IETF Logo Mail Archive

RE: Getting to consensus on packet number encryption

Mike Bishop <mbishop@evequefou.be> Wed, 25 April 2018 19:54 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F747129C6D for <quic@ietfa.amsl.com>; Wed, 25 Apr 2018 12:54:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1tHmj7DuZu3I for <quic@ietfa.amsl.com>; Wed, 25 Apr 2018 12:54:07 -0700 (PDT)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0114.outbound.protection.outlook.com [104.47.32.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B27712702E for <quic@ietf.org>; Wed, 25 Apr 2018 12:54:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=jcptBgnWu6h/zMIXaf+aonGKnlB4DQWF+YoUbmUgcJE=; b=XVkQy/6pm9JbQo9g+NzjOXp5ggmhN0EJNYTCynf/BxTd7vnUstLuVsU+VkWQwZe2bLN7CYY4NxiPnSdOkvLFPiMND3nmuX1O96BF0zgsUCIQ3lH4zCjWHneqyW/+llMwkJmHyM/wujvo6EGRs4FHzFn1f6Wrpuhn1t5MfEy8CQM=
Received: from SN1PR08MB1854.namprd08.prod.outlook.com (10.169.39.8) by SN1PR08MB1695.namprd08.prod.outlook.com (10.162.133.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.696.15; Wed, 25 Apr 2018 19:54:03 +0000
Received: from SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::dd26:af46:4549:f472]) by SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::dd26:af46:4549:f472%13]) with mapi id 15.20.0696.019; Wed, 25 Apr 2018 19:54:03 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Christian Huitema <huitema@huitema.net>, "Deval, Manasi" <manasi.deval@intel.com>, Mark Nottingham <mnot@mnot.net>
CC: "quic@ietf.org" <quic@ietf.org>
Subject: RE: Getting to consensus on packet number encryption
Thread-Topic: Getting to consensus on packet number encryption
Thread-Index: AQHTy9GX7TDeC7pGjkeFqjSFMKBzEaPwZ0sAgAC4ugCAAARcAIAAG5CAgAAFCACAAACJgIAAEVkAgACR+YCAB09lAIAFXyIAgAVK+oCAAJlSAIABxdSAgACOHICAB/EyAIACo7YAgABkBYA=
Date: Wed, 25 Apr 2018 19:54:03 +0000
Message-ID: <SN1PR08MB1854FD2461597D81BEE31ED6DA8F0@SN1PR08MB1854.namprd08.prod.outlook.com>
References: <7fd34142-2e14-e383-1f65-bc3ca657576c@huitema.net> <21C36B57-6AE2-40EF-9549-7196D7FA9B45@tik.ee.ethz.ch> <B176FC07-887D-4135-B01E-FE8B4986A5EE@mnot.net> <CAKcm_gOCeocLyrYpOS7Ud332xdz3xHSH0psPN8T6BGRjoL9ptQ@mail.gmail.com> <CY4PR21MB0630FA0EDD343396AD414641B6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <CAN1APde13JTzCvKFFvMd183Fka6QGD1kGBjsa9fcoLrYeA2hsA@mail.gmail.com> <CY4PR21MB0630C0FD4FBECBFEC3C863BBB6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <047d2ff0-ff8b-64c9-8983-0ecabeb9fea5@huitema.net> <B0F49097-F77A-4831-B68B-4266AA880A86@tik.ee.ethz.ch> <74E2F5C2-66AD-4902-8A4A-E481CC0A015C@fb.com> <75050158-3812-44F1-A01E-D70EED7FDFD6@tik.ee.ethz.ch> <BY2PR15MB0775B4ACF7DB9124E89016F0CDB00@BY2PR15MB0775.namprd15.prod.outlook.com> <c8e60ba4-d6be-c4fc-5bac-d569a28fb4e8@huitema.net> <56CE3592-EB1D-40A3-B1D2-965B238FA402@mnot.net> <ae7a63fe-0a32-893f-aa6b-e8d97b8ba87a@huitema.net> <1F436ED13A22A246A59CA374CBC543998B60C6DD@ORSMSX111.amr.corp.intel.com> <fc57394f-9516-04c0-0846-6d159b14bc9e@huitema.net>
In-Reply-To: <fc57394f-9516-04c0-0846-6d159b14bc9e@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN1PR08MB1695; 7:IqPV0pe+ynbQtkZcyMpxQU+WezJTpm77HCXmR6ZDcHBKBPySVfy/ysuDdGwiapiVxxJZNZRh5WT57JjpVS1P3j3aLxRo87CN99ErBToDrG/8w2HqeBnxzXUywkrnlQpcJGnyFo+qwxjpA/XDbQGXw2fQ0ntGnIIlXmjdwVnNKrlva/L11Jxsi09vLxfwD/LYgmWklWtWLwF3DODTPexCVvxokIaGaWwaJcmPB1cgIQCvWVZcVXDzoDrg5vC3xJpn
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(5600026)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603328)(7153060)(7193020); SRVR:SN1PR08MB1695;
x-ms-traffictypediagnostic: SN1PR08MB1695:
x-microsoft-antispam-prvs: <SN1PR08MB169500F1E915812B3A547FE0DA8F0@SN1PR08MB1695.namprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(166708455590820)(100405760836317)(228905959029699);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(3231232)(944501410)(52105095)(6041310)(20161123562045)(20161123564045)(20161123560045)(2016111802025)(20161123558120)(6072148)(6043046)(201708071742011); SRVR:SN1PR08MB1695; BCL:0; PCL:0; RULEID:; SRVR:SN1PR08MB1695;
x-forefront-prvs: 06530126A4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(366004)(376002)(39830400003)(346002)(39380400002)(13464003)(51914003)(199004)(189003)(68736007)(106356001)(6436002)(3846002)(105586002)(6306002)(4326008)(6246003)(9686003)(53936002)(7696005)(26005)(966005)(14454004)(55016002)(478600001)(59450400001)(186003)(6116002)(305945005)(74316002)(99286004)(86362001)(76176011)(229853002)(486006)(25786009)(476003)(5250100002)(6506007)(11346002)(446003)(66066001)(3280700002)(3660700001)(81156014)(81166006)(8676002)(33656002)(316002)(2900100001)(102836004)(5660300001)(53546011)(7736002)(74482002)(97736004)(2906002)(8936002)(110136005)(93886005); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR08MB1695; H:SN1PR08MB1854.namprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 3/2gEgBghkLkA8Gp3W93w9QOUp1wML7ceHH0yDD3m+PvbPf0uZknLVPwibcyq0ivewB/oMufHZcgyWtJYUQ1w34TrRVA8ZC+7DVlN9B7Tfymk+7K4Bz21RCVb/xbGrDfncOGGsysnOMOAuZ6qxM0bgpLS00YkTdYNuOf8dPpoyhN2BZkAaEDPQZimA1JoQd3
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 3e7b056f-ee82-4088-a361-08d5aae64bcf
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 3e7b056f-ee82-4088-a361-08d5aae64bcf
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Apr 2018 19:54:03.2329 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR08MB1695
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/ha02VOAR_jCRZPZQfBvHX24vI9w>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Apr 2018 19:54:09 -0000

