Re: Packet number spaces in multipath (was Re: What to do about multipath in QUIC)
Kazuho Oku <kazuhooku@gmail.com> Mon, 07 December 2020 00:04 UTC
Return-Path: <kazuhooku@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E17E3A0DA1 for <quic@ietfa.amsl.com>; Sun, 6 Dec 2020 16:04:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oegD69NKZg1r for <quic@ietfa.amsl.com>; Sun, 6 Dec 2020 16:04:28 -0800 (PST)
Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4621C3A0CE8 for <quic@ietf.org>; Sun, 6 Dec 2020 16:04:28 -0800 (PST)
Received: by mail-ej1-x631.google.com with SMTP id d17so16942366ejy.9 for <quic@ietf.org>; Sun, 06 Dec 2020 16:04:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=p2KayjxcvPD914r70bgSStIe0l/hzkieGdYwmK4RgVQ=; b=kWfDo/42pR+T2lE88nm/07A5zJRPtQIlwH95a4PLCF/94CglW891oh1ei7PasxRYeM CdwG9IrU/MVE73+Exjy12pRB69WwQWgv6ihWUQpaC37vIHebI9qPSqCe10dFeXbbbsy1 B5jaW/2S0VcjmCIVPcQqs4nDAcsYfKiLvHcf00LmCKfS8pnymJI9xWyek/9k48LUccBw 1cp+aMFwiiERkptxFB33uVpJiJhxUuyN+MH8eTg90kj3wrhKFpkKef0nJkn12VAfL+X8 gV4ekE6mxxcz20h3k1DOkwcFJUxVgh5kVW+FhEtqwmjhPNv1rv5za3z5Zed7IE7P2Bhb c0mw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=p2KayjxcvPD914r70bgSStIe0l/hzkieGdYwmK4RgVQ=; b=dQzvqZ/S6hovjIaj2BRNpUBBt0mgoq9G2PxsgvAuMM6YIAFsUeLt+lbBKt65fvgODo 5CNSvep92GYfb5iREkEM+JNR/1LX+31LbOdqrogpE0lmwFrzBm2aP+6l2wgXTwIJwKjN eengcomlyu5h4kKdJtQl1htZYCSAwgJkgOK7unD98rtlf9ULGYWUUTmjz8YXlRt0pLpz 6DPDMOkdAr8d2uv0Ff9o8aoGu0SG3FtiLagVroYunYz2XiBlLcDPyPHH8OafBXVpvjw6 qANqRM1+JEJGXALK2sVOPdlVEDE02rhwidyO/xaqtpQ3mx4Pj7iRPuyLme26Db0Nt1qh iE3w==
X-Gm-Message-State: AOAM530xG6n0yOdpIkqMchXepNM/cnd+CDs3hQl4AxWD6fGhbWUtjenr wVu9zmoOX4c/VVNun2T2elV516cPCfiSL2AMHPk=
X-Google-Smtp-Source: ABdhPJzBgJaBwC622x1jBGKvR5WnfPdpEb6reXL8G1xlmIxBSiWiDpFTlI35ad1iiQbeW8zla1r4bgSVZ+CIYh6gnxE=
X-Received: by 2002:a17:906:5609:: with SMTP id f9mr16069468ejq.535.1607299466460; Sun, 06 Dec 2020 16:04:26 -0800 (PST)
MIME-Version: 1.0
References: <538215d1-3b9e-4784-920d-03be4c3a503a.miaoji.lym@alibaba-inc.com> <54510017-fa91-555f-0219-0859d6686b74@huitema.net> <CAMDWRAaSeC9Yd1DqzM9o5_CS5Kct0aNS_LUzty5YPO_5fBf4qw@mail.gmail.com> <CANatvzyEfkRqgCArC8sXaS1-1DckxjspBLqLyLNdHx-RDKjT_Q@mail.gmail.com> <CAHgerOGGyAkE=TbCSuTO=T6HK9EM_+m+ASwPRm=o33HBrx7p3Q@mail.gmail.com> <CANatvzz_KSBws_upnx00P7JK=MbgyDRrR5n2VJcr1_=y=P6dfQ@mail.gmail.com> <062fe812-8afb-d946-8336-1f4dc5ebeaaf@uclouvain.be> <7540ef46-9948-c76c-3617-5755be3cdf37@huitema.net> <CANatvzymE+XRXUMBH2quGi=VEUNXDR_Eoer+o6p9+nkD-KFisQ@mail.gmail.com> <3bb7f359-ebe5-7a54-0224-bb1f5f1754af@huitema.net> <CANatvzxyj3nXP+GrnMkexWV-VN7Og4EGXysq1o0W2e2JGWzDrw@mail.gmail.com> <651e0ae1-0a5e-89e9-55c0-c33439599da6@huitema.net> <CANatvzw4Yg9aX2qyaGfc9sS=oEFOHxp-ZLSLF0EYNa8t6uN-iA@mail.gmail.com> <4b96dbb8-e72c-7f99-0bb3-9ee27b7bda78@huitema.net> <CANatvzz_H205MPP67Vnuqp0mwhM0TUbHvA5CfVGeoivCLcUdgw@mail.gmail.com> <850c5bdd-948e-269a-1488-77a77843d5e6@huitema.net> <CACpbDccY3f2wMd5vFzK=NC=Me=EhgmFWMDS7TTBZFtG2bm=JSg@mail.gmail.com> <1d286807-3253-4d87-b30f-d309e8dd152c@www.fastmail.com>
In-Reply-To: <1d286807-3253-4d87-b30f-d309e8dd152c@www.fastmail.com>
From: Kazuho Oku <kazuhooku@gmail.com>
Date: Mon, 07 Dec 2020 09:04:15 +0900
Message-ID: <CANatvzwc6mNu7g8JXZvOfcxco6HZ-z5fnaiGtE3OeXkduJ99eA@mail.gmail.com>
Subject: Re: Packet number spaces in multipath (was Re: What to do about multipath in QUIC)
To: Martin Thomson <mt@lowentropy.net>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bf037405b5d49128"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/j4msop7JKzwfZfgUnRb4OBvuTTU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 00:04:33 -0000
2020年12月7日(月) 8:24 Martin Thomson <mt@lowentropy.net>: > As this wasn't mentioned in the discussion: > > On Wed, Nov 25, 2020, at 14:34, Jana Iyengar wrote: > > First though, a point on terminology: the receiver maintains a separate > > "ReceivedPackets" for each CID, probably for each CID sequence number > > (CSN). Let's please not call this a SACK Dashboard, to avoid confusion. > > > > On the question of sending more than 2^32 packets, I think that > > resetting the packet number (PN) is ok on new CIDs. > > A design like this would require changes to the way that keys are > generated. Unfortunately, I think that this also increases the cost of key > generation a little for reasons