IETF Logo Mail Archive

Re: [TLS] DTLS 1.3 AEAD additional data

Thomas Fossati <Thomas.Fossati@arm.com> Sat, 25 April 2020 10:43 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20CEC3A0A31 for <tls@ietfa.amsl.com>; Sat, 25 Apr 2020 03:43:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=0CLLIVfc; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=0CLLIVfc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bgvDwuulrttr for <tls@ietfa.amsl.com>; Sat, 25 Apr 2020 03:43:41 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130081.outbound.protection.outlook.com [40.107.13.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0518B3A0A28 for <tls@ietf.org>; Sat, 25 Apr 2020 03:43:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sOjkosUZXZtTScerb4D/Hok2leqfoL3KP1Lo2DFR63I=; b=0CLLIVfcrsMF+kjxFMj9FXwTR92M97xOVql8S9AtoFAEkqY+9/OCi3ijE6a4d/+DMHv1VhXvhWufMRf8DgBNwzavPMMN08q5Y0nCOfEnIhKoyHNbGpGfjSZCz+StNLG1leZYyhtV+pII2RstZ/yfWFSouYViLUZsXyb6ugzhpXs=
Received: from DB8PR04CA0025.eurprd04.prod.outlook.com (2603:10a6:10:110::35) by HE1PR0802MB2235.eurprd08.prod.outlook.com (2603:10a6:3:c3::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13; Sat, 25 Apr 2020 10:43:38 +0000
Received: from DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:110:cafe::9) by DB8PR04CA0025.outlook.office365.com (2603:10a6:10:110::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13 via Frontend Transport; Sat, 25 Apr 2020 10:43:37 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT055.mail.protection.outlook.com (10.152.21.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.19 via Frontend Transport; Sat, 25 Apr 2020 10:43:37 +0000
Received: ("Tessian outbound ff098c684b24:v54"); Sat, 25 Apr 2020 10:43:37 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 055fb1c150337261
X-CR-MTA-TID: 64aa7808
Received: from cb6f2a36c75f.2 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 21B473CB-B98E-4BA8-ADA2-2216D0FA82E4.1; Sat, 25 Apr 2020 10:43:32 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id cb6f2a36c75f.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Sat, 25 Apr 2020 10:43:32 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KrmzPixatVEQXKpWQ8g0OfRm51ZssxgsPsxRjYCVjdVQm6nC1oyJzIsjHxcHpho3inPLWlRVJ7KSCn9x49Lm75VT0TBQcQaiFTL+/zyImI7GN3N3LFpX0PjnAxIveeifygjYxRmGHEZkzptnpXcx0GeBfiN4VSoyd3KSjKEC9TG9XtbWOHLz8KAaVaa5XZDNybsPyHrcZS+K5pGwzJj4uqSmAAheDtuHDqvxhrG3smTjvJbOeOfhNdwP69zKqVpo+jeTUxO0pDHjMuzX6OXBY0iOycz/bplufkD6MnvUJQLFyCVUJtBJfj7xXz/As9qe0LyjZhl5Onjde61ZY1evAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sOjkosUZXZtTScerb4D/Hok2leqfoL3KP1Lo2DFR63I=; b=IRy3COFr14ipb+tX77UnWIJx99GCWAS13CTuuaMS+6xC1PsqvWvi/xn7Gm7qXA4EpiOmSKIF4pgVvkZa5hOZPwgY7ezri26GLlKlsYmG9