Re: [TLS] Data volume limits
Watson Ladd <watsonbladd@gmail.com> Wed, 16 December 2015 18:19 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6946A1A873B for <tls@ietfa.amsl.com>; Wed, 16 Dec 2015 10:19:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rlQmfqRVNvUj for <tls@ietfa.amsl.com>; Wed, 16 Dec 2015 10:19:44 -0800 (PST)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CF981A7D81 for <tls@ietf.org>; Wed, 16 Dec 2015 10:19:44 -0800 (PST)
Received: by mail-qk0-x234.google.com with SMTP id t125so77694647qkh.3 for <tls@ietf.org>; Wed, 16 Dec 2015 10:19:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=PLdlmWQrGF5B/70Ce4Y3DMdAOlnto4W0beHPGPq1XX4=; b=RmBap+0DM+V+x7iTAQgK9bzJOxYQ4Sf2wDis+NTzXdMpENvMHpvInL8/t56YjqHrBh txo0k4Rw7l7X74kQ1fWW+v7q5ptaq5p848Ylz7IGy84U+/YT08agHVAlTmaHxQwS/M1a A/AWK2MHFiylDFwX2MpgeFkYFlN2etftLauPMvh3RE6yxgKQIA/gZxwW62TESnjoUMPO RIVSXtnm0ZV9HRs+UdvNZQAvxdxTQwGCQ6ysD9+0aThjZwptiBBo2+4gVGpU0ju+dj05 Jcuk6mMMsq8tv+z7MMxeiyLdcfr08jL14zgx6ChZv223+MndGKuxNSrwIUng9MfGqGjK EZYw==
MIME-Version: 1.0
X-Received: by 10.129.99.195 with SMTP id x186mr28351759ywb.345.1450289983461; Wed, 16 Dec 2015 10:19:43 -0800 (PST)
Received: by 10.129.148.131 with HTTP; Wed, 16 Dec 2015 10:19:43 -0800 (PST)
In-Reply-To: <D2970BD3.24295%uri@ll.mit.edu>
References: <CABcZeBNR76DqPo0Mukf5L2G-WBSC+RCZKhVGqBZq=tJYfEHLUg@mail.gmail.com> <87twnibx5p.fsf@latte.josefsson.org> <CABcZeBO=MQTu2t+EGBn4m2LZt_DKtY3RggF-GcM0S=jAwXeSRw@mail.gmail.com> <BY2PR09MB126923BEB23720E72077364F3EF0@BY2PR09MB126.namprd09.prod.outlook.com> <D296D6CB.213C9%uri@ll.mit.edu> <CACsn0cnb2wScP5m9FnroPLSVcsK1gQVVZdFZpT5kX6q+pGOn5g@mail.gmail.com> <D29703E1.21AAF%uri@ll.mit.edu> <CACsn0cnHPtfP-We0=PyeQchMxPM9eXgY4B3zJkZXn0z3h89mHg@mail.gmail.com> <D2970BD3.24295%uri@ll.mit.edu>
Date: Wed, 16 Dec 2015 13:19:43 -0500
Message-ID: <CACsn0c=d5X5Ks4OgrkrZnpjymUyUsTCnPgY4BzJOBAuGiC72mA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/xOcnuvKPYd0cPomp7rZBK-FRKv4>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Data volume limits
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Dec 2015 18:19:46 -0000
On Wed, Dec 16, 2015 at 1:14 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote: > On 12/16/15, 12:16 , "Watson Ladd" <watsonbladd@gmail.com> wrote: > >>On Wed, Dec 16, 2015 at 12:09 PM, Blumenthal, Uri - 0553 - MITLL >><uri@ll.mit.edu> wrote: >>> On 12/16/15, 10:50, "Watson Ladd" <watsonbladd@gmail.com> wrote: >>>>>If there are practical consequences, like loss of confidentiality – I’m >>>>> dying to hear the outline of a practical attack. >>>> >>>>The problem is that people design systems assuming something like >>>>indistinguishability. And so when you violate that assumption, all >>>>bets are off. >>> >>> I don’t buy this. AFAIK, TLS has not been designed based on that >>> assumption. And I’m not making any bets. :) >> >>What security properties does TLS provide? > > When the vast majority of TLS users employ it (TLS), they expect (a) that > TLS would ensure the authenticity of their remote peer, (b) that TLS would > protect their data exchange from being eavesdropped on and/or modified, > and (c) that these hold even when the “enemy” (whoever he might be) > controls the entire communications path between them and their peers. > > You can translate the above into more formal definition. :-) > >>In the past TLS users have made assumptions that TLS provides security >>properties it does not. > > Very true. > >>The solution to this problem is to provide the security properties >>that people expect, and they expect IND. > > Not necessarily so. > > As far as I’m concerned, IND-* is a good property to have, but not a > “sacred cow”. Do you have an alternative definition you can put in and crank and get the limit out? That's the level of definition at which this sort of analysis has to be done, not blathering about "confidentiality" and specific attacks. The reason I used IND-* is that's what the analyses that have been performed used, because it is defined well enough to do this.
