IETF Logo Mail Archive

Re: [Sframe] Éric Vyncke's No Objection on draft-ietf-sframe-enc-07: (with COMMENT)

Richard Barnes <rlb@ipv.sx> Thu, 04 April 2024 13:17 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DA1FC14F5EB for <sframe@ietfa.amsl.com>; Thu, 4 Apr 2024 06:17:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PY0Ii1srX9us for <sframe@ietfa.amsl.com>; Thu, 4 Apr 2024 06:17:28 -0700 (PDT)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BFC4C151090 for <sframe@ietf.org>; Thu, 4 Apr 2024 06:17:28 -0700 (PDT)
Received: by mail-il1-x12b.google.com with SMTP id e9e14a558f8ab-3689a0abfd2so3794535ab.2 for <sframe@ietf.org>; Thu, 04 Apr 2024 06:17:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20230601.gappssmtp.com; s=20230601; t=1712236647; x=1712841447; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+OlqNGHzGxjUa0L5zYuLRtAzwpIzJ/b37k7wIAvvl0I=; b=ndXYnCEs01KA9vgnV3BxTwhnRV9+NXrnnnq1l7wINvfWHKlVjv5Q+uR37gElN54S6h e2aK4pMJaxyFJkE9uXBy1QBdRctod//flNE1KYz5IoRLKB3OQncmAzN6hCY9XHvWY9up A7CNIeAfnRFC6LuWp+LzQmPaVKreYejtypSPfQ/hzpaWS2DR3+nZhHHZVzQM/JZb+Os7 Y6XHy1S+/RUF5gZiX1WCBRBX2qDrvQcorEpOOcTwoX3Pcmjhz3WH1N1jy1hFjdqJabjO k50qNqp/BuP5h2NpVdlXswKboXOc0NdftA8p8qgHcFVvHjH9zrHvMvlV0cCiVtPtxug3 o6wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712236647; x=1712841447; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+OlqNGHzGxjUa0L5zYuLRtAzwpIzJ/b37k7wIAvvl0I=; b=VeLo2RxSSSsJ1Sg0wwGhgBvciUfVizK1zGckD1mJe8mtggNajp2AILNdmQt37U+Jod FjVenP0DsZv7jQrHNiJK8I7TUPj6vNXf5N5d0ow7qQrIx1POT3XRByPcQeLE0T9fMXAv yNvhyLqbWoZ1ceUh2G448QI+DdJGMHBMy8RXqPZSyM8o5QwU3dB4Ye0p0bZJXrujSMR8 BW6urbOZBk+UvrfGPtA1HvYVKAww4etnW0WjbuvLhi6mcti/EUf/1JCdrQvnzOBynl/9 eAXqcMKG+o3lcEIPpVZjxvkTypYnveFR46wuAfgcEgjKtg8RhCjJnYHNgUd6Pe6WYbSf rPMQ==
X-Forwarded-Encrypted: i=1; AJvYcCWDDJuWHMixOH9P8S33gJB5fdjz2KJLGhi57rsdaGFo6ZwSWNyoW4tMakRaPpK2B703/kkClqYCVfx/rXv8F5k=
X-Gm-Message-State: AOJu0Yz4lDjHBzQFKGgfGpLBCIlvg+2+/oq/TIz+ydRAJcz8fJVNFRnN DJAAtHVFjQTTztKEm8c7CMKKEt6BceHjznTIT9OzuCt70pPk9MIA1zDNxJrEu9ExHfCPZRzEfp7 XMbNA2k+dvsePQOP0IITWSwbRmr/85/n997qAVA==
X-Google-Smtp-Source: AGHT+IGCmzPr0rOTLX60lZr5BGsJQMT9Wy2Ks+nvFXJVs0ZaGq+zrQH5LGD+Df0Nbib1odbL4T/ALefDjrgUF110J6Y=
X-Received: by 2002:a05:6e02:1987:b0:368:cfed:897b with SMTP id g7-20020a056e02198700b00368cfed897bmr3047746ilf.23.1712236647283; Thu, 04 Apr 2024 06:17:27 -0700 (PDT)
MIME-Version: 1.0
References: <171222362510.8409.14470362016295206572@ietfa.amsl.com>
In-Reply-To: <171222362510.8409.14470362016295206572@ietfa.amsl.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 04 Apr 2024 09:17:16 -0400
Message-ID: <CAL02cgROtq7JzJt9UZJFuT1+yA8Z-S1ryGSz4ZkorOVomj5Z5w@mail.gmail.com>
To: Éric Vyncke <evyncke@cisco.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-sframe-enc@ietf.org, sframe-chairs@ietf.org, sframe@ietf.org, mt@lowentropy.net, suresh.krishnan@gmail.com
Content-Type: multipart/alternative; boundary="000000000000221c2006154529ae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/Mj_kQ-ugu3T-OE6D4yrngdHW6OU>
Subject: Re: [Sframe] Éric Vyncke's No Objection on draft-ietf-sframe-enc-07: (with COMMENT)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 13:17:29 -0000

Hi Éric,

Thanks for the review.

On Thu, Apr 4, 2024 at 5:40 AM Éric Vyncke via Datatracker <noreply@ietf.org>
wrote:

> While I am not familiar at all about MLS, I wonder whether only using E
> bits of
> the epoch in section 5.2 does not open a window for replay attack? Should
> there
> be some guidance for the minimum amount of E bits ?
>

It's more a re-ordering window than a replay window.  As the document says,
"E effectively defines a re-ordering window, since no more than 2^E epochs
can be active at a given time."  MLS guarantees that keys are different per
epoch, so if a packet is replayed it will fail to decrypt.

--Richard

v2.23.0 | Report a Bug | By Email