IETF Logo Mail Archive

Re: [quicwg/base-drafts] minimum payload size requirement creates awkward special case (#2049)

MikkelFJ <notifications@github.com> Sun, 25 November 2018 21:09 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BD1F130DDE for <quic-issues@ietfa.amsl.com>; Sun, 25 Nov 2018 13:09:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JENQtWyMwpCH for <quic-issues@ietfa.amsl.com>; Sun, 25 Nov 2018 13:09:45 -0800 (PST)
Received: from out-5.smtp.github.com (out-5.smtp.github.com [192.30.252.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3EE8129C6A for <quic-issues@ietf.org>; Sun, 25 Nov 2018 13:09:45 -0800 (PST)
Date: Sun, 25 Nov 2018 13:09:44 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1543180184; bh=7ZsAoYyABZEz0w+kYFVASUVwIxnd1oLe3X/pxT62cFY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=LuxVXEP+PvsnR3+AhAQJCCZf2PdXaaRGmVPNIkrzoq35zxx8D4haeSaLwfg4jvk5o ZVu1dPxbt+5liZbkes4TM6pI0cmHP12QD5VHKxsLKWM/sAzlfV9fIF23hdiOx7LIrh MtS1yPKfZ8hNE4JgBIM+MZ7ggyFCWbI6QZxlmcZo=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab3f8437e5eab1c11ada74766e44d5993288381e0592cf000000011812d19892a169ce16e4137a@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2049/441473483@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2049@github.com>
References: <quicwg/base-drafts/issues/2049@github.com>
Subject: Re: [quicwg/base-drafts] minimum payload size requirement creates awkward special case (#2049)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bfb0f982356a_7a423f98c2ed45b41159c7"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/uEgcq71AV8zJHgS8_aSgiQCp8gA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Nov 2018 21:09:48 -0000

I think this header protection is starting to bleed into the core packet processing and I don't think that is a particular good idea.

If you revert to the old method header protection method, @kazuho argues that both sender and receiver must perform a check for adjustment. However, you must still check that the received packet is long enough to sample since the packet might be evil or faulty. If the length check is for the common case where no offset adjustment is needed, there is no extra overhead. If the check fails you need to perform a new length check that can handle short packet numbers with short content.

Special casing short packets is a bit unfortunate if you have a lot of short packets to process, but the the overhead is still limited and more importantly isolated to one place in the logic framework. Also, if there are many short packets, branch prediction will likely figure it out.

With the current padding solution you get the special case @marten-seemann mentions, but you might also still have to check if the sampling does not overlap with payload when the packet number is short and the payload is short. If you don't check this you could be triggered to xor the mask into the payload. Likely AEAD will catch this but it is an unsafe praxis, so you still have extra checks for short packets.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2049#issuecomment-441473483

v2.35.0 | Report a Bug | By Email | System Status