Re: [quicwg/base-drafts] Consider simplifying Packet Number Encryption (#1575)

Martin Thomson <> Tue, 25 September 2018 17:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6046212426A for <>; Tue, 25 Sep 2018 10:13:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.999
X-Spam-Status: No, score=-2.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Vq9FigbGUnpY for <>; Tue, 25 Sep 2018 10:13:50 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3A6C7124D68 for <>; Tue, 25 Sep 2018 10:13:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=XD0REZaUN0UfX0s0Yxu4HvcWeJg=; b=Kmxd2uFo/20w792M 2FlQNpm+9g00zHi7gJ+n2b0NGBXG0PdQpA2Bbp+h+RTdIrkCTjzUcN3KCSLeui69 cwzyBnr6nEPLDokorHJz/C9qZx08YcJx2Cl83TYwndUdYtBTcitUpd61cImcb69l u0x99neb8BwE6UPJ1g+bV+S2aeA=
Received: by with SMTP id filter0343p1iad2-20647-5BAA6CCC-22 2018-09-25 17:13:48.684289548 +0000 UTC m=+7589.858355173
Received: from (unknown []) by (SG) with ESMTP id 73JbOR0vRVetEgTJVbJbkQ for <>; Tue, 25 Sep 2018 17:13:48.714 +0000 (UTC)
Received: from (localhost []) by (Postfix) with ESMTP id A6BF6180059 for <>; Tue, 25 Sep 2018 10:13:48 -0700 (PDT)
Date: Tue, 25 Sep 2018 17:13:48 +0000
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/1575/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Consider simplifying Packet Number Encryption (#1575)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5baa6ccca54fa_56b93fa76d2d45c0541e6"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak0YjD3b2qFBaFhS3rxVmnn7A1NwaX7/TCSeAZ 1CvUwYbC7RW4Jsed6KFcDlgzreLr4cyZJzFFgIJmgxEefBbk5o+ZgEc4JOZ0fgtubTe9hOeaJW/ijy FkEElJ/4p/qht0zhxMfxkqoBkyGBuvU8inTJwPGDAx9Co9rIAeiScDnvUcA8kbV9tqCsOjG/QD88Uk s=
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 25 Sep 2018 17:13:52 -0000

That sounds good.  We can stipulate that a packet MUST always contain at least 3 octets of frames.  Adding a couple of padding octets is probably a good idea.

Note that we're probably changing the encoding of packet numbers (again, yeah, sorry), so the precise set of 

Not sure whether you mean that you always XOR 4 octets (which means XOR over the encrypted payload if the packet number is <4), or whether you only XOR the octets of the packet number.  With the proposed move of the packet number length to the first octet, it's probably better to only XOR the octets of the packet number.  That way you don't touch the payload octets other than to sample them.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: