IETF Logo Mail Archive

Re: [TLS] ChaCha and IVs

Sandeep Kumar <ietf@sandeep.de> Wed, 05 March 2014 17:25 UTC

Return-Path: <ietf@sandeep.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4E731A01A7 for <tls@ietfa.amsl.com>; Wed, 5 Mar 2014 09:25:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.027
X-Spam-Level:
X-Spam-Status: No, score=-1.027 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eWFWMf3cvtkV for <tls@ietfa.amsl.com>; Wed, 5 Mar 2014 09:25:30 -0800 (PST)
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::8]) by ietfa.amsl.com (Postfix) with ESMTP id CDD911A00F5 for <tls@ietf.org>; Wed, 5 Mar 2014 09:25:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1394040325; l=2168; s=domk; d=sandeep.de; h=Content-Type:Cc:To:From:Subject:Date:References:In-Reply-To: MIME-Version:X-RZG-CLASS-ID:X-RZG-AUTH; bh=JZLVkHUTffHJU2qoW+b+xbbgj2I=; b=Q6HJ0ICHES2f7XgT1dxrjIVmm9coL1fWA/qs9iodX0tW74ZsfiqZytcXuJSzD+ChIUd pYfpXunNC+m4n9mlvkUbWvyXMGPJnSN52kJh6f92IyAjJ9snpbxgen4HReYikY/EdFWoD DodwMjW2UVIHqr7K62iNfEfoIGvR9nQsKBg=
X-RZG-AUTH: :JWkQc2C7evFfytIRBe7p82UYMzBqkr+YiXEkNEKLhUifTGcaF4Qcnm8=
X-RZG-CLASS-ID: mo00
Received: from mail-qg0-f43.google.com ([209.85.192.43]) by smtp.strato.de (RZmta 32.27 AUTH) with ESMTPSA id Y0770bq25HPOfBc (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verification FAILED - certificate not trusted)) (Client hostname not verified) for <tls@ietf.org>; Wed, 5 Mar 2014 18:25:24 +0100 (CET)
Received: by mail-qg0-f43.google.com with SMTP id f51so3743596qge.2 for <tls@ietf.org>; Wed, 05 Mar 2014 09:25:23 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=RDNeslT6UqV/0z2nwlxg6TpsYyjuyofEZ5w92qxETr0=; b=O1mujqHzxgJdfhRhrjCSlhCVxptv+mlD3uwzDiWoDhP5i/Cyis1CYsmvn7rD9GwX01 ZcR06B9D63wX6MbyB7+mmFUm7qZAfmeBsNww0+5PLYeKkyvFmai4JVqi3Tkw/cJd/yXn 71lxV1BROu2Rwr6m8E2IzAUH9HZlwQMMufWav8HrdGqC1dcaYpOjb6B2lTZT+wTzWdBY IcZG0eLfLSMueNcnMg1TRh5BPJg7nwOxkG5zeMNZeJ7Fkw+eM+lNTMCQfeiY3geOruMZ 6Lx03/tyFtLV1nFSZvwD83YgypxPE+L6BHcli2T/RjFvKTKJaRMoxWJ/qIezA0DQbvBV MIuw==
MIME-Version: 1.0
X-Received: by 10.224.0.79 with SMTP id 15mr8543265qaa.2.1394040323318; Wed, 05 Mar 2014 09:25:23 -0800 (PST)
Received: by 10.224.32.73 with HTTP; Wed, 5 Mar 2014 09:25:23 -0800 (PST)
In-Reply-To: <CAL9PXLyWa1BucDZqfXj5AQ7yHfeW4y3veRaXicA+3VUJPHKGWQ@mail.gmail.com>
References: <53160513.20703@bbn.com> <1393955839.20861.20.camel@dhcp-2-127.brq.redhat.com> <53161BA7.3070405@drh-consultancy.co.uk> <CAL9PXLzMiq-WsaAO8Q=kWqbQ3taw-xtuNw_ffuZxjFUXCEEG9A@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C711EFC395B0@USMBX1.msg.corp.akamai.com> <CAL9PXLyWa1BucDZqfXj5AQ7yHfeW4y3veRaXicA+3VUJPHKGWQ@mail.gmail.com>
Date: Wed, 05 Mar 2014 18:25:23 +0100
Message-ID: <CAH51uSfsef=aDoJ2TUG8eRHVquhOFUjUNQ1MZWqpm12pG8n5DQ@mail.gmail.com>
From: Sandeep Kumar <ietf@sandeep.de>
To: Adam Langley <agl@google.com>
Content-Type: multipart/alternative; boundary="047d7bf0d498462a6a04f3df4e12"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/XGMAFkmpYxio6SP0lSTAp5BQ7Do
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] ChaCha and IVs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 17:25:32 -0000

On Wed, Mar 5, 2014 at 12:18 AM, Adam Langley <agl@google.com> wrote:

> On Tue, Mar 4, 2014 at 6:11 PM, Salz, Rich <rsalz@akamai.com> wrote:
> > For eight bytes.  Shrug, okay, your battle (if, in fact, it is; Wan-Teh
> could be rightr).
>
> 8 bytes is ~0.6% of bandwidth assuming that one is sizing records to
> packets. It's not huge, but it's not trivial.
>
>
For constrained environments where we try to fit everything within a 127
byte of the 802.15.4 frame to avoid fragmentation, 8 bytes of additional IV
is going to be a deal breaker for this cipher suite to be used in DTLS for
such environments. Prefer there is no such unnecessary ciphertext expansion.

Sandeep

v2.23.0 | Report a Bug | By Email