IETF Logo Mail Archive

Re: [Sframe] John Scudder's No Objection on draft-ietf-sframe-enc-07: (with COMMENT)

John Scudder <jgs@juniper.net> Wed, 03 April 2024 16:39 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3975EC15107E; Wed, 3 Apr 2024 09:39:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.174
X-Spam-Level:
X-Spam-Status: No, score=-2.174 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.08, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="tFANVK/Q"; dkim=pass (1024-bit key) header.d=juniper.net header.b="lGvtI3er"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zK_ZcF64lge5; Wed, 3 Apr 2024 09:39:22 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CC1CC14F6FF; Wed, 3 Apr 2024 09:39:17 -0700 (PDT)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 433AJBiu009879; Wed, 3 Apr 2024 09:39:16 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=PPS1017; bh=Zh9LLo4vvgjyIKBvgEYSVq XSLP0YILqIXyG20ly8wUs=; b=tFANVK/QfoQEnmGhcbZgH5+8mPIOfcLGhSbQWv cpNuZFNSFJqsr738EWUXUPKl+6fF5m6sIyavM0kpEqd/4NTM6cEgYaUAXT4Dr2DL 8vD9s8EpQ+MixILzqKE++ZiCXZyJOhfRxrJlbL4suX7h5UTMXfQOal016BhTyywb Wh+LN3OJ3JFb4sFwE/ZuGL4yZ86Hep1enbLcMu2kToefW7rAt6BhDh+WtJ3u/FFj MyqNOWkQfJAzEO5xZA5O+7J3nsYrSvwuGB83mzYQIhPyz8Kr8Dk8rfDnx4FC1B5z UMzGmiTh3Q3gsdJWsBrqy04ff7gXozOCTLvEtUvTxcjhsHxA==
Received: from cy4pr05cu001.outbound.protection.outlook.com (mail-westcentralusazlp17010009.outbound.protection.outlook.com [40.93.6.9]) by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 3x6gnd9pp1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 03 Apr 2024 09:39:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ez1uNDaoa1O8L7/MH7W0ZiwxQhkPm1z7WOti2oo2+x9FdgSinCtTXNaKOuArbjN7jSH0+QpCNSwr8gMQKpPH/54a9urFQ4uGDVWhzIGqt+l1T3ZsAlC5zgiWfuFpLuZLt9SDZuefACcnNhuTEYy6HsFsohadaAFf7Y0br/BQRcSKuFefrs7onIzdMaPHzQqBnFGxBZNQ5E3hlV0+9FnjUnQft8e89EkHWNuljMxRB+KIb2PESNsulHfa+bsYwJ0yDHcb7bNVgeAL6xCFVhQQ6HrgXrXXIdV7oPW0k/F3qtEHnFeCSir67ZgwRjbSXTUg9jT3rtJv9oe/xPYic4is3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Zh9LLo4vvgjyIKBvgEYSVqXSLP0YILqIXyG20ly8wUs=; b=J7J1aMIIE/g+xVwd3Us5z2mjLT10CoxDU/1hH8OlLE47h0IpOnGPM8bfYW3jNMpSegn2qk9m3v6lf2uBK0DvkOSlf5pOKVfx/HXr3/o7jFU/BAOQICgRrUDvX6s1lqIxBOFqPgLl6wywjqbkm7YHdZwHnFDtA5b5y9PnwT7hShQEdXpKuJtoSvZjOKs+YHktBzzhvKmFCsrHfqPRKSy7O8laoZClvqMSlb+609Jl1W3/4AHLulvy7iBBX0Ed33kVXe7w0Kh0YVAtRdYUAD7znZE62BUojz6Ob31H2wdKEke+2w1wOwsU+m1cB0Pejf/BQbNxtVLMl8GqF3WCFcvPpA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zh9LLo4vvgjyIKBvgEYSVqXSLP0YILqIXyG20ly8wUs=; b=lGvtI3er7NwtLU4nBbpwOQODSlGFXob8TUOTRxNXP9f67xevlZMtu39Zt4lBCWwbWGSZfODQ7n2rLYCIeTwqxMvpTYmZVFQqkjN/q1EVCXzKqyH0PHi4SvU2Gr8+m4Wnf33Y6LN23MIIxbuN6SCYDlyuh3l6zUtVQnXMC2DYUhc=
Received: from CH2PR05MB6856.namprd05.prod.outlook.com (2603:10b6:610:3e::11) by SA1PR05MB7920.namprd05.prod.outlook.com (2603:10b6:806:1ab::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Wed, 3 Apr 2024 16:39:13 +0000
Received: from CH2PR05MB6856.namprd05.prod.outlook.com ([fe80::f1bf:41e0:23ff:7eff]) by CH2PR05MB6856.namprd05.prod.outlook.com ([fe80::f1bf:41e0:23ff:7eff%5]) with mapi id 15.20.7409.042; Wed, 3 Apr 2024 16:39:13 +0000
