IETF Logo Mail Archive

Re: [quicwg/base-drafts] Perform stateless reset token comparisons in constant time (#2993)

Marten Seemann <notifications@github.com> Wed, 04 September 2019 05:13 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C2CA120090 for <quic-issues@ietfa.amsl.com>; Tue, 3 Sep 2019 22:13:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.595
X-Spam-Level:
X-Spam-Status: No, score=-6.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e53XXF3XT1Nt for <quic-issues@ietfa.amsl.com>; Tue, 3 Sep 2019 22:13:21 -0700 (PDT)
Received: from out-13.smtp.github.com (out-13.smtp.github.com [192.30.254.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B45A312001E for <quic-issues@ietf.org>; Tue, 3 Sep 2019 22:13:21 -0700 (PDT)
Date: Tue, 03 Sep 2019 22:13:21 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1567574001; bh=5BBHeRrt9+S2Vu3KhVjuCXro4vp5oq4DHNxUmC76Hws=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=DtqWQoMtebXn7r2XNFzeOiNVOiYJWaaCGW6s2rYcemekzfK1FVq5R1XD1TPF4gfhp s08oj9JPjbQefYYQzYVdfn4ojv6QG+ECtCbfGn5e8VdKcK2/NjIHN3dcWm6iwqZ3Io yQlRa2um62lO3j/xjEGj6lWllDE4FLKOCz7/+xUA=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK4MG6UC5EIZFNN2GP53PR5HBEVBNHHBZ4IYAM@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2993/c527742872@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2993@github.com>
References: <quicwg/base-drafts/pull/2993@github.com>
Subject: Re: [quicwg/base-drafts] Perform stateless reset token comparisons in constant time (#2993)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d6f47f1d20_5bcf3fd42d0cd96047782"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/l7Khuhmb9Zkqy_g7ndmuEUKtcTU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2019 05:13:24 -0000

> One thing that I'm trying to protect is the integrity of the specification and the analysis that (I hope) will come. If we allow weaseling out of this sort of requirement, then the analysis has to allow for that too.

@martinthomson I was wrong on this, and you're absolutely right. Implementation difficulties shouldn't make us lower our security guaranties, or the language we use to describe them.

@kazuho Thanks for the pointer to the hash flooding attack. By the way, here's the [video](https://media.ccc.de/v/29c3-5152-en-hashflooding_dos_reloaded_h264) corresponding to the slides you linked.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2993#issuecomment-527742872

v2.23.0 | Report a Bug | By Email