IETF Logo Mail Archive

Re: [TLS] Connection ID Draft

"Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com> Tue, 17 October 2017 10:26 UTC

Return-Path: <thomas.fossati@nokia.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CF341330C1 for <tls@ietfa.amsl.com>; Tue, 17 Oct 2017 03:26:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.911
X-Spam-Level:
X-Spam-Status: No, score=-2.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2k9acCttN-wp for <tls@ietfa.amsl.com>; Tue, 17 Oct 2017 03:26:10 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00096.outbound.protection.outlook.com [40.107.0.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F897126BF0 for <tls@ietf.org>; Tue, 17 Oct 2017 03:26:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=o8f4c88984S9fF0M485Cd/U80GWGEAP9DZGmWn5pUTg=; b=C8GV+6EYyM2Tip/cRf00qiOLBwmqFndmxU1gK4Ih0ZGOZnwVdcU8fKfU4hlE9gLKaFbx99dtHoS2Gb8B2e7LXsENAxelLt6QF3v6EEBbpgy8WM5fEKxOuZQMbz2fWSARyYE0PLVn5DGkQScY1Q0ChDh0RA/fEoiogLa5Wj7fEio=
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com (10.163.168.26) by VI1PR07MB1103.eurprd07.prod.outlook.com (10.163.168.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.5; Tue, 17 Oct 2017 10:26:07 +0000
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::e157:80bf:7ba7:b2ed]) by VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::e157:80bf:7ba7:b2ed%13]) with mapi id 15.20.0156.004; Tue, 17 Oct 2017 10:26:06 +0000
From: "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
To: Martin Thomson <martin.thomson@gmail.com>, Eric Rescorla <ekr@rtfm.com>
CC: "tls@ietf.org" <tls@ietf.org>, "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
Thread-Topic: [TLS] Connection ID Draft
Thread-Index: AQHTQ6/ei1Eh6DPTUUK7WLQddJSSYqLnKXUAgADEnwA=
Date: Tue, 17 Oct 2017 10:26:06 +0000
Message-ID: <D0524862-083C-4576-98B8-6D8A4825D458@nokia.com>
References: <CABcZeBPXB6cOSztzDHtKSWUCJrgET+9cF_rAiiE8CYCUSY_uLA@mail.gmail.com> <CABkgnnXT7nv9aNQh12deeitF1CurENpxgUicn9GHjMbojcEvJg@mail.gmail.com>
In-Reply-To: <CABkgnnXT7nv9aNQh12deeitF1CurENpxgUicn9GHjMbojcEvJg@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: spf=none (sender IP is ) smtp.mailfrom=thomas.fossati@nokia.com;
x-originating-ip: [81.134.152.4]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB1103; 6:hFZp1hLJDN70QRWvPjiJkeGI/TFGkSQHipHQaDhhORkK6JnEVq3wFYU00RlT++rHDXUfWoGCgZyd3yYQ+G/5x91QIv0UjsbMMaR8hYoQbtjOnCm+XvKBT3Jse69yUib62oDvgU/Z1m0ttVSOcCwMTCfgJa3Wv5DRRemRkNw21CZBUCcKqe1TBnSw7Zkr712NSfPfb+6EznLVoDzNO2KFC+Y50RVJvpFg8TW28yGrzxHIBU7Z66IQoQJGMhuzp5Eh/Mmrb1WC9n7cMsqP6jINcyZdUJWz5iOe4IDAT9oB//XmDHmPXrPHru/6Zw5yMnIKskH+jaCGnkr2XKsLPw5h8w==; 5:p0oQiEF1XY1xqCHT53m+fGc7kBaJjUu1wWZ+a1nImQR7iDCac8wk86GrbFIvkdMGqGOOGvJr1b6EbqLZBeR6Nz5mCtB5+Fhg5rY7JfiM5FOl0ewO91JxTjP2wZyZgIPKxLK9owoOgQb+rqWHolJ2pDgfBW6viXSK8RoIYecJh9A=; 24:CGbyeCtivukPyIe18+n0UqFw1bpXw7i/b0mjgPcY5N/zUuDTbbjmOZAt+5lQLiRVTr/3DkG8ab43/AItVZQX3l1CMQfbYJFY5Ci/oW6adls=; 7:MRp6HaQk7Wdfk/xuZk0RqvxQAhFDluaRezgaN3plZMYhnZWKXNo1SGa3+07iCg87egwyUKsWC5JxZ+lSknr0aIG2pCQZcsBXXkSvvGkB7O5698GksI3Su4SHx1Y/7ecwfXwE1Uu6en7JbhURyWy9jVKCy6vyGiU6cMaUatTKLcNU4nXO4jNIkjL4bzdRTsZfYn0XjsV96zQpj8/isj+8rlBkiZew8Ag/LL4BXBqfnKI=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;SSOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10019020)(6009001)(376002)(346002)(39860400002)(199003)(189002)(24454002)(2950100002)(7736002)(53936002)(4326008)(6116002)(305945005)(68736007)(102836003)(2900100001)(105586002)(106356001)(6512007)(66066001)(110136005)(99286003)(82746002)(316002)(36756003)(83716003)(58126008)(83506001)(54356999)(5250100002)(6436002)(8676002)(8936002)(76176999)(6506006)(81156014)(50986999)(53546010)(54906003)(39060400002)(86362001)(229853002)(2906002)(3660700001)(6486002)(5660300001)(6246003)(97736004)(3846002)(478600001)(3280700002)(189998001)(107886003)(25786009)(33656002)(101416001)(81166006)(14454004); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB1103; H:VI1PR07MB1102.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
x-ms-office365-filtering-correlation-id: ebc5d5c3-bfcf-4ecd-c3d8-08d5154979ed
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075); SRVR:VI1PR07MB1103;
x-ms-traffictypediagnostic: VI1PR07MB1103:
x-exchange-antispam-report-test: UriScan:;
x-microsoft-antispam-prvs: <VI1PR07MB1103B26932F8EBD7E5A58972804C0@VI1PR07MB1103.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(20161123555025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:VI1PR07MB1103; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:VI1PR07MB1103;
x-forefront-prvs: 04631F8F77
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <9DAF4D0F7621F941975E18AF1856F3EB@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Oct 2017 10:26:06.3808 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB1103
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/iO9D-wAkj60ZeW9ya2Lw3HLzS6Y>
Subject: Re: [TLS] Connection ID Draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 10:26:12 -0000