c/vHHoxvoicCSIIMA0yAB3XTBP4jRaLPmNn80pw/TpE6QbM2adUSY+VTbG4jnSMbJW9XhA6rRv1dALGGdlil0jIWNReFfHtn47jGrQaVVldReNmPdoYtPyWob/6JZRq6Em3ZnjAa8I/VxxI3JnyWQ1dW/Mz5BgeZzU8LwnG5lLbX32FGmCKTqaG9FdwxB8FW1RmSR5ptiNZBOhVvBXiREyC9beIa/PVKDLhgnCpxWnrAg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sOjkosUZXZtTScerb4D/Hok2leqfoL3KP1Lo2DFR63I=; b=0CLLIVfcrsMF+kjxFMj9FXwTR92M97xOVql8S9AtoFAEkqY+9/OCi3ijE6a4d/+DMHv1VhXvhWufMRf8DgBNwzavPMMN08q5Y0nCOfEnIhKoyHNbGpGfjSZCz+StNLG1leZYyhtV+pII2RstZ/yfWFSouYViLUZsXyb6ugzhpXs=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (2603:10a6:20b:73::23) by AM6PR08MB3397.eurprd08.prod.outlook.com (2603:10a6:20b:43::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.22; Sat, 25 Apr 2020 10:43:26 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::5e0:a53a:d4d6:2e8d]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::5e0:a53a:d4d6:2e8d%6]) with mapi id 15.20.2937.020; Sat, 25 Apr 2020 10:43:26 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: Christopher Wood <caw@heapingbits.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] DTLS 1.3 AEAD additional data
Thread-Index: AQHWF+iN1gKILcDltkmRr5OfopCaAaiD3VMAgAB8FQCAAE7VmIAAawyAgAAHdS6AAB8+AIAACQCRgACPx4CAABkpAIAABDCAgAAC0ICAAEL8/IAAHxqAgADkdgCAAcgWAIAAsyqAgAAI7IA=
Date: Sat, 25 Apr 2020 10:43:26 +0000
Message-ID: <1CBF6B88-8830-44A4-8F9B-143F884FF6ED@arm.com>
References: <AM6PR08MB3318911C71C0DDB90480694A9BD50@AM6PR08MB3318.eurprd08.prod.outlook.com> <CABcZeBMs+o4BU5VhqJKmQvnkEe9RkQXRv7Ej6pVD1-e1vdMoyA@mail.gmail.com> <CABcZeBM9Ri=Rz5kbWn08Vk-Y14MVSALwB1Bd9QV=HfWoq3XqSA@mail.gmail.com> <AM6PR08MB33184161239B6383EA7D776C9BD20@AM6PR08MB3318.eurprd08.prod.outlook.com> <CABcZeBM4wVkH_pdTZMakyV9Y=tk8PNDknHTFhjwX-sw3GOOaZw@mail.gmail.com> <AM6PR08MB3318D6A11587449627F6EA679BD20@AM6PR08MB3318.eurprd08.prod.outlook.com> <CABcZeBNcODKehe217nr2jSedy6N6Gun+QYcksFp2Oqv6gLrzzw@mail.gmail.com> <AM6PR08MB3318717D21E69A2373AC1ACE9BD20@AM6PR08MB3318.eurprd08.prod.outlook.com> <8371994b-799c-4196-a3cd-4b0f71e24b5e@www.fastmail.com> <CABcZeBNbehkW8FO29DS00m19+b=dH8V8esscu8OU-mmaJf6etQ@mail.gmail.com> <5b74a840-a1cd-4b5b-a0c5-65320b851325@www.fastmail.com> <CABcZeBOvm-nx6hKR79ChN=A4RFzWgt=-BzjORc=N7_A79tO6Ng@mail.gmail.com> <AM6PR08MB3318D5881B8D2BEFF938F2B79BD30@AM6PR08MB3318.eurprd08.prod.outlook.com> <1e6201d6-a078-4137-898d-d1554c22aa10@www.fastmail.com> <CABcZeBPs7gOenD8Fs2uFXxY=hHyvwiKAvqkDPNzSZDTuReuBJg@mail.gmail.com> <fd9e2ddd-a79d-4f52-be17-92ba688d618f@www.fastmail.com> <E1F21884-A4FE-4057-B670-387A8B4C3100@arm.com>
In-Reply-To: <E1F21884-A4FE-4057-B670-387A8B4C3100@arm.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
x-originating-ip: [82.11.185.80]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 5458a1ff-5850-4d51-c8f4-08d7e90582f5
