IETF Logo Mail Archive

Re: Removing packet number gaps

Christian Huitema <huitema@huitema.net> Tue, 02 January 2018 04:11 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39DC41252BA for <quic@ietfa.amsl.com>; Mon, 1 Jan 2018 20:11:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sLEnGUNR8QCm for <quic@ietfa.amsl.com>; Mon, 1 Jan 2018 20:11:18 -0800 (PST)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7885E12025C for <quic@ietf.org>; Mon, 1 Jan 2018 20:11:18 -0800 (PST)
Received: from xsmtp02.mail2web.com ([168.144.250.215]) by mx42.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1eWDv2-0003L0-Iz for quic@ietf.org; Tue, 02 Jan 2018 05:11:17 +0100
Received: from [10.5.2.15] (helo=xmail05.myhosting.com) by xsmtp02.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1eWDuv-0008EW-05 for quic@ietf.org; Mon, 01 Jan 2018 23:11:13 -0500
Received: (qmail 6428 invoked from network); 2 Jan 2018 04:11:08 -0000
Received: from unknown (HELO [192.168.1.105]) (Authenticated-user:_huitema@huitema.net@[172.56.42.40]) (envelope-sender <huitema@huitema.net>) by xmail05.myhosting.com (qmail-ldap-1.03) with ESMTPA for <quic@ietf.org>; 2 Jan 2018 04:11:08 -0000
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Christian Huitema <huitema@huitema.net>
X-Mailer: iPhone Mail (15C153)
In-Reply-To: <CABkgnnWHcZrAKBKpkF7JPZ3Bzwdk9HPXcA1cbyUtkvzMv0G64g@mail.gmail.com>
Date: Mon, 01 Jan 2018 20:11:04 -0800
Cc: QUIC WG <quic@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <E88EE694-2977-408D-BFB9-6E6FE383B7A1@huitema.net>
References: <CABkgnnW89B+5Qo0u_+Wr5K0wCRZ3Wp-+CTWJbHRGGwD06hn-zw@mail.gmail.com> <16F84894-C3D9-4342-83EB-616759E739BD@huitema.net> <CABkgnnWHcZrAKBKpkF7JPZ3Bzwdk9HPXcA1cbyUtkvzMv0G64g@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Subject: Re: Removing packet number gaps
X-Originating-IP: 168.144.250.215
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.12)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5t2HaMQv4Z1IGdPClLcY6YwXv9krsgRhBn0ayn6qsUc7A2kcKDr1fzRm ksYYe0sWHrgNzB/4Jkrw1eDLcif59ftl6fu0np4Sp4emvxygSNSgB98yDTitFWvbHwz9vKZpmxBf ggn8Frespz1KxArpwUx851TaRAUkTN+SrghOjOYzZsQEbaxxISMHgJxrdMdSS4B6hVJPXxgisa+g wkHvC+PVG1YjIrFRKhESMT/tU1Dx+IHaAZrg1ulFniksjLYqZxdG5bOwa1rOgT+89+/XFrGt2tce crpXRY6fm8RXptyzavERpop5LF7RavHozgbn9XzprFRbpFQTOcEGeQOY3IcDlgJpEbxunV7tCPNi PQvHQpVRoYcix47lJTuKsG8TgnDHFRDF834rtLc6Wv9Yj+vBPX9bzGJi0ycLbiOUDEySIK/1NH5T HMtlYvyHAYGOGheVSH7cGoIH3Vd41lbD31XsxRC3Cl5agFgis4e3pTrPTmWL20QDaTB8w3xrEB2b t00GnuD9zr522QMYlXqmqn0HmFDqewO9xyOqCYO8P1aHuJ+q0VAdWduuFNAGSPDW/D0UF36LWvas gj4e2T8BuA1dHghQC//pO9KiygTP+bGFDJc/3lHzX92E3nO7lXITicibYT4C2qF2lnc18bVJn64R i1TusSFblGB0ZjyNzARkkE+XOWfZ01+dGBM26lIvtTwJWw42swm4bO6gacpMpzLdQBUMkAI/PGrN 0+wWmMSTwMPXVqLhHTCtUoQNwWJnsFjI1dRH6f16eQCtvwPkeoxEbFBkDEb7h/VcBU3NCXbKl1Fr MVSE/J/ewUnTj7YP55q9INbyRwqQyVkoHpS/jX2RVYKU9W9tbmVXJBqdHHDm8ZIH36IzEI956ubs TR4WHrFV5oTvAcwA4rM3FkfW8/2B3o0d/ygg1mkxyifBss2L
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/okfEdLj-LydtnsvzA2padnCpqGU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jan 2018 04:11:20 -0000

 

> On Jan 1, 2018, at 7:38 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
>> On Tue, Jan 2, 2018 at 1:13 PM, Christian Huitema <huitema@huitema.net> wrote:
>> For clarification: are you proposing to make the encryption key and IV dependent on the connection ID, or just the packet number mask?
> 
> Both.  As you argue in your draft, this makes some things easier, and
> it fits more naturally if the key, IV, and mask all have similar
> derivations.

Yes, it seems natural. But there is at least one downside: both peers need the master secret available when creating or receiving a new connection ID. In the current design, the master secret can be erased once encryption keys have been initialized.

OTOH, with that design we can get rid of the key phase mechanism. To refresh the key, just start using a new connection ID.


> 
>> Also, are you proposing applying the mask before encoding the packet header on 1, 2, 4 or 8 bytes, or after that?
> 
> After.  We'd have to be careful to get the bit alignment right, of course.

You don't actually need to be careful with the XOR solution. Just XOR four bytes after completing the payload encryption, and XOR then again before decrypting the payload.

By the way, can we get 5 bytes instead of just 4? With the 5th byte, we could grease the lower bits of the first byte, greasing the packet type.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email