IETF Logo Mail Archive

Re: Packet number encryption

Ian Swett <ianswett@google.com> Fri, 09 February 2018 18:21 UTC

Return-Path: <ianswett@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65BF412D778 for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 10:21:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h21DBX07Qkid for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 10:21:13 -0800 (PST)
Received: from mail-it0-x22a.google.com (mail-it0-x22a.google.com [IPv6:2607:f8b0:4001:c0b::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98C401201F8 for <quic@ietf.org>; Fri, 9 Feb 2018 10:21:13 -0800 (PST)
Received: by mail-it0-x22a.google.com with SMTP id j21so3710131ita.1 for <quic@ietf.org>; Fri, 09 Feb 2018 10:21:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=HIjeTnzgfGH0euaII+Z5m8hZKG/VAVUma428eWEz5k8=; b=u4Kg1cQ6s3URmKBrduLg0YxfewhcG7HCRfws7AoW9p4HuSgiM0+50bYY+RsH+GnSXg gOAJVBG9e+O75WDx5wcR1KxNcdtUQZyyx2aePeuNGK3yH0VIdU4HWbcwZfGTxY19710b 8On4ZvmhdCUPHbZ90UNdRlrj2G2pT8zyT0cvPQCbcHt7tZlan9fsusdrYtk7/hyQ5NPj r9mBF5WnrZG/8XbOdHuO7w9zUwSuj/Zcw+j+EGXamKo53Et9z1h/5jSg6EPxfHAlQ4HY Huk9d6h/DNk47BW6z6/zWzXYRpHIJqeNLrX37OFs6tc713SPXgDFFZ2dIGRRD+o2VEVV 6p5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=HIjeTnzgfGH0euaII+Z5m8hZKG/VAVUma428eWEz5k8=; b=RC40mrKzzX4FA/25ZtsrPKcQqWYisarAhZaCTsKoeifbo4oJOrrQcWVKQvrqGNMuTM lyy30Dkp8WHNoQ1qAO33XsdcrQy+Q9R8XzHLbDQEWVnG1+1O21IC8CFQVz5LsDVuBSyA zovG9oHDV5DKIV96coEKV6PB1CLaCSXmGbFpB25cSF5//THvjt+xH0ibemUKQmMhswky Nzn/m+xwIdpq5jIKvel/3Hrw98eloCHXXTj9Cx/Pj1CaArY/MbjXni4JgQ0DhbrLyHHd cfmIQL45qYW7iH1QIiJ9psFMA69r3qf6cK6QcsRiMfC+ESjh+TTXG63UtDR0eIs4sYW3 hTIg==
X-Gm-Message-State: APf1xPDgr7b0w8dFzJ0wW7WObzV9I4nARUWCYpY86zLcHzHsXs/4tywV RiwEOj/qU8Z0DixBSjZ7YBkf8dkWOkT7pBEyUML4dooi
X-Google-Smtp-Source: AH8x227iW804IvUM4N+B0XYIWoTPrwzzxErM6SilOExEGWWAE6iQfPgw5b9sUNeHAwA3b33Ehpsg6jUlO6X5ajRx8us=
X-Received: by 10.36.167.67 with SMTP id s3mr4865942iti.66.1518200472833; Fri, 09 Feb 2018 10:21:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.222.4 with HTTP; Fri, 9 Feb 2018 10:20:52 -0800 (PST)
In-Reply-To: <D3800B30-E1F5-4955-8F85-6FEF36AD2E23@akamai.com>
References: <CABkgnnVyo3MmWtVULiV=FJTnR528qfY8-OmKGWAs0bCvri-a_g@mail.gmail.com> <CAGD1bZauKbucs_5n7RQbK8H2HiyfiqpGVEcKreGA6umhMBSFgg@mail.gmail.com> <CABcZeBPNrc-9vANSH02r++p53s6gN4pVB8DMd80nUxOhKTp3dA@mail.gmail.com> <CAKcm_gMvHSBhpUvsQCCkV2_o+d_wchF3R3L6H8mp6nKNaaRmSw@mail.gmail.com> <CY4PR21MB0133CCAA6807469BA983D00BB6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <CABkgnnW4xr_YzpsvCxaJJgcQdBTuX=Yv735_sdd4VoMfji8mbA@mail.gmail.com> <CY4PR21MB0133C759D4A08A4988B641B2B6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <bdf88936-8edc-d56e-ee59-c9d597058edd@huitema.net> <CY4PR21MB01337C8A700E58B49D90B712B6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <119b3276-5799-1cc3-8982-7479171bbf27@huitema.net> <CAOYVs2pi8-NVuS+crNMfjsP-n5upK3=5tPeQ8OSGpOvL6RTrjA@mail.gmail.com> <CY4PR21MB0133A1117B2733BBCF049C5FB6FC0@CY4PR21MB0133.namprd21.prod.outlook.com> <MWHPR08MB24327A7BB5AE1AE70FE5CDB1DAF30@MWHPR08MB2432.namprd08.prod.outlook.com> <533a0a2e-3a87-b55f-84ce-c52bc03cd81c@huitema.net> <MWHPR21MB0144C68102972A668611E1FCB6F20@MWHPR21MB0144.namprd21.prod.outlook.com> <CY4PR21MB01332141C3563ABBA240C566B6F20@CY4PR21MB0133.namprd21.prod.outlook.com> <CABcZeBNeTT79nd+d7h-KFPpFYxpr5wt1KgwPY=M0_UQpCkKq1w@mail.gmail.com> <CY4PR21MB01337A5E81D8A8A1D7518D97B6F20@CY4PR21MB0133.namprd21.prod.outlook.com> <D3800B30-E1F5-4955-8F85-6FEF36AD2E23@akamai.com>
From: Ian Swett <ianswett@google.com>
Date: Fri, 09 Feb 2018 13:20:52 -0500
Message-ID: <CAKcm_gO-2zejQnLCCzHvvG=gP70o9EAUQz8v2oYUiK=nFjyUCw@mail.gmail.com>
Subject: Re: Packet number encryption
To: "Salz, Rich" <rsalz@akamai.com>
Cc: Praveen Balasubramanian <pravb@microsoft.com>, Eric Rescorla <ekr@rtfm.com>, "quic@ietf.org" <quic@ietf.org>, huitema <huitema@huitema.net>
Content-Type: multipart/alternative; boundary="f403045fb1c8e206c30564cb9713"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/X2gBoIbdZ3YPqs9SGPMXnKuglDY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2018 18:21:15 -0000

One issue with the current encryption proposal is you can't use hardware
crypto offload for the bulk encryption because the packet number has to be
encrypted after the bulk data.

Any suggestions on how to fix that?

On Fri, Feb 9, 2018 at 12:42 PM, Salz, Rich <rsalz@akamai.com> wrote:

> Thanks for the summary.  Why do you want to do this?
>
>
>

v2.23.0 | Report a Bug | By Email