x-ms-traffictypediagnostic: AM6PR08MB3397:|AM6PR08MB3397:|HE1PR0802MB2235:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <HE1PR0802MB223580D52482D20CF3EF16299CD10@HE1PR0802MB2235.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0384275935
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB4231.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(396003)(376002)(39860400002)(366004)(346002)(110136005)(6512007)(81156014)(6486002)(5660300002)(86362001)(8676002)(8936002)(6506007)(316002)(33656002)(478600001)(53546011)(66946007)(26005)(2906002)(64756008)(76116006)(186003)(91956017)(2616005)(66556008)(36756003)(66446008)(71200400001)(66476007)(4326008); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: Uz4Azy34HT2LJONHfvHJECuE0VYRhQL6gpkEvEv6gTKDNOjb/rm7WCy1zeWnueI+UaWG/Je9xqqLSW/iosoRYUDrNw9F34PPn+DwrBCoHxJEFVDU9xoza0r34lI39OzCEPl3FdqzvFTnTF8sQ10V+4z6g0E0hXm7ziBJVnR4kJBJT26iybHCesj5Np1LZD90u5D5jcUzAOUMhG1a3qlYPyccbiTCPmuETb9vPx2wAxiC4t3GeDEduCLgZWnqr23welDJB8FFPKPe2TjHeeeR9g9i8YFBBnTJrgHNZ4nRC/2b+HxIavB1TAYVdWg0Nxa1+dZYpsiuQPqgyDUGjLQke5wUHbzibNfYDD4unNXVjLcsBHlagx7ViRgItCiIoYT1veXPi4qEPJJUw9IuQNcdziSNigjhPKSfOGEzDFkUg2uo5Hifqpz43woJ26EZnrM8
x-ms-exchange-antispam-messagedata: vo70uidEq6dY0uvXAqKrg3K5slPQGIgINwoWjRJjeSWo5riXMouTVsldmdeAylePmSpu+6A6CIhwRdVGxkm+YWV0nOp6x8TwndR8cXRLCcoZgilhlIPmAJvWex0Xa36RZAyEyPxiefSWGlOg5u82FFl13WcOs0ehWp+3yRuU26BVIfubTXLAUJI1nUI96KQZvdvLfAgEhikMPPEIgL7gGZX4LQ9a2C+bVK6qIc+R9lYn+0z50V57ppiT3dyP3aZqQgJ4o8+keapwu7ptZY3t2WijKMRUBgtFD08U6URRu+6jK4Kn1dPK2IFFVlzMvldOmxmwsYbHVTFczS/fCg19SraWLOsomuqeKCYfKMJaxAGQcIDedqRVSiIlDDFm99gMYTXzdbaPA5h/AG3E3NQPPqHZKB9+Zz8QxNdvCw4CEfu7LxYbKnYGfslKEQrL+QtnRmJ1pVjR4NMMNonzBIvNsMCHeUuR6aQoEATP02HUVuAHt4lwxulkk1IDKFfnWDipu0J+REFXAulhI8yDLgkDBDkYnt+Mst6oF3QdJNNDfp/Nn3iEfAIOtwt6t4uCjTq0xbHQyQ2AJjGIQ4vj7k4NA4qSYMLIrFNY0GKZCSxnlWFZ0hsYUCfG8+JsR2gAbAkhLhT3mwsCVDKKndzV23k9tjqO/x5lgfcDiV612Zby2kYZV7qPE5wNruoIj8IxRW1pzeLYy7WeWPSvRtscSkR7wH1ShhqOtcZTUnNzGhw9eYxuW88CxaK1rarJGFFW+rvP0PXh/o32XzzUH2+ColwnYAlsfWrhFJNMvjZsKcV5zF8=
Content-Type: text/plain; charset="utf-8"
Content-ID: <D0F7A11AD8D59D408E327CC21077E81A@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3397
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(396003)(39860400002)(346002)(136003)(376002)(46966005)(86362001)(316002)(110136005)(81166007)(4326008)(6512007)(82740400003)(6486002)(36756003)(33656002)(5660300002)(81156014)(186003)(8676002)(70586007)(8936002)(47076004)(478600001)(2616005)(356005)(336012)(2906002)(82310400002)(53546011)(26005)(6506007)(70206006); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 214a50be-bb2f-4dfb-d667-08d7e9057c34
X-Forefront-PRVS: 0384275935