From: John Scudder <jgs@juniper.net>
To: Richard Barnes <rlb@ipv.sx>
CC: The IESG <iesg@ietf.org>, "draft-ietf-sframe-enc@ietf.org" <draft-ietf-sframe-enc@ietf.org>, "sframe-chairs@ietf.org" <sframe-chairs@ietf.org>, "sframe@ietf.org" <sframe@ietf.org>, Martin Thomson <mt@lowentropy.net>
Thread-Topic: John Scudder's No Objection on draft-ietf-sframe-enc-07: (with COMMENT)
Thread-Index: AQHahdMryUnJkPS6q0i+UDfEoCCvkLFWrp0AgAAQnIA=
Date: Wed, 03 Apr 2024 16:39:13 +0000
Message-ID: <B74AFCD2-9C89-4CD6-820D-369728404FE4@juniper.net>
References: <171215449244.43146.5206581136717668242@ietfa.amsl.com> <CAL02cgRGF0un9Cd+xyRTyaNojgE+YqU_W8TdQ1jDStjL_YO-Ew@mail.gmail.com>
In-Reply-To: <CAL02cgRGF0un9Cd+xyRTyaNojgE+YqU_W8TdQ1jDStjL_YO-Ew@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3774.500.171.1.1)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH2PR05MB6856:EE_|SA1PR05MB7920:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nN4URjb1frdlzlEg4HjaIOHdszBwg4ykJOyKxlfhiVzLLLQqGcZ2HQZCUqxnaCIiw31tioU2JB52RXi1w5rT5X3WLbTW+AWtTM1hbP2a+KzHpN+8cilBiGOgTxlSL3dfxWm+Q56nn6F2vLlSP+Dy9XG1InQtXZBIpvmu8OD0McyPFRS9S1v7AqbHXKd6c3LeojMuwYUyG+cuBAk7LaZn2+a3emYEsc2YNpAZfXCcdHzJGeQrT08JMLd4ACOS2RSJ5yNx7+13ZJ9ugkg1vlpC3IsRMy6ONJ+FJbDEjtLi0nqZ0KvkKiEj9z4DaZRWDkXgzs1f7jvb+qhjccb4PF8zl9Dtw3GmKgHF9gExMOd35nI6CqqHFWcXq5t3LOv1NJESx7/kCxSx5N9EHQAwRlHtWouk959ytwlcSIMFk/IMN9G4Uqnl9fplM67f+9Lnpgz4iI1dGB05eH1C7svChkltrwnFb29hYf6he5SxlLlbxksy6IDQszcKTU9JJumaY5cufu5KBJPGbltop7c0eDoRAD1niKDJUxHkR9s1v6VA8UEQR0CIDE+VLA6W5IS2Tnt598p5dIx9mhqPfsQ/mHFtiAWckri31SYipV/oBhb0zb5UOP1dSetoeRRvJwKTDWgKTESb187w/yvdSw9wQhOh7Vzj1n+aOZZWI4E4mgMeifY=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR05MB6856.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(1800799015)(376005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: xm2nGY0ZnZJSlIk7ZJJkOihaWtcUAcKcLZS/cY6ay14gIzm+15AEN8iEkuRJCcYD1cHq5DnlfRQ+hiwIzLW4qtBQicB3fXLnw7hML6YfBkJi7YRqNEMnZ059j5rF5Ycu7xpXfUtimxkGRopAbV2Xd2ISHUeoTgDd8E4JZ5e75yD42JcYT6ma6b49j6h1Xgu6fg0bSNl7Vl2QVWQnO+uySsmyMKkvhH8JN4SniY058o8TSSKRGyCQqohU+yXvYMz3Rd6drkeZaF7WRPzDUF2jxulawb0V8eww7me/7Zsi+gJ8/3VkKk2ln/Os/cWbnHL57UC5c+m1oD/p1qmhr/sa/01BeRNJe5tEUaUFyz0rzbcvArmo5Ay056xp019kelOZxPu7Jj4TCpcvNJHgxtjK9DeR6TdOOFcx25zbbPUkl4mzsg9afHnVyklPYANG2+h9ciXjKirJseuiOPPpQErhv8WX+6roaIpqiTPiUxufjdzYaZXBJImRIBjI2oO0FMQlfpoirZ3rnY7gTDn12PrbPIZhVL91GoNFoju8zh8X+lFV2WHG+kytnKzsuciDonrKxkNeqSzPB2YXyfI2hMddTjwwBAHvL7VL2ZjJ5GFj0+1tcWGkGGCWI3OUO4x9l51dR7mDgV2bPCuVzYhLXJVubq7lJ//lQ+TwcnCWeFXgo135qrV2KKEe6hzh/gZizxZd/5gKAoP4jgIo8dy4JiCj5Kl46x+UmS34i5SdH/PDG+65kbUq3qkLJgVpweYezMk1AX5Lez6D+cDSusux63bVc703EhhR7SbVQw2u2htarjH6wRDF4OhQUCBLPgdJKpxcU0kVKSEgm2nuAOIVz3VY2gFBzeey4HsY7owwO8DOPROBDNb7tYzRXFpYmPZTqR3RdbR2+qlmLtUyrE58EE4tVhSMxG+Vr16BhrFkMa4UPZLdCfZbPcOGyJJh0Qn8yNZls9ALAspU7i8VJGaBKSyYYhABAurniD9Hs+J/p4JiZFUKWrA0k9/8NwYJcS/PNObUG/vfFzG7aQg8wVpqckUDRVuB69gGjD+tDQOaqr0cV+tYMEc4nPF3/iz00ZcnSAw7qx4s6V+Jkds6QS0+IsspgsFhPCGREK6hkeKekzUdjzw2+yKBkbJ4aAJn9vziplZNPJ+iGk+fmrDFFnBQQ08NxSfomQW/GPrJkNDa6H3WTYC7Wge6s8cZUVTM9Kn65XCnwjLJuuxvXjUuQst3VrAJodgkVhjQz7H/E3DhmWAcYvED/2sNUKDEBmZ5nj2aj0aaSBCmN7Xw1urTK+gTUktSy7usmMu+JcrJxEnmVWo0xSN9TyRMDEq1paqSAlNnrwFXZHWhHcAcLcDn5GIRkDgpSwOrLlrl00KSf3WJZqyUF1plgJ0hekdbwLpxp1GchB5XuKLHiCLIkkQTCsDYme/L7h+6CRlvLO3EpuXo4Kozrlgi4vSn2buoEG3EU2UwdoPsJIpjKQLBtxzBj/hhhW2NR1jrZBpZXmYbCT5dk0VMD0aedROMs30mkly01tBIMMOz3GX8HxSWxvM3FhBX+mgC6A1fDH3dXd8feZE16Ms9w3PtdDQuBwJbQMNYfBUq0J2g
