Re: [TLS] Headerless records (was: padding)
Kyle Rose <krose@krose.org> Tue, 25 August 2015 14:26 UTC
Return-Path: <krose@krose.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B2F01B32D4 for <tls@ietfa.amsl.com>; Tue, 25 Aug 2015 07:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EPbEpCAvyleF for <tls@ietfa.amsl.com>; Tue, 25 Aug 2015 07:26:26 -0700 (PDT)
Received: from mail-ig0-x230.google.com (mail-ig0-x230.google.com [IPv6:2607:f8b0:4001:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 819F81B32BE for <tls@ietf.org>; Tue, 25 Aug 2015 07:26:25 -0700 (PDT)
Received: by igcse8 with SMTP id se8so13751758igc.1 for <tls@ietf.org>; Tue, 25 Aug 2015 07:26:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=+P0mV+81V7VRRnKBKXIppaR+Cw3rChHfEp28CX5ef6c=; b=GCfp90k14qPcdm66TQAXpMAx70q4bAXZB7NEBnzWrMfE99V2d+54bWng3kClj8LCB1 HrofVde+RKWXTcgoEXmqdCckbgOH0E9ACuMQ4q66chUKxYZreC77lx3Oa8eOkN+JrWLQ wuYe90DmvsCGMvQwLWp8SIX2S4kHN78ppegR4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=+P0mV+81V7VRRnKBKXIppaR+Cw3rChHfEp28CX5ef6c=; b=f3U9HZO4uMtvOv6Xvp5TNxa6P0rJm1jg6s6m223jgldTXuMdn+n0X/WA6qHPyILtvp 8HnHddjNtyXp6zjSHyYDZ3oJAyVxHmTw5nSNhNWqS4zgJb/8QlUON3gEcK4ZZKX9Zchs pp0mkgxYCrndY7JFejogXoCEso2qt0Nay9VWDPMKaJj1ZoTxtpCfw+0fIJe1vs2c08WU 7iqykY/RBKZ1KNmMkPFvIivkkgIIHCB8fLqdCC01ZVFeEK0J1Nn1UAoFtVAm2SFmP1WB alsiqukUjltC0SoeRHQw/5hT+jSUTzbZSx/rE3ouvz7nZjBtEp17Eb4rQfAq/Ie0BA5O YlXw==
X-Gm-Message-State: ALoCoQnRQI/sqNLuIxvNAf6LKKiTQr+C7lYzMBkCCs0FIVnpbycKzEzuBaFaMM/Q8vZP8kldpZ7+
MIME-Version: 1.0
X-Received: by 10.50.73.98 with SMTP id k2mr2904161igv.96.1440512784840; Tue, 25 Aug 2015 07:26:24 -0700 (PDT)
Received: by 10.79.31.197 with HTTP; Tue, 25 Aug 2015 07:26:24 -0700 (PDT)
X-Originating-IP: [72.246.0.14]
In-Reply-To: <CABkgnnX+S5De7pBC_VChz15daNcSpxgF6_ofxdPAv2vhpFigSg@mail.gmail.com>
References: <CAH8yC8nQKzht4g6+FwvmN1ULCz3a+2j=0UF4h=8h71XbcVjFDQ@mail.gmail.com> <201508222028.46145.davemgarrett@gmail.com> <CA+cU71kS=x7_hVRXb8Q8m=DmqMaM65GaEn1SnzH_fQHP9mzyqA@mail.gmail.com> <201508250004.36291.davemgarrett@gmail.com> <CABkgnnX+S5De7pBC_VChz15daNcSpxgF6_ofxdPAv2vhpFigSg@mail.gmail.com>
Date: Tue, 25 Aug 2015 10:26:24 -0400
Message-ID: <CAJU8_nVd7sV-=9g231c2fo0vun52BgJ5NOxkpBXQn+Z8-RNPqg@mail.gmail.com>
From: Kyle Rose <krose@krose.org>
To: Martin Thomson <martin.thomson@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/2WJma3BWkyg31vHRaTtPATzU4m4>
Cc: IETF TLS <tls@ietf.org>
Subject: Re: [TLS] Headerless records (was: padding)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2015 14:26:27 -0000
>> uint16 length = TLSPlaintext.length; > > You can't recover the plaintext without knowing how long it is. This > part at a minimum needs to be in the clear. At which point you need > it to be based on TLSCiphertext.length Is that really true? You could decrypt the first block/few bytes to get the length (without authentication, of course) and then decrypt the remainder according to this candidate length. Then authenticate the entire record to make sure the candidate length was correct. (I am not claiming anything about the purity of this approach, only that it is technically feasible.) Kyle
- [TLS] Why is padding still actively being used? Jeffrey Walton
- Re: [TLS] Why is padding still actively being use… Ilari Liusvaara
- Re: [TLS] Why is padding still actively being use… Dave Garrett
- Re: [TLS] Why is padding still actively being use… Tom Ritter
- Re: [TLS] Why is padding still actively being use… Dave Garrett
- Re: [TLS] Why is padding still actively being use… Tom Ritter
- Re: [TLS] padding Dave Garrett
- Re: [TLS] padding Russ Housley
- Re: [TLS] padding Dave Garrett
- Re: [TLS] padding Tom Ritter
- Re: [TLS] padding Stephen Farrell
- Re: [TLS] padding Martin Thomson
- Re: [TLS] Headerless records (was: padding) Martin Thomson
- [TLS] Headerless records (was: padding) Dave Garrett
- Re: [TLS] padding Yoav Nir
- Re: [TLS] Headerless records (was: padding) Kyle Rose
- Re: [TLS] Headerless records (was: padding) Viktor Dukhovni
- Re: [TLS] Headerless records (was: padding) Martin Thomson
- Re: [TLS] Headerless records (was: padding) Martin Thomson