Re: [quicwg/base-drafts] Bring back AEAD_AES_128_CCM_8 now that we pad the plaintext (#2581)
Martin Thomson <notifications@github.com> Wed, 15 May 2019 03:22 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6ED561200EC for <quic-issues@ietfa.amsl.com>; Tue, 14 May 2019 20:22:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.392
X-Spam-Level:
X-Spam-Status: No, score=-1.392 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2K-uaYCrUEnk for <quic-issues@ietfa.amsl.com>; Tue, 14 May 2019 20:22:51 -0700 (PDT)
Received: from out-23.smtp.github.com (out-23.smtp.github.com [192.30.252.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3743A120033 for <quic-issues@ietf.org>; Tue, 14 May 2019 20:22:51 -0700 (PDT)
Date: Tue, 14 May 2019 20:22:50 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1557890570; bh=NIWabXmOUs85EkcIDkZglbfC/1OS39tyrOMcyKhrpZA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=OxtLPLktJMddvB7sTaqTkAoQ1+ZtPqJkaV0xCB/9R/ResMAYLaaRANipS2CF9R55B /PIdXgeB9QSMosUU+/Av4EL6qrQtb/DmtBiuNT423FwmUU9AP21BKcvFszHpBL81l9 Ug6BB5BwJnqlbYpIkEoQ7uy4z3syHlpsIkvwSUoY=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK2CHGVWBSR6Q5Q776F25C4IVEVBNHHBTAQI4Y@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2581/492488640@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2581@github.com>
References: <quicwg/base-drafts/issues/2581@github.com>
Subject: Re: [quicwg/base-drafts] Bring back AEAD_AES_128_CCM_8 now that we pad the plaintext (#2581)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cdb860a20565_252a3fe082ecd964909713"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/v-VfGT0TlLP8aRmo8wPKfaS68sM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 May 2019 03:22:53 -0000
I don't think that we need this. The reasons offered thus far amount to "because we can". I'd like to see some analysis suggesting that shorter authentication tags are OK in the general case. Or text explaining constraints on deployments that choose to use a shorter tag. I understand the benefits of CCM over GCM; I understand that this includes an ability to have a shorter tag, unlike GCM which fails badly. I understand the desire to save bits. But it isn't really that many bits, and the shorter tag changes the odds of an invalid packet being accepted fairly significantly. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/2581#issuecomment-492488640
- [quicwg/base-drafts] Bring back AEAD_AES_128_CCM_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Lucas Pardue
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… MikkelFJ
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Kazuho Oku
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Kazuho Oku
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Martin Thomson
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Ryan Hamilton
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… ekr
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Jana Iyengar
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… MikkelFJ
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… ianswett
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… MikkelFJ
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… MikkelFJ
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… ekr
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… David Schinazi
- Re: [quicwg/base-drafts] Bring back AEAD_AES_128_… Martin Thomson