Re: [quicwg/base-drafts] 5.6 Packet Number Protection is hard to follow (#1387)
elenagurevich <notifications@github.com> Mon, 09 July 2018 09:23 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 252BC130E2B for <quic-issues@ietfa.amsl.com>; Mon, 9 Jul 2018 02:23:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Level:
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A0pp7toBBTvL for <quic-issues@ietfa.amsl.com>; Mon, 9 Jul 2018 02:23:24 -0700 (PDT)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3B40130E1E for <quic-issues@ietf.org>; Mon, 9 Jul 2018 02:23:23 -0700 (PDT)
Date: Mon, 09 Jul 2018 02:23:22 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1531128202; bh=4wpCpJk2EV7c+wrvZO8ZAnfGb12XuGCcDo89GM5XrPc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ue1XRx+0BYKB/9BMDvK8YBgOZ+/jGm0LwdsdmsHC89uijI4d3O7uzTHOPCqX0wo+N IkBth3LoHfCFatch/Z1ENcUF1PU45D08/LmOi5+1xeeNbPR3A24gLDi/zSFZaW6P05 R5mSsFa/EAX7hI9SKJlJhpbPyNauISF+hAPlhk40=
From: elenagurevich <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab8792bd1cc58ad0919b48f9b28114346c52df246192cf00000001175aeb8a92a169ce136fc559@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1387/403416469@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1387@github.com>
References: <quicwg/base-drafts/issues/1387@github.com>
Subject: Re: [quicwg/base-drafts] 5.6 Packet Number Protection is hard to follow (#1387)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b43298aee0d2_8d72aafd14eaf6044782a"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: elenagurevich
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/LYCm54xw8L74h5eGH8GJepz3oBg>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 09:23:27 -0000
No i mean the following: a single QUIC short packet may be contained within a single UDP datagram --> hence UDP header length may be used to determine protected packet length. packet_length = sizesof(ShortHeader) + sizeof(Protected_Payload)+sizeof(Authentication Tag) but if _sample_offset + sample_length > packet_length then sample_offset = packet_length - sample_length_ So it may happen that sample will take bytes from authentication tag (ICV) depending on actual payload size. Once the sample is known we can remove protection from the packet_number. Once packet_number is decrypted, its size is known, its value can be decoded, so we can form nonce, locate start of protected payload and decrypt& verify authentication tag of a packet. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1387#issuecomment-403416469
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… Martin Thomson
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… MikkelFJ
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… Martin Thomson
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… MikkelFJ
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… elenagurevich
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… elenagurevich
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… MikkelFJ
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… elenagurevich
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… elenagurevich
- [quicwg/base-drafts] 5.6 Packet Number Protection… Tatsuhiro Tsujikawa
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… Tatsuhiro Tsujikawa
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… Martin Thomson
- Re: [quicwg/base-drafts] 5.6 Packet Number Protec… Martin Thomson