IETF Logo Mail Archive

Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01

Mark Handley <m.handley@cs.ucl.ac.uk> Mon, 24 August 2015 16:32 UTC

Return-Path: <m.handley@cs.ucl.ac.uk>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B34461A1A1E for <tcpinc@ietfa.amsl.com>; Mon, 24 Aug 2015 09:32:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, J_CHICKENPOX_31=0.6, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8WjCz1GgP5fT for <tcpinc@ietfa.amsl.com>; Mon, 24 Aug 2015 09:32:44 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 580E11A0074 for <tcpinc@ietf.org>; Mon, 24 Aug 2015 09:32:44 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 810B52109D for <tcpinc@ietf.org>; Mon, 24 Aug 2015 12:32:43 -0400 (EDT)
Received: from web4 ([10.202.2.214]) by compute3.internal (MEProxy); Mon, 24 Aug 2015 12:32:43 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=FGNF9owTbDrvSYq VSJCMRwUb5m0=; b=mVJ80yWxPNSKMplBHiU0BtKxHGLpCXkAO5PkCYiR9F00gXA jzeTfuBuc8hPTF3DTbn0f5INnLSFtiyZCjT8BoHszbCUY4g6jBLcppRGT7uVUgHq a1KIr/XBLSCSezEPlZCmNsLo/MKvD3kY/qkKhHL/zgQ45WCjZWUwzsCdo8e0=
Received: by web4.nyi.internal (Postfix, from userid 99) id 568D910FE22; Mon, 24 Aug 2015 12:32:43 -0400 (EDT)
Message-Id: <1440433963.1191981.364584009.6D878E6F@webmail.messagingengine.com>
X-Sasl-Enc: r0sHS2BTKbRPoecrgWZgMgmQ6xC44T6/592yqlUIG3FS 1440433963
From: Mark Handley <m.handley@cs.ucl.ac.uk>
To: tcpinc@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain
X-Mailer: MessagingEngine.com Webmail Interface - ajax-a8c50604
Date: Mon, 24 Aug 2015 17:32:43 +0100
In-Reply-To: <87d1ycizeo.fsf@ta.scs.stanford.edu>
References: <CABcZeBNEFVkDi38y3G-C2nQF=dzW2mGDsj5DVK_OKVkPwK=G0g@mail.gmail.com> <878u92oadf.fsf@ta.scs.stanford.edu> <CACsn0ckQskjLqo0=YfJrmBEsyCaq0jpcSzGUwKhRo0BzzQ=wDA@mail.gmail.com> <871teuo7nu.fsf@ta.scs.stanford.edu> <CACsn0ckn-QdoXmTgjW8gYQyVqZ0x9JHEYvZO5VHQkG9nKA3-Ew@mail.gmail.com> <87wpwmnenv.fsf@ta.scs.stanford.edu> <CACsn0cnq9cZdkn=yp8-GJfXDGMP8r1sib3qrQQEQYhF25kYZPg@mail.gmail.com> <87twrpokpz.fsf@ta.scs.stanford.edu> <CACsn0ck2PfKQ8pkDLiSmuLH+81s2GzsBnKYH7e=5ga5nSJvo1Q@mail.gmail.com> <87io85ofkl.fsf@ta.scs.stanford.edu> <CACsn0cmna07KzCZme7pxRgCcAOJLXzup3KPJ+bRimL=n3mpPXg@mail.gmail.com> <87vbc5l8si.fsf@ta.scs.stanford.edu> <CACsn0c=cLj2F6JyFX848D1TuDt0A=kT7UMm8ZPRRu-X6ow4oTQ@mail.gmail.com> <87d1ycizeo.fsf@ta.scs.stanford.edu>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/MeloK4-M2NzVVi7NMfyZAhXj6sk>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Aug 2015 16:32:46 -0000


On Mon, Aug 24, 2015, at 02:33 PM, David Mazieres wrote:
> Watson Ladd <watsonbladd@gmail.com> writes:

> > The problem is with the existence of sites where only one algorithm
> > must be used, and the OS is configured accordingly.
> 
> Hard-coding global cipher priority is likely to exacerbate this problem.
> If the only way to prefer GOST is to disable AES entirely, well, then
> Russian institutions will disable AES.

[just back from vacation, and trying to catch up]

Surely we don't need to hard-code cipher priority to choose a mutually
acceptable cipher in the case of simultaneous open.

For example, suppose we have:

A->B SYN ENO(X,Y,Z) 
B->A SYN ENO(Z,Y,X)

You eliminate any not supported by both parties, rank the remaining
options from each message, square the ranks, and sum the squares:
X: 1^2 + 3^2 = 10  (X is rank 1 from A's SYN and rank 3 from B's SYN).
Y: 2^2 + 2^2 = 8
Z: 3^2 + 1^2 = 10

Both choose Y because the sum (8) is the lowest, and send the key
material for Y in the ACK.  

The rationale is both A and B had reasons for their ranking, and with
simultaneous open, you're trying to find a mutually acceptable
compromise.  The squaring does this.  If there's still a tie, it doesn't
really matter which you choose, and no good way to disambiguate, so hash
both option lists and choose the prefered tied option from the list with
the lower hash.


For non-simultaneous open, allowing the passive opener to choose seems
to make most sense.  Simultaneous open is a corner case, and I don't
think it's worth wasting bytes to try to do any better than achieve a
reasonably mutually acceptable compromose.

Mark

v2.14.0 | Report a Bug | By Email