Content-Type: multipart/alternative; boundary="_000_B74AFCD29C894CD6820D369728404FE4junipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR05MB6856.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6fdfa391-05ea-4cf2-28ff-08dc53fc9893
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2024 16:39:13.6023 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: bcg821nc9RzTZzN7KX0Kjvl9H2LepwTXMtA4ozKgLA3q+9LYrDEx0TWEzJgY5asr
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR05MB7920
X-Proofpoint-GUID: 2E5Ggg5a_wXs2CULS16sTs23By6cQFks
X-Proofpoint-ORIG-GUID: 2E5Ggg5a_wXs2CULS16sTs23By6cQFks
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-03_16,2024-04-03_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 phishscore=0 mlxscore=0 spamscore=0 malwarescore=0 mlxlogscore=696 suspectscore=0 priorityscore=1501 impostorscore=0 adultscore=0 clxscore=1011 lowpriorityscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2403210001 definitions=main-2404030113
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/hgDAkNKlrxB4yaB4j11jt5u_N7g>
Subject: Re: [Sframe] John Scudder's No Objection on draft-ietf-sframe-enc-07: (with COMMENT)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 16:39:26 -0000

On Apr 3, 2024, at 11:39 AM, Richard Barnes <rlb@ipv.sx> wrote:

The high-level message, though, is that `SFrameContext::decrypt()` should be a constant-time operation, irrespective of whether the decryption is successful or not.  I think the current text is close enough to capture that, but would be open to clarifying further.

The attack I can imagine that isn’t captured by your discussion is that (as hinted in my earlier comment) an attacker on (or in sight range of!) the subject endpoint could potentially know by visual inspection, or equivalent, that a keyframe had been dropped. Still up to you whether you want to take this on board, though. I think the additional clarity provided by your specific observation that "`SFrameContext::decrypt()` should be a constant-time operation” seems more valuable overall. One way to write that could be,

OLD:
            Invalid ciphertexts SHOULD be discarded
   in a way that is indistinguishable (to an external observer) from
   having processed a valid ciphertext.

NEW:
            Invalid ciphertexts SHOULD be discarded
   in a way that is indistinguishable (to an external observer) from
   having processed a valid ciphertext. In particular the decrypt()
   operation should be constant-time, irrespective of input.

And thanks for the context about compressed CTR.

—John

v2.23.0 | Report a Bug | By Email