- Re: [TLS] Data volume limits Watson Ladd
- [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Dave Garrett
- Re: [TLS] Data volume limits Benjamin Beurdouche
- Re: [TLS] Data volume limits Scott Fluhrer (sfluhrer)
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Russ Housley
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Hanno Böck
- Re: [TLS] Data volume limits Scott Fluhrer (sfluhrer)
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Brian Smith
- Re: [TLS] Data volume limits Henrick Hellström
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Andrey Jivsov
- Re: [TLS] Data volume limits Scott Fluhrer (sfluhrer)
- Re: [TLS] Data volume limits Henrick Hellström
- Re: [TLS] Data volume limits Brian Smith
- Re: [TLS] Data volume limits Martin Thomson
- Re: [TLS] Data volume limits Martin Thomson
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Dave Garrett
- Re: [TLS] Data volume limits Stephen Farrell
- Re: [TLS] Data volume limits Dave Garrett
- Re: [TLS] Data volume limits Martin Thomson
- Re: [TLS] Data volume limits Bill Frantz
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Martin Thomson
- Re: [TLS] Data volume limits Dave Garrett
- Re: [TLS] Data volume limits Andrey Jivsov
- Re: [TLS] Data volume limits Ryan Carboni
- Re: [TLS] Data volume limits Paterson, Kenny
- Re: [TLS] Data volume limits Simon Josefsson
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Henrick Hellström
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Dang, Quynh
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Brian Smith
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Brian Smith
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Nikos Mavrogiannopoulos
- Re: [TLS] Data volume limits Yoav Nir
- Re: [TLS] Data volume limits Dang, Quynh
- Re: [TLS] Data volume limits Hubert Kario
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Florian Weimer
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Florian Weimer
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Ilari Liusvaara
- Re: [TLS] Data volume limits Salz, Rich
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Dang, Quynh
- Re: [TLS] Data volume limits Brian Smith
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Dave Garrett
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Data volume limits Aaron Zauner
- Re: [TLS] Data volume limits Aaron Zauner
- Re: [TLS] Data volume limits Ilari Liusvaara
- Re: [TLS] Data volume limits Samuel Neves
- Re: [TLS] Data volume limits Henrick Wibell Hellström
- Re: [TLS] Data volume limits Ilari Liusvaara
- Re: [TLS] Data volume limits Aaron Zauner
- Re: [TLS] Data volume limits sneves
- Re: [TLS] Data volume limits Aaron Zauner
- Re: [TLS] Data volume limits James Cloos
- Re: [TLS] Data volume limits Samuel Neves
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits Ilari Liusvaara
- Re: [TLS] Data volume limits James Cloos
- Re: [TLS] Data volume limits Watson Ladd
- Re: [TLS] Data volume limits Eric Rescorla
- Re: [TLS] Data volume limits James Cloos
- Re: [TLS] Data volume limits Hubert Kario
- Re: [TLS] Data volume limits Florian Weimer
- Re: [TLS] Data volume limits Florian Weimer
- Re: [TLS] Data volume limits Hubert Kario
- Re: [TLS] Data volume limits Florian Weimer
- Re: [TLS] Data volume limits Benjamin Kaduk
- Re: [TLS] Data volume limits Florian Weimer