IETF Logo Mail Archive

RE: Packet number encryption

Praveen Balasubramanian <pravb@microsoft.com> Fri, 09 February 2018 17:15 UTC

Return-Path: <pravb@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9BA712D7F5 for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 09:15:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.01
X-Spam-Level:
X-Spam-Status: No, score=-3.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwDaZqiODOLW for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 09:15:33 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0102.outbound.protection.outlook.com [104.47.40.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAF7612D86D for <quic@ietf.org>; Fri, 9 Feb 2018 09:15:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xz4EVxuCoJKjyZd6F3FAK/BQa+6Cyxhu5YjFGOEFiXg=; b=dE9WYmm/0AJgeidGeXcNbRBFYHCfgCQxn4gGdD7+IlL6VD8NRvpvjqapEzpXcectiRKv+uKANUghIL6t0d6lkEfv++H8Vt4kK0Ke2YIhur5DGkcbpAd8RuJOub6fUaDhSfegjwmocWfntqE+DE64JxWONrVBMpFwmzEXCvn9MLg=
Received: from CY4PR21MB0133.namprd21.prod.outlook.com (10.173.189.15) by CY4PR21MB0821.namprd21.prod.outlook.com (10.173.192.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.506.3; Fri, 9 Feb 2018 17:15:06 +0000
Received: from CY4PR21MB0133.namprd21.prod.outlook.com ([fe80::f4bd:bebf:7ea5:7dc5]) by CY4PR21MB0133.namprd21.prod.outlook.com ([fe80::f4bd:bebf:7ea5:7dc5%6]) with mapi id 15.20.0506.011; Fri, 9 Feb 2018 17:15:06 +0000
From: Praveen Balasubramanian <pravb@microsoft.com>
To: "Salz, Rich" <rsalz@akamai.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, Mike Bishop <mbishop@evequefou.be>, "quic@ietf.org" <quic@ietf.org>, huitema <huitema@huitema.net>
Subject: RE: Packet number encryption
Thread-Topic: Packet number encryption
Thread-Index: AQHTmW31V+0GAWpR/E2VqOCVLx9SYqOMgUQAgABeoYCAAAgUAIAAd3KAgAA8YgCAACPEAIAAAiYAgAOBloCAALfdgIAACBkAgAEGGACAANx9AIAAn5KAgAB7w4CAADUigIAADBeAgADUsaCAAGk3gIAAEEgAgACizACAADhiAIAAHkiAgAADUYCAACdFAIAAVRYAgAAUZQCAAA5oAIAAD4fQgABGjACAAAGHQIAACNQAgAAAqaCAAAeBgIAAC4qAgACi02CAAe6PgIAACzgAgAARh3CAAEwGwIAADioAgAARigCAAABaEIAAXF6AgABIk/A=
Date: Fri, 09 Feb 2018 17:15:06 +0000
Message-ID: <CY4PR21MB013342BD31A6910BE350C389B6F20@CY4PR21MB0133.namprd21.prod.outlook.com>
References: <CABkgnnVyo3MmWtVULiV=FJTnR528qfY8-OmKGWAs0bCvri-a_g@mail.gmail.com> <CAGD1bZauKbucs_5n7RQbK8H2HiyfiqpGVEcKreGA6umhMBSFgg@mail.gmail.com> <CABcZeBPNrc-9vANSH02r++p53s6gN4pVB8DMd80nUxOhKTp3dA@mail.gmail.com> <CAKcm_gMvHSBhpUvsQCCkV2_o+d_wchF3R3L6H8mp6nKNaaRmSw@mail.gmail.com> <CY4PR21MB0133CCAA6807469BA983D00BB6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <CABkgnnW4xr_YzpsvCxaJJgcQdBTuX=Yv735_sdd4VoMfji8mbA@mail.gmail.com> <CY4PR21MB0133C759D4A08A4988B641B2B6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <bdf88936-8edc-d56e-ee59-c9d597058edd@huitema.net> <CY4PR21MB01337C8A700E58B49D90B712B6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <119b3276-5799-1cc3-8982-7479171bbf27@huitema.net> <CAOYVs2pi8-NVuS+crNMfjsP-n5upK3=5tPeQ8OSGpOvL6RTrjA@mail.gmail.com> <CY4PR21MB0133A1117B2733BBCF049C5FB6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <MWHPR08MB24327A7BB5AE1AE70FE5CDB1DAF30@MWHPR08MB2432.namprd08.prod.outlook.com> <533a0a2e-3a87-b55f-84ce-c52bc03cd81c@huitema.net> <MWHPR21MB0144C68102972A668611E1FCB6F20@MWHPR21MB0144.namprd21.prod.outlook.com> <CY4PR21MB01332141C3563ABBA240C566B6F20@CY4PR21MB0133.namprd21.prod.outlook.com> <MWHPR08MB2432EAF7D176BBFCA28DF3FFDAF20@MWHPR08MB2432.namprd08.prod.outlook.com> <CAN1APdeUzoxMaA-U6Ls4q_hw1b4BXZzwOCvo2dGm=s8YTokWAQ@mail.gmail.com> <CY4PR21MB0133F887774049426C51145DB6F20@CY4PR21MB0133.namprd21.prod.outlook.com> <84BA46ED-BA37-4B06-8902-B14D0C91B8EE@akamai.com>
