7vwblQsTMRLkuFCCpaOoqzgHTjqs9OO xbu6fjM36sD58HiybwM904jQFZpqaEfogppwhQ2JMMiRtrX76qryhEh+6dJ9J3rJA9 Hag0xhNwZiogQ==
Received: from [10.125.12.102] (67-207-120-150.static.wiline.com [67.207.120.150]) by mr85p00im-zteg06021901.me.com (Postfix) with ESMTPSA id 8A138720106; Tue, 2 Apr 2019 17:42:54 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Jon Callas <joncallas@icloud.com>
In-Reply-To: <CAHTptW_zrrSQtzyw5-_ThF9FqYE3hBzvSxDfKtvbZa0KaGW4-w@mail.gmail.com>
Date: Tue, 2 Apr 2019 10:42:50 -0700
Cc: Jon Callas <joncallas@icloud.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "Neal H. Walfield" <neal@walfield.org>, "openpgp@ietf.org" <openpgp@ietf.org>, Justus Winter <justuswinter@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <DE54BC71-696D-4213-987E-42A548218492@icloud.com>
References: <87mumh33nc.wl-neal@walfield.org> <878swzp4fb.fsf@europa.jade-hamburg.de> <E65F6E9D-8B0B-466D-936B-E8852F26E1FF@icloud.com> <87zhpd21d3.wl-neal@walfield.org> <D9D1ACD4-4944-495C-A058-1AA5D25FF8CF@icloud.com> <1554001112803.75759@cs.auckland.ac.nz> <CAHTptW_zrrSQtzyw5-_ThF9FqYE3hBzvSxDfKtvbZa0KaGW4-w@mail.gmail.com>
To: =?utf-8?B?IkNvbnJhZG8gUC4gTC4gR291dsOqYSI=?= <conradoplg@gmail.com>
X-Mailer: Apple Mail (2.3445.102.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-04-02_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 mlxscore=0 mlxlogscore=633 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1812120000 definitions=main-1904020118
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/BzN_93_hvv3BnbYjeI3ou9PgaEU>
Subject: Re: [openpgp] AEAD Chunk Size
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 17:43:00 -0000


> On Apr 2, 2019, at 6:12 AM, Conrado P. L. Gouvêa <conradoplg@gmail.com> wrote:
> 
> On Sat, Mar 30, 2019 at 11:59 PM Peter Gutmann
> <pgut001@cs.auckland.ac.nz> wrote:
>> I'm not saying remove it, just get some data to support making a decision in
>> some way.  In particular, AEAD is a good thing, but there's no evidence that
>> chunking with AEAD, which complicates things greatly, is useful or necessary.
>> 
> 
> I know you're tired of hearing about it... but EFail.
> Even if PGP used AEAD, but without chunks, EFail would probably still
> happen. If the AEAD data is arbitrarly large, then implementations
> would be forced to provide a streaming API that discloses
> unauthenticated plaintext, and the same thing would happen.

No, no, it’s okay, because this why I was saying, “Let’s not talk about Efail.” The AEAD discussion is good, and there are many reasons to upgrade to allow its use. If one of those reasons is complex, then having that be the major reason means that there’s a counter-argument that is essentially, “if this isn’t the silver bullet claimed, then maybe we shouldn’t do it,” and worse, it’s a completely reasonable counter-argument. 

There’s one more small issue around AEAD that I’ll bring up in another note.

	Jon