IETF Logo Mail Archive

Re: Getting to consensus on packet number encryption

Christian Huitema <huitema@huitema.net> Wed, 18 April 2018 16:38 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CD54127137 for <quic@ietfa.amsl.com>; Wed, 18 Apr 2018 09:38:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4BEUsciBD9R7 for <quic@ietfa.amsl.com>; Wed, 18 Apr 2018 09:38:27 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEFC31242F7 for <quic@ietf.org>; Wed, 18 Apr 2018 09:38:26 -0700 (PDT)
Received: from xsmtp01.mail2web.com ([168.144.250.230]) by mx36.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1f8q65-0005Or-Qd for quic@ietf.org; Wed, 18 Apr 2018 18:38:24 +0200
Received: from [10.5.2.18] (helo=xmail08.myhosting.com) by xsmtp01.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1f8q61-0007ie-F3 for quic@ietf.org; Wed, 18 Apr 2018 12:38:13 -0400
Received: (qmail 28637 invoked from network); 18 Apr 2018 16:38:10 -0000
Received: from unknown (HELO [192.168.1.103]) (Authenticated-user:_huitema@huitema.net@[172.56.42.78]) (envelope-sender <huitema@huitema.net>) by xmail08.myhosting.com (qmail-ldap-1.03) with ESMTPA for <quic@ietf.org>; 18 Apr 2018 16:38:10 -0000
To: Mark Nottingham <mnot@mnot.net>
Cc: "quic@ietf.org" <quic@ietf.org>
References: <7fd34142-2e14-e383-1f65-bc3ca657576c@huitema.net> <CAKcm_gNffwpraF-H2LQBF33vUhYFx0bi_UXJ3N14k4Xj4NmWUw@mail.gmail.com> <40C1F6FE-2B2C-469F-8F98-66329703ED50@mnot.net> <21C36B57-6AE2-40EF-9549-7196D7FA9B45@tik.ee.ethz.ch> <B176FC07-887D-4135-B01E-FE8B4986A5EE@mnot.net> <CAKcm_gOCeocLyrYpOS7Ud332xdz3xHSH0psPN8T6BGRjoL9ptQ@mail.gmail.com> <CY4PR21MB0630FA0EDD343396AD414641B6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <CAN1APde13JTzCvKFFvMd183Fka6QGD1kGBjsa9fcoLrYeA2hsA@mail.gmail.com> <CY4PR21MB0630C0FD4FBECBFEC3C863BBB6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <047d2ff0-ff8b-64c9-8983-0ecabeb9fea5@huitema.net> <B0F49097-F77A-4831-B68B-4266AA880A86@tik.ee.ethz.ch> <74E2F5C2-66AD-4902-8A4A-E481CC0A015C@fb.com> <75050158-3812-44F1-A01E-D70EED7FDFD6@tik.ee.ethz.ch> <BY2PR15MB0775B4ACF7DB9124E89016F0CDB00@BY2PR15MB0775.namprd15.prod.outlook.com> <c8e60ba4-d6be-c4fc-5bac-d569a28fb4e8@huitema.net> <56CE3592-EB1D-40A3-B1D2-965B238FA402@mnot.net>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Message-ID: <ae7a63fe-0a32-893f-aa6b-e8d97b8ba87a@huitema.net>
Date: Wed, 18 Apr 2018 09:38:01 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <56CE3592-EB1D-40A3-B1D2-965B238FA402@mnot.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Subject: Re: Getting to consensus on packet number encryption
X-Originating-IP: 168.144.250.230
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.14)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5trspCnCa6WdvBq2x1FdByx602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO37pNwwF1lRXh5rzvPzo9Jts1ujulqUFmMITHM77eiViDHqq+sPv/jzg/PMc0qjDtc7i TvJ2/ZGzVWB9scFAaCdIFaUvXN+CI+RGy3Me16pBpxvnk7PJGygctl3LC86inx/TBCf6oYXAWGet lavcAjD9ytQxIHf9lN5jjLJaPK8lRJSPf/SXbEnDSsal/zZzc4n9VZdr7RAFD5mRwooUYhwMPaBP aKeQW+/QlaOdv8isl/qMm08Zpim2AHUKEWvQ6G/bWfgucjnNmABpGhD9TTttrFCuZ0NkwnSz2Luu o1u9uevuNfM1HjkNEFwape+IgNezYqxGMqsKjARq8PBC4qjpVMhqNcdjhoIlgrKzBvjTmdySlZou 9qHIGOZDEEo7Oyc1nq0gsY582CWqKjiRB3ukywmZtiDkyd4mEBjJGGEJgawbllbHk+xyUKopM6rc KCaQX/lIXcRWtobViGg9fpWYO2/mqpOb7Q80SeXyngcEQspW6PWtFljIeoG6OsM9IVVYl+3b9Oek V1VW2ytiqcZgiNplmw3yp4FFFCuS+k6jh5d4Swn5E67RV+LaU4GmVjH8gYlRWMzXMtJksqe+xLeX oHkzkRzbKyRDRP8j7fY6rka7glK07Vs7rsUOKUDQF2h+wlfAS2SbL4bvnSO/22VRQT6qIypAqgrt WJG7IDNSD72gXzdJ2+JJROR2tMmoDZRins15oKFWvUk5C9olBXDhjX6bHzu+acs8UcTQf4enw6nI oDr0sXUZ7YZoZ/GZ+jr47k1ZYM+XPLUTB3aEhddz5NQBt6vrTjaii/MA7FoCAhy1/eljfSN5aXns qLZLef9qwM7RXpJS8RjTdyh2j5AWyDZ7BRCxIW6XiPgk5wgNeRXbC69qDBnTAPdQSCnD1TRj9D8H LKHAKpPGP8EPnuDHTXhIrVzYteKGVryF5qVZ
X-Report-Abuse-To: spam@quarantine6.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/rkIU_0VDRtCg6TpDRucsOuFmSAs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2018 16:38:29 -0000


On 4/18/2018 1:09 AM, Mark Nottingham wrote:
> Thanks Christian; that's extremely helpful (and considering that I was about to embark on the same task, but do a much worse job, I'm especially appreciative).
>
> Everyone please have a read and direct your comments back here.
>
> One aspect that still hasn't been made clear AFAICT -- you say:
>
> """The process requires two passes, fetching some output of the encryption to seed the PN encryption. This is problematic for hardware implementations that typically don't buffer the output for further access."""
>
> .... and then later:
>
> """Single pass, thus mostly implementable in hardware if we assume that the PN encryption/decryption can be done in software."""
>
> Having a bit more context about the hardware implementation limitations here would be extremely helpful. Specifically, is "problematic" one of:
>
> * "More difficult for existing hardware (e.g., without firmware updates, etc.)"
> * "Impossible for existing hardware, but possible for bespoke hardware"
> * "Impossible in any hardware"
> * Prohibitively expensive for current/future hardware
> * Something else?

I tried to express the issue in my own words, based on discussions in
this list. But as I said, this is a Wiki. People with more hands-on
experience on hardware acceleration would be welcome to add a small
section describing the issue with hardware implementations.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email