specific to the internal workings of the > key derivation function. > > I think Jana is discussing a different problem. Let me go through. For multipath, I think that it is a good idea to have packet number spaces for each path. Then, the question is if we want to use different encryption keys for each path, or if we want to use the same keys. As AEAD prevents nonce reuse, the sensible option here is to use the 32-bit unused space of 96-bit nonce to contain the identifier of the path (note: RFC 5116 recommends AEAD should support nonce of at least 96 bits). Therefore, we do not need to restrict the number of packets being sent on one path to 2^32 or whatever. However, there is a separate issue. That is that the packet format of QUIC v1 does not allow an endpoint to start from a CID that is greater than 2^31. Therefore, if an endpoint intends to use a new path ID (which is being the CID sequence number), but wants to continue using packet number space of a different CID, then it needs to ensure that the next packet number to be used is below 2^31. IIUC this is the problem that Jana is referring to, and arguing that it is okay because an endpoint can always reset the packet number to zero on a new path. -- Kazuho Oku
- What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Martin Duke
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Jana Iyengar
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Lucas Pardue
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Lucas Pardue
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Lucas Pardue
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Olivier Bonaventure
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Lucas Pardue
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Roberto Peon
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Lars Eggert
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Lars Eggert
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Roberto Peon
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Martin Thomson
- Re: What to do about multipath in QUIC Yanmei Liu
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Terminology for multipath QUIC (was Re: What to d… Lucas Pardue
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: Terminology for multipath QUIC (was Re: What … Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Mirja Kuehlewind
- Re: What to do about multipath in QUIC Mirja Kuehlewind
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Re: What to do about multipath in QUIC Yanmei Liu
- Re: What to do about multipath in QUIC Behcet Sarikaya
- Re: What to do about multipath in QUIC Yanmei Liu
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: Re: What to do about multipath in QUIC Ma, Yunfei
- Re: What to do about multipath in QUIC Yunfei Ma
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Florentin Rochet
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Mikkel Fahnøe Jørgensen
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Kazuho Oku
- Re: What to do about multipath in QUIC Christian Huitema
- Re: What to do about multipath in QUIC Spencer Dawkins at IETF
- Packet number spaces in multipath (was Re: What t… Jana Iyengar
- RE: Packet number spaces in multipath (was Re: Wh… Markus.Amend
- Re: Packet number spaces in multipath (was Re: Wh… Christian Huitema
- RE: Packet number spaces in multipath (was Re: Wh… Markus.Amend
- RE: Packet number spaces in multipath (was Re: Wh… Mikkel Fahnøe Jørgensen
- RE: Packet number spaces in multipath (was Re: Wh… Mikkel Fahnøe Jørgensen
- Re: Packet number spaces in multipath (was Re: Wh… Roberto Peon
- RE: Packet number spaces in multipath (was Re: Wh… Markus.Amend
- Re: Packet number spaces in multipath (was Re: Wh… Mirja Kuehlewind
- Re: Packet number spaces in multipath (was Re: Wh… Jana Iyengar
- Re: Packet number spaces in multipath (was Re: Wh… Quentin De Coninck
- Re: Packet number spaces in multipath (was Re: Wh… Mikkel Fahnøe Jørgensen
- Re: Packet number spaces in multipath (was Re: Wh… Kazuho Oku
- Re: Packet number spaces in multipath (was Re: Wh… Quentin De Coninck
- Re: Packet number spaces in multipath (was Re: Wh… Martin Thomson
- Re: Packet number spaces in multipath (was Re: Wh… Kazuho Oku
- RE: Packet number spaces in multipath (was Re: Wh… Mike Bishop