Hi Martin,

On 17/10/2017, 00:42, "Martin Thomson" <martin.thomson@gmail.com> wrote:
> Thomas mentioned a heuristic, but I don't think that we need that.
> The only case that is difficult, and it's one that you might not care
> about, is one where a connection migrates to the same 5-tuple as an
> another connection.  There, you will match to an existing connection
> and find that the packet doesn't decrypt.  If the connection that you
> have associated with the 5-tuple supports and uses a connection ID,
> you can recover without trial decryption.  Otherwise, you just have to
> drop the packet when it doesn't decrypt.  (You could look up all the
> connections without connection IDs and use trial decryption, but why
> bother spending the effort and undermine the strength of your ciphers
> in that way.)

The following case (NAT box reboot) is problematic:

1. Application '1' on host A (A.1) uses DTLS+CID with application '1' on
   host B (B.1);
2. Application '2' on host A (A.2) uses plain-old DTLS with B.1;
3. The NAT box reboots (all previous 5-tuple mappings are lost);
4. B.1 receives a record from A.1 (whose 5-tuple has changed in the
   meanwhile);
 
How is B.1 supposed to correctly interpret the bytes starting at offset
+11?  (For what it knows, it could be CID from A.1 or the length field
from A.2.)
 
That's where the heuristic I mentioned in the other email comes in,
I think.

> Packet inspection boxes will have maintain state, I don't see a way
> around that.  The point here being that you need state to know how
> long the connection ID is, as well as how long it is.

I might be missing something fundamental here, but isn't the length
encoded in the CID field on the wire?

Cheers

v2.23.0 | Report a Bug | By Email