IETF Logo Mail Archive

Re: [openpgp] OpenPGP encryption block modes

Aron Wussler <aron@wussler.it> Fri, 05 August 2022 08:00 UTC

Return-Path: <aron@wussler.it>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25BC1C14F736 for <openpgp@ietfa.amsl.com>; Fri, 5 Aug 2022 01:00:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.087
X-Spam-Level:
X-Spam-Status: No, score=-6.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oiJYg9ex6Gui for <openpgp@ietfa.amsl.com>; Fri, 5 Aug 2022 01:00:27 -0700 (PDT)
Received: from mail-4323.proton.ch (mail-4323.proton.ch [185.70.43.23]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEF99C15AD3B for <openpgp@ietf.org>; Fri, 5 Aug 2022 01:00:26 -0700 (PDT)
Date: Fri, 05 Aug 2022 08:00:07 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail3; t=1659686424; x=1659945624; bh=6EsCQWkiPpYquDw3iEFsXEayGnY0di+qq6SvkiuXvBk=; h=Date:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=wRxJglEWV8EKMsEqiJ8tPMyXBKNDWnZH6kaQyCnq0Zeyl9p/2Y2UqRC7BXLh/RzQe Iwb9W7Is6/La1PTdMSxJTNEQjyULXLtDDwZ12D2En2T102VxoX8Nozz9ssWefN9GwM U3vOrG+w7FYXpxxh29MSECYWw0r9khOs0rfPAtpavmsnYYlwy6xgnTpAPwqH+mangL bo7TnPZJCRcyHjznKp07c6tC42DIXJ2HmVvu2OKHClEC7JRlsPB2Bu3vZeUErjx/MF fYiLroN1wBybBbDjkRQxfDMuXxZbRaeFIf15VhPCCoPMnpeEaTlTYvVG+BCL/GCpgT OcoViXucFzIkg==
From: Aron Wussler <aron@wussler.it>
Cc: Bruce Walzer <bwalzer@59.ca>, Daniel Huigens <d.huigens@protonmail.com>, justus@sequoia-pgp.org, openpgp@ietf.org
Reply-To: Aron Wussler <aron@wussler.it>
Message-ID: <kV1o2wor4b750-i-DJcjlGhlrx5-NAgguHX6etvEE2GZCIifuBMhKCK8qknPWBEWvDSy0OntIlPCZOA4YLEQwa1vKyyZoBYshLtVv1qJ0Vs=@wussler.it>
In-Reply-To: <87a68ji1bv.fsf@wheatstone.g10code.de>
References: <YuAErZRsF/KbOw1s@watt.59.ca> <87bktajjvq.fsf@thinkbox> <YuKpxp0/Dy1DfC19@watt.59.ca> <875yjhjg2c.fsf@thinkbox> <87r124m64c.fsf@wheatstone.g10code.de> <YulX9jI1+wOCwLJq@ohm.59.ca> <Q6EUpbQm0e5f1OiU-77Old9p9FXyLCaFZ8pMm7PTt8VTLQJaXRQzWIDSwc3db6yI-56imyOaTNdt9TC8Zrm1jN_kPKxFYH4OqEu6o-Wfquo=@protonmail.com> <YuvlHdLz0Sfle7Ot@ohm.59.ca> <87a68ji1bv.fsf@wheatstone.g10code.de>
Feedback-ID: 10883271:user:proton
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------efb5b426aaa4f8f5612b48cb9599608d061dbdb873e6986c1b5546a4ec7706ab"; charset="utf-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/P5FcvyGL7vBhTdUFrtWvj6gqIvU>
Subject: Re: [openpgp] OpenPGP encryption block modes
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2022 08:00:32 -0000

Hi all,

I think in this thread is missing an important piece of information.

> Speaking of messaging, wouldn't you strongly prefer the most compatible mode?

These preferences are signalled by the keyholder. When I generate a key I can specify if I'd like GCM messages in the Preferred AEAD Ciphersuites.

A recipient not trusting GCM can simply omit it from their key. I see no problem with any implementation omitting GCM by default (not to alienate non-crypto-geeks) and including only if it makes sense for the implementation itself (e.g. OpenPGP.js), or if there are some legal requirement to do so. I can't imagine a (compliant) implementation sending GCM messages to a certificate that does not specify support for them.

Furthermore, a GCM-skeptical sender could also ignore this preference and just send messages using OCB, that must be supported (even though admittedly this requires more technical knowledge).

Finally, since we're not in the asymmetric part of the certificate - that if you fail to parse game's over - I don't understand the point of discussion. As said at IETF114, if this does not end into the draft, anyone can come up with a spec adding an additional block mode, therefore not adding it now will not prevent people from using it eventually.

Cheers,
Aron


--
Aron Wussler
Sent with ProtonMail, GPG key 0x7E6761563EFE3930



------- Original Message -------
On Friday, August 5th, 2022 at 09:41, Werner Koch <wk@gnupg.org> wrote:


> On Thu, 4 Aug 2022 10:26, Bruce Walzer said:
> 

> > I thought you guys were mostly doing messaging. Why would performance
> > be important in that environment? Speaking of messaging, wouldn't you
> 

> 

> A major use case is to encrypt bulk data in the range for hundreds of
> GiByte and often up to several TiByte. And that is not only for
> backups. It matters whether it takes 6 hours or 45 minutes.
> 

> Actually this is also the reason why we came up with the chunked OCB
> mode - to detect those rare transmission errors more early.
> 

> 

> Salam-Shalom,
> 

> Werner
> 

> 

> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

v2.23.0 | Report a Bug | By Email