IETF Logo Mail Archive

Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)

Ben Laurie <benl@google.com> Wed, 13 November 2013 12:36 UTC

Return-Path: <benl@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A89211E8114 for <tls@ietfa.amsl.com>; Wed, 13 Nov 2013 04:36:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dMxBnWreSeoF for <tls@ietfa.amsl.com>; Wed, 13 Nov 2013 04:36:07 -0800 (PST)
Received: from mail-vc0-x233.google.com (mail-vc0-x233.google.com [IPv6:2607:f8b0:400c:c03::233]) by ietfa.amsl.com (Postfix) with ESMTP id 17E9C21E80C2 for <tls@ietf.org>; Wed, 13 Nov 2013 04:36:01 -0800 (PST)
Received: by mail-vc0-f179.google.com with SMTP id hz11so225789vcb.38 for <tls@ietf.org>; Wed, 13 Nov 2013 04:35:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8N/cZ+nzDV75vXP9ljN7YSWh4V7aOLrh5oq5wI3YvII=; b=U2z8/ZMUYWjpQh7NKvozYnbh3y2XphzCnZ6kNyZDhbp8B+WVQmcEjNTLWoulQUzBFx RctyeYdjh39oI9P0ggNyxtUC5AYjcK04kIZahFHfn6LGYpzMr37Uh+7gCdgP1p8Ks5kd j1ddmGpMCDx3/ova6RzD7rz2CLA5r2gwV+2K28yl6lLPH8VpQGXOwGwnuG5YkPzA+yqu cllZiP4AO4NVYUl16RXYT89c6tnj9VTOXgFVw8F8IwjYRKd6uoiZZl9aqs2jgCk1EoSQ c0cHh+qMdkPrEl9akz5fu1KcOJ3VD8Dc7aHEyrEqJd7CeM5JvGMEs5iW1tXZ4e5CK1Fu HXkg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=8N/cZ+nzDV75vXP9ljN7YSWh4V7aOLrh5oq5wI3YvII=; b=mf9hHKC7LloNfVrX5MByE4yPXQSuMAKnBu29SqTI89XKF2vjKg+75cLjmKpXRLiDkt ZmB/wb2onnjinw/3NqMMXwj0EJ5SEBJ5pTCHSW7pylfWgsUBbmmrV7XoM1Hn2ITmP9Pf QlOyL1QnL/OjKxlHA9qIW45LcOxn0tn5s+cXeIRuwXiT9UAd2BwD7KgBKOl8wJoj95GH o1Q15s0YZzxsFfzHK6d63L/BfY4VdWfml4hog3TjpN2MJAXg+qy5k8clZjOU+8qCtZ0Y N532zowwqzlyQRz2a2Y/hqPKEv6YcFDVU6hAoxho+ZgZjgt/teLysBwnZcbeYyZS0LhZ xo0w==
X-Gm-Message-State: ALoCoQm5YChcRshRB3aD3H8YG2V1+DnvxWh1anrEGMNCAf4e+IFX+6qUD1LEL0l932xxyZYTr4Xekv3WCmyjECqiVBByviw7AzWTE4CqM5LtSsNfbIwUm6bZcLH2JgHeciT7xSSDcWFF2pE56lKyTqNpNLNxfcNIP+5rbwjIQhrbISsEKHoR3ol7v5JasuS/S1qFce2/2cMO
MIME-Version: 1.0
X-Received: by 10.220.173.134 with SMTP id p6mr651115vcz.36.1384346154526; Wed, 13 Nov 2013 04:35:54 -0800 (PST)
Received: by 10.52.183.65 with HTTP; Wed, 13 Nov 2013 04:35:54 -0800 (PST)
In-Reply-To: <20131112165343.CA1101AA80@ld9781.wdf.sap.corp>
References: <CA+BZK2pu1F3zpRJNFX=QjFh=4JkooTgxkjDFPKBosnVCvuSonA@mail.gmail.com> <20131112165343.CA1101AA80@ld9781.wdf.sap.corp>
Date: Wed, 13 Nov 2013 12:35:54 +0000
Message-ID: <CABrd9STnQr95ri9EswXzLYurF81kvka7QHo=+8yuEe+oA2zLVQ@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: mrex@sap.com
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Encrypt-then-MAC again (was Re: padding bug)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2013 12:36:08 -0000

On 12 November 2013 16:53, Martin Rex <mrex@sap.com> wrote:
> AEAD ciphers use XOR for encryption

Surely not by definition? It may be that the AEAD ciphers we use
currently use XOR, but we could create ones that don't, right?

v2.23.0 | Report a Bug | By Email