Re: [TLS] RFC 7457, Lucky 13, mitigation, DTLS 1.2

"Martin Thomson" <mt@lowentropy.net> Mon, 16 September 2019 04:48 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 416031201E5 for <tls@ietfa.amsl.com>; Sun, 15 Sep 2019 21:48:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=d8IRHBpy; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BERJDnws
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Du48TCdJW0Z4 for <tls@ietfa.amsl.com>; Sun, 15 Sep 2019 21:48:31 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D43FD12008C for <tls@ietf.org>; Sun, 15 Sep 2019 21:48:31 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id EA5AA561; Mon, 16 Sep 2019 00:48:30 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Mon, 16 Sep 2019 00:48:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm3; bh=Um5xHxZfw8IGMWb/ReJGU8u0WOwKMOq TuRuKHDCYkYY=; b=d8IRHBpyjbsmfADAX3XNwEdtyDfkdQdi9T/vKl/uP6O13Dh WKz1K0u7Y6+XpQAJQc9H3JU9C8lWvaNiUJwtPnNJq76HnTw1kFKIQXWwYNipHoSX E2mIXCA5RC/M5P4zln7Y5ml/k4F/PLHQ8psS7UmGGwgYmNsS2eazWaQRw/7lX4w5 OrBSelSCMo8/Zrj/Wlc1HOIooSFeHDoqaMnfyBEXBmWi82o8O937xDaUZED0zDke 18aw0x0HReDMCPhvHQ816dtLacLJ5io8KGyCxhERM65XqVoBrkIBWnFL2FYgMjwI eOK2gu9Z2B2st956BBGP3IG9pqrrcA3GQMEKdEg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=Um5xHx Zfw8IGMWb/ReJGU8u0WOwKMOqTuRuKHDCYkYY=; b=BERJDnwsVromiPCKTaMLmj NqwBEywNByFZLmml+wumhiPVmmTrhAPDPCZz4v4d262J+g2gMbBWb+W0Z9X2tAoY TU2yhrqGfnpaX08I20hKyAjPJzphwtDuZy1QUKhywMDwuNwxS8Ewce0awJvhK/n/ vA8E07y+JZG/VjNKP4ef+4954wsq798vjALnXSGwVernK3JRg7QnEmDZtTJdN0VG 0irukymmcPqiLWdkUcJ/Qd0FVQ+wh5F22Je9kN1gljuTAnPeKOI0MUaixiH/eDgy RyzRNsF5SqxpJ/sMkPahabKo17XoV6LGYOqhhv51iGJoYH57atRCdUqFkoDSAfPg ==
X-ME-Sender: <xms:HRR_XVbsEzv6Z1IvBq9UEMuKKSexxb0S3qBjperXGx2hkjKxLSVDfQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedruddvgdeklecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvufgtsehttdertderredtnecuhfhrohhmpedfofgrrhht ihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucfrrg hrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvthenucevlhhu shhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:HRR_Xd_gH0qeETzKxbqCsIcvTw9ierUP72aPKxK2iXxeKMrJf25sEQ> <xmx:HRR_XeT_-lpyqPvs4F7guQcqFXdx_DfDbXp657NSN1T1lh-BerSqOA> <xmx:HRR_XfcEnFCuaU_zeC4Xs4EWjLDcjJBKiDxL7Rw9xFfIXkz2isdWbg> <xmx:HhR_XfMKpIRmG3tST79K16mcx6c_ZJGejPfDtejzyg7FALkfAhv34A>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id AC9D4E00A9; Mon, 16 Sep 2019 00:48:29 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-237-gf35468d-fmstable-20190912v1
Mime-Version: 1.0
Message-Id: <c8c6e5a3-1f7b-4e5d-8e16-7b9d980cc8de@www.fastmail.com>
In-Reply-To: <1568575719159.23246@cs.auckland.ac.nz>
References: <3f3ff654-cec8-c764-c5d6-d8b86dbb3141@gmx.net> <53dfec39-81cc-4365-a6a4-d5d6399a02b2@www.fastmail.com> <1568575719159.23246@cs.auckland.ac.nz>
Date: Mon, 16 Sep 2019 14:48:08 +1000
From: "Martin Thomson" <mt@lowentropy.net>
To: "Peter Gutmann" <pgut001@cs.auckland.ac.nz>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ARcEP8iglobQAsF3wQfIHcWzJE8>
Subject: Re: [TLS] RFC 7457, Lucky 13, mitigation, DTLS 1.2
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2019 04:48:33 -0000

On Mon, Sep 16, 2019, at 05:28, Peter Gutmann wrote:
> Just out of curiosity, why do you say EtM is a non-starter?  It neatly fixes
> the problems caused my MtE.

I don't know that many stacks implement it.  We don't.  There's nothing wrong with it, but it's down to practicalities.  My understand is that implementing MtE isn't justified relative to just moving to an AEAD.