IETF Logo Mail Archive

[quicwg/base-drafts] Clarify and strengthen key update requirements (#1457)

MikkelFJ <notifications@github.com> Mon, 18 June 2018 12:44 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48E12130E9A for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 05:44:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.01
X-Spam-Level:
X-Spam-Status: No, score=-3.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4krxwGCJpIcu for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 05:44:50 -0700 (PDT)
Received: from o7.sgmail.github.com (o7.sgmail.github.com [167.89.101.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB17812F1A6 for <quic-issues@ietf.org>; Mon, 18 Jun 2018 05:44:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=wFt3K3TYEh9/dD5aDhQnF4Jhe1k=; b=fNauSZdrQCPuaPtJ tEHnOAy0aZokV27vOJmzkjBmN7+Br0OuFYdap5v7YGRLg2waCNWkQuFQHDcgphHS LBeoEb/y0RWFUaSOmi/u+fkeMXvnaBUbRPk+e8T2mh9A13F7iqzGMYjADJuf81Jh Q8BAQHnyUEcukFmJZlaQYAhomgY=
Received: by filter1049p1las1.sendgrid.net with SMTP id filter1049p1las1-11010-5B27A93F-1 2018-06-18 12:44:47.081228234 +0000 UTC
Received: from github-lowworker-f6df7df.cp1-iad.github.net (unknown [192.30.252.41]) by ismtpd0011p1iad2.sendgrid.net (SG) with ESMTP id hA_mV0eEQR2AYzBbBsGdug for <quic-issues@ietf.org>; Mon, 18 Jun 2018 12:44:46.817 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker-f6df7df.cp1-iad.github.net (Postfix) with ESMTP id EB7EE3E02E0 for <quic-issues@ietf.org>; Mon, 18 Jun 2018 05:44:46 -0700 (PDT)
Date: Mon, 18 Jun 2018 12:44:47 +0000
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab362541ca09a4265972d0f87d31ce8db0ba34668892cf00000001173f6b3e92a169ce13dd0c3b@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1457@github.com>
Subject: [quicwg/base-drafts] Clarify and strengthen key update requirements (#1457)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b27a93eea07a_5062b03cf454f54907be"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak2N9Qx4/0CxV8hvDu+CaeAwOgsB5hs/xjY7aB KryM/iuS/Xao4qsjC+GY/1VFKpRoSjslqLPPF3aZGYR4428HNP13PBmWMrbmJCK72xgB3JnH4bP9YH NuO1upgS2EoW6AJQWqCjPnR7jNubUjrhOWM4rwJ37kfwzMB5wrcYkj0dog==
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/p6lcrJqTsEO3M8nj0evutw8GVVM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 12:44:53 -0000

>From several discussions it appears that the importance of key updates are not well understand and the consequences can be fatal. The requirement are in place via numerous indirect links over TLS 1.3 spec and further documents.

Some crypto modes can handle a large number of pakcets safely while others break down statistically, including AES-GCM.

A solution could be to require key updates no later than after 2^32 packets and require a protocol error shutdown if peer does not rekey in time. While 2^32 may be early in some cases, it is not realy burden, and the alternative might be that implementations skip handling key updates.

See also discussion here:
https://github.com/quicwg/base-drafts/issues/1405#issuecomment-398022746

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1457

v2.30.2 | Report a Bug | By Email | System Status