Re: [TLS] rfc7366: is encrypt-then-mac implemented?
"Christian Kahlo" <christian.kahlo@ageto.net> Thu, 30 October 2014 16:10 UTC
Return-Path: <christian.kahlo@ageto.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA7B61A005A for <tls@ietfa.amsl.com>; Thu, 30 Oct 2014 09:10:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NriaX9M9GTb2 for <tls@ietfa.amsl.com>; Thu, 30 Oct 2014 09:09:59 -0700 (PDT)
Received: from mail-lb0-f177.google.com (mail-lb0-f177.google.com [209.85.217.177]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E4131A0043 for <tls@ietf.org>; Thu, 30 Oct 2014 09:09:56 -0700 (PDT)
Received: by mail-lb0-f177.google.com with SMTP id 10so4601116lbg.36 for <tls@ietf.org>; Thu, 30 Oct 2014 09:09:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:reply-to:from:to:references :in-reply-to:subject:date:organization:mime-version:content-type :content-transfer-encoding:thread-index:content-language; bh=Ssn94pDhBfOLIWntJuGmEItv5GlIzVqxEeLGF21iSQw=; b=m+XxNYXfRv7+Zpojf3qA3ntSWosqqa5pG+TWNglk0TTMCTAyT+wae8hy0VBndM9pVX Lkbh4mnDbVCC2fafOs1+7XOQ3hShL415AEwTgLK9yGUCBMl5G+9qYsX2VmOW34Wmvdgw DCheqqMVMI5d1+aqi7gsM8a9hCqfFTQ2K3EsUec7x1oOhzG+c1GTiVla1xiJpUeErRaL /X+XDSkMelbI2iRmXaIizAtvD74+lMXHw/mKyaegkCackIVdZONHr3JyBL1CCBbIN8k5 GetWPD6Xgq2Aqh7G4EUHaHDPme/Dtr+W7fzoq3OUrDHs3u7kEvf7zP7HRDKl2fHszwci /Ifw==
X-Gm-Message-State: ALoCoQmtU5u3EZfj9kI5mBVbNvYihFSJwO2tvrzXbDvNIFaNE0TethjCYyTVyTgEQl94tnMDehNW
X-Received: by 10.152.7.175 with SMTP id k15mr19884437laa.58.1414685394476; Thu, 30 Oct 2014 09:09:54 -0700 (PDT)
Received: from THINK2 ([82.119.170.75]) by mx.google.com with ESMTPSA id h9sm3352855lae.44.2014.10.30.09.09.52 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 30 Oct 2014 09:09:53 -0700 (PDT)
Message-ID: <545262d1.c913980a.262d.ffffb8ac@mx.google.com>
X-Google-Original-Message-ID: <004a01cff45b$f0c30e30$d2492a90$@kahlo@ageto.net>
From: Christian Kahlo <christian.kahlo@ageto.net>
To: 'Peter Gutmann' <pgut001@cs.auckland.ac.nz>, tls@ietf.org
References: <9A043F3CF02CD34C8E74AC1594475C739B9DC04D@uxcn10-5.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C739B9DC04D@uxcn10-5.UoA.auckland.ac.nz>
Date: Thu, 30 Oct 2014 17:09:51 +0100
Organization: AGETO Innovation GmbH
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac/0QlyClWW7Q6CgQVidvuiE5f8+/wAFO75A
Content-Language: de
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/KUuApcPZoVBRTo_0Ch2Uq5i1ZNE
Subject: Re: [TLS] rfc7366: is encrypt-then-mac implemented?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: c.kahlo@ageto.net
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Oct 2014 16:10:02 -0000
> >But as stated before I'll have a look in the final RFC and compare it > to the > >currently deployed implementation. > > See the more recent messages about this though, there are two possible > interpretations, both equally valid, so don't go changing things just > yet :-). Done so. After reading some dozen eMails and bug reports at different sites (Google, Mozilla) I think I'm now up to date what the whole discussion is about. I understood "TLSCipherText.length" in the MAC-function as the length of the encrypted and padded data because the MAC is calculated exactly over this - not anything else. This seemed quite logical to me. But I now realize that fragment.length != length of the final data block on the wire. It's more a question of wording - and how it is interpreted. BTW: @all, after seeing all this: it is far, far easier to talk to Peter or me directly in case of doubts about EtM than to open tickets on systems all over the world we aren't aware of. ;-) So, eid.vx4.net will keep its implementation for all those who want to check and discuss RFC7366. Best regards, Christian
- [TLS] rfc7366: is encrypt-then-mac implemented? Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Martin Rex
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Ilari Liusvaara
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Henrick Hellström
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Peter Gutmann
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Yngve N. Pettersen
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- [TLS] record-level version number in ClientHello Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Yngve N. Pettersen
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Yngve N. Pettersen
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Martin Rex
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Christian Kahlo
- Re: [TLS] record-level version number in ClientHe… Martin Thomson
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Martin Rex
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Martin Rex
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Manuel Pégourié-Gonnard
- Re: [TLS] rfc7366: is encrypt-then-mac implemente… Nikos Mavrogiannopoulos
- [TLS] rfc7366: status Nikos Mavrogiannopoulos
- Re: [TLS] rfc7366: status Martin Rex