[Wimse] Re: Runtime costs of multiple signatures?
Watson Ladd <watsonbladd@gmail.com> Wed, 24 July 2024 22:16 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: wimse@ietfa.amsl.com
Delivered-To: wimse@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF9BAC169402 for <wimse@ietfa.amsl.com>; Wed, 24 Jul 2024 15:16:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dOYTIzH6ypDB for <wimse@ietfa.amsl.com>; Wed, 24 Jul 2024 15:16:57 -0700 (PDT)
Received: from mail-wm1-x333.google.com (mail-wm1-x333.google.com [IPv6:2a00:1450:4864:20::333]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EDC6C1840D9 for <wimse@ietf.org>; Wed, 24 Jul 2024 15:16:57 -0700 (PDT)
Received: by mail-wm1-x333.google.com with SMTP id 5b1f17b1804b1-4266ed6c691so1900145e9.3 for <wimse@ietf.org>; Wed, 24 Jul 2024 15:16:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721859415; x=1722464215; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=GY1UfnigW5/iykWm65BrUQBGE5jd88ifHMZXanMPcQU=; b=mktqbZCevbulfjPjPsJWZCLs3j6xN0MBa/JzefqyLBUZFgtJXC2Zx/kxRqzykUMW+s rjy7iv2rEnTAi39ORdpWVgL2q7N34h801p9BFP30qTtnUYGDsLuyK9/NtC18TFLoq7sD oKYjvs0MX4r8e5e8eAd0EtJSBsfZr3yKDsZS2n5NRHrgB0PfCfMCe7gf+QSzw/Ynsgdo EPKuUTEj8SI5tgY+Ky0S8pbefFoODCstHVEtHKmYLyV91YUrHUhDY3QU0cKeDYQ+6v/t w0QREQNzsRhNR+Un3M3wHdkzODwwzctq74D4KVggnZSUmsYLPqDQefDtSm9V4rN5C0Oc cghg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721859415; x=1722464215; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GY1UfnigW5/iykWm65BrUQBGE5jd88ifHMZXanMPcQU=; b=LDGY8mruZpF4aKvD1n+h+Y9695rSb6mUgfur/vwKoYNuZ4FBZ8IXPrvS5Rn+6vn06a gRiejNBOpgQEQam265C3n0AU7vAVGx/KJR2xmCfCdzViF92rhDqVlgf8+JIYHKH2Je99 eobsIpWUqUFavOND4b4I7MBPWCSSAjGtRzMOrdvdGuHScKMZxTXDQfT6of5W3nh7Qh4X W6lZ8wJGCmMVTv4vS36e7YkUzgj43p1Krsv8gTJqfUXnISlGGYV4NaNaShNFa1tvynsa b9i3+f2asfKyP6zaCJ5gXtu0EnF90cjrybDqV8Vfc3WUSzJyHkYj51/jZG8cNPYX9rZQ zYPQ==
X-Gm-Message-State: AOJu0Yyuc+8emqtc+ANBocj/5X0pgQ8MhGl7auhkyBgJqBiQkg/7Ka9G /9KH/3lVy1zOLcE9xmc6xwZCSmXcqU4rMm7jMa1GmgoeuOZrmi5gtPFOt4JdxtD0ErjMIFctMgx 0SJgDOIA5Qo/dwjkKASYEk2j5peq0Iw==
X-Google-Smtp-Source: AGHT+IHoeHX7MsXDVXRF4opvT3FQaBmEEoVFYB3Z5x6AQO1/mFBnlywaFDMMdcSeqJcYwrrPz7SisEepFbBkqpbu7ks=
X-Received: by 2002:a05:600c:1990:b0:427:b995:5bd0 with SMTP id 5b1f17b1804b1-42805742ca4mr2242885e9.23.1721859414868; Wed, 24 Jul 2024 15:16:54 -0700 (PDT)
MIME-Version: 1.0
References: <9EFDE84B-77A9-4CB8-8E10-96D6305FD42A@amazon.com>
In-Reply-To: <9EFDE84B-77A9-4CB8-8E10-96D6305FD42A@amazon.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 24 Jul 2024 15:16:43 -0700
Message-ID: <CACsn0cnNQZFV3xefxCOGXKVhD6LNjSovap-39=r-jd7-r1VG-A@mail.gmail.com>
To: "McAdams, Darin" <darinm=40amazon.com@dmarc.ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: VH4SO3Z6NNPYRYNFCGLFC2U2ZIXHF2MY
X-Message-ID-Hash: VH4SO3Z6NNPYRYNFCGLFC2U2ZIXHF2MY
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "wimse@ietf.org" <wimse@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Wimse] Re: Runtime costs of multiple signatures?
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/6vcwS-yqEE9T2gKXy5V7EXaFDoI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
On Wed, Jul 24, 2024 at 2:35 PM McAdams, Darin <darinm=40amazon.com@dmarc.ietf.org> wrote: > > I ran the numbers and we’re on the edge of what (I think) is acceptable, and on a slippery slope. > > Here’s the stats. Consider 4 tokens that could become common in workloads: (1) access_token, (2) WIT token, (3) WPT Token, (4) Txn-Token. Based on the examples in the specs, we’re in the ballpark of ~2K bytes (25% of typical 8K header space), and approaching a millisecond in processing time for all the hashing, signature verification, and JSON parsing. And, that’s the baseline. It would increase further with RAR, or adding richer context to a Txn-Token, and so on. > > The reason I say it’s a slippery slope is because I’m observing a pattern where each WG solves it’s goals by adding 1-2 tokens to a request. Viewed independently, each decision is logical. Cumulatively, it leads to a tragedy of the commons in terms of consuming the shared, finite space in HTTP headers. > > Workloads are especially sensitive to these details due to the scale at which they operate. As a result, I would raise the question whether the working group’s criteria for evaluating solutions should include some reasonable goals on cumulative token sizes and processing time. This may lead us to consider more compact representations of tokens, or perhaps mechanisms to bundle more information under fewer signatures. ECDSA 256 is 53 microseconds to verify on my mac according to openssl speed. 4 of them is 212 microseconds. Where is the other 700 microseconds coming from to get to a millisecond/can we fix this by using more compact formats? Sincerely, Watson -- Astra mortemque praestare gradatim
- [Wimse] Re: Runtime costs of multiple signatures? Yogi Porla
- [Wimse] Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? Watson Ladd
- [Wimse] Re: Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? Dean H. Saxe
- [Wimse] Re: Runtime costs of multiple signatures? Justin Richer
- [Wimse] Re: Runtime costs of multiple signatures? Dean H. Saxe
- [Wimse] Re: Runtime costs of multiple signatures? A.J. