Re: [TLS] Reducing record expansion overhead allowance
Eric Rescorla <ekr@rtfm.com> Sun, 20 July 2014 13:15 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 138D11B2C1A for <tls@ietfa.amsl.com>; Sun, 20 Jul 2014 06:15:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KR0kj7z1iotG for <tls@ietfa.amsl.com>; Sun, 20 Jul 2014 06:15:00 -0700 (PDT)
Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A84611B2C11 for <tls@ietf.org>; Sun, 20 Jul 2014 06:14:59 -0700 (PDT)
Received: by mail-we0-f182.google.com with SMTP id k48so5239706wev.27 for <tls@ietf.org>; Sun, 20 Jul 2014 06:14:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=ey2Msh41j2SdGnBuPIW6X4YtaN+lTgH4WsdHIiLmwOg=; b=cJgzBTtXY7Cw59pO+sQr/JdopgfbpqXGd/ZurQgQgG1iZDKZH/jOxZGe8qroysXdbf xki0qSbtVkPTlWE+YK+FSA/I44UiN03McCkc2be9c8idNnTuMBT77+/pbxvXrdYSUR1H nGCeQJxZ4EqOJT9u3m9+tJcszFsp48TkCQFxlbCaQTj/68GjawbEyQfF7VgxyI2TyI92 qOeIG+sB8gGSJJ0wjCQLadf6yFFEBTF2T8oY7gzkhxlepK+gRz0awHnA3QR9epels7fw 4qJ6+OoMJQ7eZADjlhV7OaCZJRovFSEnvnNm0j8aCEy8BJQ7FvhbGnfIYU18nal19tCl EHPA==
X-Gm-Message-State: ALoCoQmz5n730pAajaT4Dgviv+DJbgPGvoZYmlEc7z8/Iu1S8zExe+QckjCB8j9sijs0u4nnjn3v
X-Received: by 10.180.75.49 with SMTP id z17mr20561909wiv.80.1405862098305; Sun, 20 Jul 2014 06:14:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.217.128.12 with HTTP; Sun, 20 Jul 2014 06:14:18 -0700 (PDT)
X-Originating-IP: [2001:450:1f:232:c9fd:4f6f:8085:675b]
In-Reply-To: <F559B0F3-84E8-40A4-94DE-CEAC45EAF04B@gmail.com>
References: <CABcZeBODbabpOUgb431X3Xz_fB1KK8wn8-SMJgYZVE2V3oCLow@mail.gmail.com> <F559B0F3-84E8-40A4-94DE-CEAC45EAF04B@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 20 Jul 2014 06:14:18 -0700
Message-ID: <CABcZeBMXy78Wr39x3VQEiueOH1-KJiJFkGMcEP-r4ZKUg9KTMA@mail.gmail.com>
To: Fabrice <fabrice.gautier@gmail.com>
Content-Type: multipart/alternative; boundary="f46d04389533f9202804fe9fc638"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/mYFkmdoXBNLa2-U4IgNmTtwsV_g
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Reducing record expansion overhead allowance
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Jul 2014 13:15:02 -0000
On Sat, Jul 19, 2014 at 9:31 PM, Fabrice <fabrice.gautier@gmail.com> wrote: > What are the benefits of reducing the allowed overhead? > It's good to have some fixed overhead to make implementation easier. The benefit to reducing it to 1024 is mostly consistency of assumptions about the AEAD ciphers. -Ekr > -- Fabrice > > > On Jul 19, 2014, at 11:56, Eric Rescorla <ekr@rtfm.com> wrote: > > https://github.com/tlswg/tls13-spec/issues/55 > > In TLS 1.2, we had the following maximum values: > > TLSPlaintext: 2^{14} > TLSCompressed: 2^{14} + 1024 > TLSCiphertext: 2^{14} + 2048 > > These overhead values allow for expansion in these transforms > due to potential bad compression overhead or padding, etc. > > Wan-Teh Chang points out that we no longer have compression > so there's no need to allow for 1024 bytes of expansion there. > > Minimally we should reduce the TLSCiphertext overhead to > 2^{14} + 1024. Do people believe that we will have AEAD > ciphers with 1024 bytes of expansion or should we reduce > it further? I'm inclined to not re-judge that and just leave it > at 2^{14} + 1024. > > Thoughts? > -Ekr > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
- [TLS] Reducing record expansion overhead allowance Eric Rescorla
- Re: [TLS] Reducing record expansion overhead allo… Martin Thomson
- Re: [TLS] Reducing record expansion overhead allo… Fabrice
- Re: [TLS] Reducing record expansion overhead allo… Eric Rescorla
- Re: [TLS] Reducing record expansion overhead allo… StJohns, Michael
- Re: [TLS] Reducing record expansion overhead allo… Eric Rescorla
- Re: [TLS] Reducing record expansion overhead allo… StJohns, Michael
- Re: [TLS] Reducing record expansion overhead allo… Eric Rescorla
- Re: [TLS] Reducing record expansion overhead allo… StJohns, Michael
- Re: [TLS] Reducing record expansion overhead allo… Daniel Kahn Gillmor
- Re: [TLS] Reducing record expansion overhead allo… Fabrice Gautier