IETF Logo Mail Archive

Re: [openpgp] AEAD Chunk Size

Tobias Mueller <muelli@cryptobitch.de> Mon, 18 March 2019 09:49 UTC

Return-Path: <muelli@cryptobitch.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 633E613110A for <openpgp@ietfa.amsl.com>; Mon, 18 Mar 2019 02:49:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id unktYo6lSUKF for <openpgp@ietfa.amsl.com>; Mon, 18 Mar 2019 02:49:53 -0700 (PDT)
Received: from bitbox.cryptobit.ch (cryptobit.ch [188.40.138.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08C8F13110D for <openpgp@ietf.org>; Mon, 18 Mar 2019 02:49:53 -0700 (PDT)
Received: from unibox.fritz.box (p5B0F5932.dip0.t-ipconnect.de [91.15.89.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail.cryptobit.ch (Postfix) with ESMTPSA id 44NBHM3XTNz13C3d; Mon, 18 Mar 2019 10:49:51 +0100 (CET)
Message-ID: <f103737f45b96d4d275a449760381257aaff91f6.camel@cryptobitch.de>
From: Tobias Mueller <muelli@cryptobitch.de>
To: "Neal H. Walfield" <neal@walfield.org>
Cc: openpgp@ietf.org
Date: Mon, 18 Mar 2019 10:49:51 +0100
In-Reply-To: <87tvg0imzg.wl-neal@walfield.org>
References: <87mumh33nc.wl-neal@walfield.org> <F9VLV9HZWH.3RYL3UM3BN873@my.amazin.horse> <3WZ7-hy9V7TOy53p1gP5EXELzHJIqjouV9x0YTN3PWsBZedKkqvVCRm-2XzGZy-FYAYdTqP1-7YV4wbTWMWAYhSujQA6NmrnIuXfZLRHkdQ=@protonmail.com> <CAB941EE-6961-4CAB-9632-DFF738980467@icloud.com> <87h8co2t4v.wl-neal@walfield.org> <35C892F7-18A8-401E-828D-5CE180A3A731@icloud.com> <87r2brf0f1.wl-neal@walfield.org> <2a014c4a103ba7f52535546f7e77277ea2bdabdf.camel@cryptobitch.de> <90a28b7c-1b02-abbb-eb8d-bec5263a9f89@fh-muenster.de> <e558f5729bc81eed952671ce4199b427dc3b7f1a.camel@cryptobitch.de> <87tvg0imzg.wl-neal@walfield.org>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.28.5-0ubuntu0.18.04.1
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/rXB-m4ZgVxSiz2I6z4W1FiMsE1s>
Subject: Re: [openpgp] AEAD Chunk Size
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 09:49:58 -0000

Hi Neal,

On Mon, 2019-03-18 at 09:51 +0100, Neal H. Walfield wrote:
> I think Sebastian is using "can" to mean "it is possible", not "may".
> 
> That is, 
> 
>   The advantage of smaller
>   chunks is that *it is possible* to cache the plaintext until the
> chunk's auth tag
>   is validated *whereas it is not necessarily possible to cache the
>   plaintext with larger chunks*.
I think I see what you mean.  But assuming that partial plaintexts are
of little to no value, because you have used an AEAD cipher after all,
then you can achieve the very same thing even today, with a message of
arbitrary size, because you can stream out partial plaintext.

Now you seem to find some value in partially authenticated plaintexts.
But I haven't understood why you find them so appealing that you want to
force them onto each and every user.


Cheers,
  Tobi

v2.23.0 | Report a Bug | By Email