Re: [Ppm] Timestamps and nonces
Christopher Wood <caw@heapingbits.net> Fri, 01 July 2022 18:28 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: ppm@ietfa.amsl.com
Delivered-To: ppm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 946DBC15C122 for <ppm@ietfa.amsl.com>; Fri, 1 Jul 2022 11:28:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=PuebVHA2; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=a7uCpQ+N
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EhYxdmy6wdLX for <ppm@ietfa.amsl.com>; Fri, 1 Jul 2022 11:28:50 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3D51C14CF17 for <ppm@ietf.org>; Fri, 1 Jul 2022 11:28:07 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 45B6B320010B; Fri, 1 Jul 2022 14:28:07 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Fri, 01 Jul 2022 14:28:07 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=cc:cc:content-transfer-encoding:content-type:date:date:from :from:in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1656700086; x= 1656786486; bh=z4b3TOv1BMeu4czKkR5522tpwOJjKRb4EQEbkmAtZHs=; b=P uebVHA21hdF1Hl6xDaL3/zMrnPObYvwN9V4nLIE0lIzyy7FlfNhLtrBkD++h6h5y f7v+BD85ggHoZRs4ArR4ttG9hVxhBhsmB6PMmnuaIL+2RdnVkSE/W0wfJFxDzru3 Jnu6l6OAOEi267x1E7/sJgVdowpKMWvcQpSJ+4+GjGZfYOiMJr0uyAutv6JCKgxu rDtMDiqQu9+mYbQ5AEFDKC0dGyTNw6aOqd90K1oXC0b6PhrQ6QVAV+AyH8P05jo7 vVAFI3S78YM4dFUzAruku5ht0NYJ6LyY58a5wWdqw7Sf9DoCER34INYhpfiMtCTb xM9qOYuuAml4jMjGmf2KA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1656700086; x= 1656786486; bh=z4b3TOv1BMeu4czKkR5522tpwOJjKRb4EQEbkmAtZHs=; b=a 7uCpQ+NUnDEqQaHVwpWRHKOGxIQUjMiiTlRpYlX3//IFsuwJzGP6uw2fDKPE4Qw8 du7RS52N5N80ylm8FJhsaFHx2WwiEispk9MM6jhTCTecQWzJ5kkWtSazoqd0Gu2B 6r6yDXoxFzu/HCWGibKC2bc5TmOWFm324qhSK6ikrt/2xZqSblXU1LcfNPJvpBzg TWZIRjdCFblkjnCM3mGnPdgI+hb0tP8ZrxGPAvGVPR52cGh9rsnsdUZwaZEE51/A hD1JwkkTUrZucdjA2/FBTFRst9Xfss15rPUZZBs7b+/sqEFKVNgqh2HEOTSoGYEI 1+yjNt/aTyYYUVODCTULA==
X-ME-Sender: <xms:tjy_Yr19vNgxf4kcm1r5ouZYcYjDw3T0Qq2LZKXNkigYBIh4DfY6cg> <xme:tjy_YqFza7kc2J3Hf8RXinVKgpxb2ErZfMkdFHcwVWY_0CfdBFdfnSCzwLG8YtfVg 9gLKWKsKy-qk03llkM>
X-ME-Received: <xmr:tjy_Yr45b6pY8kRQlggfd_TA3IhmnkRJ9GUz5qul9CzjZogabOuyPHziEVb3KbI2idcHz_m0SmJDa43HwLnlt6stTq7xTu453mnL>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudehfedguddvhecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpegtggfuhfgjffevgffkfhfvofesthhqmhdthhdtvdenucfhrhhomhepvehh rhhishhtohhphhgvrhcuhghoohguuceotggrfieshhgvrghpihhnghgsihhtshdrnhgvth eqnecuggftrfgrthhtvghrnhepjefhhfdtvddvledufedtiefgueekleetteeiieejheeh feektedtheelueekveeinecuffhomhgrihhnpehgihhthhhusgdrtghomhdpihgvthhfrd horhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep tggrfieshhgvrghpihhnghgsihhtshdrnhgvth
X-ME-Proxy: <xmx:tjy_Yg22R8N1WWniWK6GggFQAMMn4VO9vBesh4-KEkviIQUIjLywkQ> <xmx:tjy_YuH1V-lJT7Dw4UZa6_7Jarjnuex7JyZeKFTn4e8nEzqaItCIlA> <xmx:tjy_Yh9zrqvf3O3NzZbqKZICHo4ifPX9YkMILal9I4ynvvyDD4Awqg> <xmx:tjy_YpOQ9o_5THdiIuiMVrUw0KB9m51D1b4LkK-QuwRDNpHklYttow>
Feedback-ID: i2f494406:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 1 Jul 2022 14:28:05 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
From: Christopher Wood <caw@heapingbits.net>
In-Reply-To: <CABN231o4ueytG83Sb4BL6K2ez7R02Sc+AA4REtGgtVz97Sfa2g@mail.gmail.com>
Date: Fri, 01 Jul 2022 14:28:02 -0400
Cc: ppm <ppm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CD537FD8-5D09-42C3-B931-DF1D756B78FE@heapingbits.net>
References: <4450DDE1-E2B9-44F1-B44D-5C77D5660215@heapingbits.net> <CABN231o4ueytG83Sb4BL6K2ez7R02Sc+AA4REtGgtVz97Sfa2g@mail.gmail.com>
To: Tim Geoghegan <timg@letsencrypt.org>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ppm/lKSV3mGlrIrbNsBha5qGetpFdjw>
Subject: Re: [Ppm] Timestamps and nonces
X-BeenThere: ppm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Preserving Measurement technologies <ppm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ppm>, <mailto:ppm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ppm/>
List-Post: <mailto:ppm@ietf.org>
List-Help: <mailto:ppm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ppm>, <mailto:ppm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jul 2022 18:28:55 -0000
> On Jun 30, 2022, at 12:06 PM, Tim Geoghegan <timg@letsencrypt.org> wrote: > > I believe the relevant pull request is https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/pull/281 Oops, yes, thanks for correcting the link! > > I commented over on GitHub, and I think this is a great idea. Thanks to Shan for raising it! > > Tim > > On Thu, Jun 30, 2022 at 7:28 AM Christopher Wood <caw@heapingbits.net> wrote: > One issue pointed in #274 is that the timestamps might be used to link reports to clients as reports move throughout the system. This is somewhat of a problem, especially for deployments that want to apply shuffling for the purposes of amplifying local DP effects. Since the timestamp is really only used to identify the window in which replay protection should be applied, one solution to this problem is to make the timestamp less precise (a multiple of the batch window start time) and then bump up the nonce size to account for collisions. This approach is spelled out in this PR: > > https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/pulls > > Please have a look and provide feedback. > > Thanks, > Chris > -- > Ppm mailing list > Ppm@ietf.org > https://www.ietf.org/mailman/listinfo/ppm
- [Ppm] Timestamps and nonces Christopher Wood
- Re: [Ppm] Timestamps and nonces Tim Geoghegan
- Re: [Ppm] Timestamps and nonces Christopher Wood