[TLS] DTLSv1.3: Record Number in AEAD computation
Marco Oliverio <marco@wolfssl.com> Mon, 02 May 2022 08:58 UTC
Return-Path: <marco@wolfssl.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id D1AE0C159492
for <tls@ietfa.amsl.com>; Mon, 2 May 2022 01:58:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001,
RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id j-x4oIXRTtDv for <tls@ietfa.amsl.com>;
Mon, 2 May 2022 01:58:53 -0700 (PDT)
Received: from p3plsmtpa09-08.prod.phx3.secureserver.net
(p3plsmtpa09-08.prod.phx3.secureserver.net [173.201.193.237])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 6AF11C15948C
for <tls@ietf.org>; Mon, 2 May 2022 01:58:53 -0700 (PDT)
Received: from [192.168.1.187] ([37.103.4.0]) by :SMTPAUTH: with ESMTPSA
id lRtLnCYQHkeBLlRtLnCuii; Mon, 02 May 2022 01:58:52 -0700
X-CMAE-Analysis: v=2.4 cv=XvE/hXJ9 c=1 sm=1 tr=0 ts=626f9d4c
a=pL3YKeI6NbAJ8uvMRT9s7A==:117 a=pL3YKeI6NbAJ8uvMRT9s7A==:17
a=IkcTkHD0fZMA:10 a=CsGz4Yh2GWz8xLhCBd8A:9 a=QEXdDO2ut3YA:10
X-SECURESERVER-ACCT: marco@wolfssl.com
Message-ID: <15bba75f-fc21-9df7-8987-5e8823220144@wolfssl.com>
Date: Mon, 2 May 2022 10:58:50 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
Thunderbird/91.8.1
Content-Language: en-US
To: tls@ietf.org
From: Marco Oliverio <marco@wolfssl.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-CMAE-Envelope: MS4xfBtbF6qxdGqoAzUpXmzrAOkp8dXmce+rSudn7hAkXzTmw7l/bx+bekkdm4eTtLFvXs7B75oAOYgfW4Rel2ku/mSkapJ3rv+wxMnzAlWawfGGky5H0KNB
H4rntDlOgzVx3r0NXLnjIyWmUq9hnG0cbcFBhOPp1NE2KjmW81WHmm4Q
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Rx5uBKypAV8l0_5TCMqwZXhTSp4>
Subject: [TLS] DTLSv1.3: Record Number in AEAD computation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 May 2022 09:01:42 -0000
Hi all, In the RFC9147, in the last paragraph of Section 4 it's stated: """ This 128-bit value is used in the ACK message as well as in the "record_sequence_number" input to the Authenticated Encryption with Associated Data (AEAD) function. """ But the very last sentence of the same paragraph states: """ In DTLS 1.3 the 64-bit sequence_number is used as the sequence number for the AEAD computation; unlike DTLS 1.2, the epoch is not included. """ Aren't these statements contradictory? I think only the 64-bit sequence number is meant to be used and the first paragraph is a replace-error done while increasing the epoch size from the last draft. Thanks, Marco
- [TLS] DTLSv1.3: Record Number in AEAD computation Marco Oliverio
- Re: [TLS] DTLSv1.3: Record Number in AEAD computa… Ilari Liusvaara