Yes -- it seems that the biggest objection to #1079 was the difficulty in hardware implementation.  If we're hearing that hardware implementation is feasible at a reasonable cost, then I think we might have a winner.

The CPU cost for a software implementation is still worth considering, and an option to not encrypt is probably reasonable to limit that burden for implementations / use cases that don't care.

-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Christian Huitema
Sent: Wednesday, April 25, 2018 3:14 AM
To: Deval, Manasi <manasi.deval@intel.com>; Mark Nottingham <mnot@mnot.net>
Cc: quic@ietf.org
Subject: Re: Getting to consensus on packet number encryption

On 4/23/2018 6:55 PM, Deval, Manasi wrote:

> I had brought up the issue with PNE several weeks ago as a barrier to hardware offload. After further review, it looks like a hardware offload can implement the PNE at a small cost. 
>
> The implementation can modify current HW crypto accelerators to support encrypting a buffer in the first pass and then encrypting packet number in the 2nd pass as already discussed on this thread. The exact requirement (header checksum, packet length encoding) is still in flux so there may be some small variations depending on the accelerator and final algorithm chosen for PNE. Future offload designs can do more to further reduce the overhead.

Thanks for the information, Manasi. I have modified the wiki page describing the PNE issues and alternatives to reflect this new data:
https://github.com/quicwg/base-drafts/wiki/Summary-of-the-PN-encryption-issues-and-alternatives.
With that new information, it appears that PR #1079 is superior to every other alternative.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email