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: lx+iEdkBqklt46ICTSmdrUQRBRqp6YS3Xr2YYcLbwathyH+Ja+k4vFP0FolQlDmsA3xGHBowkeQrbaxneErjW480SjazbHNA6k9LyiKQDPse1Z83JAkYN7T3XXd0pqjvMVi2r3KoavBQQrzqFSfGk55hp2bims1hP4y+MXCkeUpe4wCDyYcd12Azc0++ExYXId/3FdD/n5Pxvk5pGpqbLu8aH45v5aVB82zRTteK69sVNf7SO9EbnAk5gfbNrM4psChdoqWzV3AJ7AjH68/NE529y+/bSSMCfUgGX88VVsmuzedlvDi3bqYH89lK4vdWkw0QoewPLwwexToicwK2SMzsyFrABUdGY1EtcxgYuVwBO8H2Sky/t2Ro93aTicgTjuhYZrQXz8GZIJ7TGARgTMMkiOVos2mOdt4FDcmqiRA1+wOjS75Zd5KkNn09qmVrAnhQaXmURkJ7phWlXQ7M+iZlQFOjJUgleu8g5ff9OmDxR6Vg3qQwd1mQKAMlt0AW/uCZ6QsNZf1JG0A7UjqBdA==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2020 10:43:37.7398 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5458a1ff-5850-4d51-c8f4-08d7e90582f5
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0802MB2235
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/UIME7UW1xnxLpytJo2JyDsFFMxQ>
Subject: Re: [TLS] DTLS 1.3 AEAD additional data
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Apr 2020 10:43:43 -0000

On 25/04/2020, 11:11, "Thomas Fossati" <Thomas.Fossati@arm.com> wrote:
> On 25/04/2020, 01:30, "Christopher Wood" <caw@heapingbits.net> wrote:
> > On Thu, Apr 23, 2020, at 2:17 PM, Eric Rescorla wrote:
> > > 1. Allowing implicit CIDs is very recent (it was introduced in
> > > -34)
> > > 2. The CID specification explicitly prohibits it for DTLS 1.2.  3.
> > > I haven't really heard a very compelling argument for this and I
> > > note that QUIC forbids it [and in fact has much worse problems
> > > when you mix epochs because the long header is so long]
> > >
> > > So, given that the simplest and most consistent thing is to simply
> > > forbid it: can someone make an argument for why this is important
> > > to permit?
> >
> > Thanks to everyone who participated in this thread so far! Given the
> > points above, the chairs would like to hear arguments in favor of
> > implicit CIDs. Absent substantial rationale, we'll assume rough
> > consensus for explicit CIDs.
>
> Hi Chris, I think implicit CID needs to be considered in the wider
> scope of unified_hdr compression, together with implicit length and
> shortened epoch.  In particular, from Chris P's emails I understand
> that being able to authenticate records' length is a core assumption
> in the security proof of TLS.  Therefore leaving it out from DTLS AAD
> when it's not in the header looks like a pretty bad idea.  If this is
> the case (i.e. the fact that the wire image by itself is not
> sufficient input to the AAD), then authenticating implicit CIDs should
> just come in the same bundle.

Sorry, scratch that for the moment - I had missed the most recent emails
on this thread :-(

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email