In-Reply-To: <84BA46ED-BA37-4B06-8902-B14D0C91B8EE@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:6::712]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0821; 7:eqF7PbQ1MbC+TPiwqzFYvezrG0iCxTesETzP/9jMpCaKA7O8yOtdZBWBLBeOFJRZT+CqHzGRCGFe/iLkblMFM/NI5paiD84uYigqsZTrwFM77UQlfmvJbjLZKFR81bbS9olNOEz27y8Ng07Lih56PHevIuVA2olGt6ElEAYgyCIBs0Iw9EZrLbbV0rnjIQE/wdx4Tzllh9jIgd8M84UPw/v7wEoNpZcSBX0773exfAbuJspVfjK3wukI8O2CbBKy
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5e150331-a062-4f3e-8efd-08d56fe0aa80
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(3008032)(2017052603307)(7193020); SRVR:CY4PR21MB0821;
x-ms-traffictypediagnostic: CY4PR21MB0821:
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-microsoft-antispam-prvs: <CY4PR21MB082190A902A01B8D089A8C20B6F20@CY4PR21MB0821.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(89211679590171)(85827821059158)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040501)(2401047)(8121501046)(5005006)(10201501046)(3231101)(944501161)(3002001)(93006095)(93001095)(6055026)(61426038)(61427038)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123560045)(20161123564045)(6072148)(201708071742011); SRVR:CY4PR21MB0821; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0821;
x-forefront-prvs: 057859F9C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(346002)(366004)(376002)(39860400002)(396003)(199004)(189003)(6346003)(53546011)(102836004)(6506007)(68736007)(6246003)(186003)(39060400002)(2501003)(76176011)(316002)(478600001)(22452003)(25786009)(2906002)(110136005)(5250100002)(14454004)(229853002)(7696005)(86612001)(93886005)(74316002)(3480700004)(86362001)(10090500001)(99286004)(5660300001)(3280700002)(3660700001)(2950100002)(33656002)(53936002)(561944003)(2900100001)(6436002)(10290500003)(790700001)(6116002)(8936002)(7736002)(105586002)(97736004)(7116003)(55016002)(8990500004)(8676002)(106356001)(9686003)(54896002)(81156014)(81166006)(6306002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0821; H:CY4PR21MB0133.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pravb@microsoft.com;
x-microsoft-antispam-message-info: IwzRu9PT3hE1Dng7T/JsUzAzieJzyqubEmhU5Te/dDt3pXwfv3GmJ+2JaRvVULkQwFEhYCfNNyDJuHzzFmh0sA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB013342BD31A6910BE350C389B6F20CY4PR21MB0133namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5e150331-a062-4f3e-8efd-08d56fe0aa80
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Feb 2018 17:15:06.5296 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0821
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/98EANyAHaacSodl_SkhGBhryPyE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2018 17:15:36 -0000

No I don’t want it in the clear. The proposal is to put PN in encrypted header and use a separate nonce field in the clear. Please ignore the whole obfuscation discussion for now, that was an attempt to produce a transform cheaper than crypto and doesn’t seem to be going anywhere.

From: Salz, Rich [mailto:rsalz@akamai.com]
Sent: Friday, February 9, 2018 4:54 AM
To: Praveen Balasubramanian <pravb@microsoft.com>; Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>; Mike Bishop <mbishop@evequefou.be>; quic@ietf.org; huitema <huitema@huitema.net>
Subject: Re: Packet number encryption

Can you please explain why you want the packet number in the clear?  Or post a link to the email archive if you’ve already done so.  Because, to my casual observer viewpoint, you are trying fairly hard to do this, including some tortured/questionable crypto; so, why?

v2.23.0 | Report a Bug | By Email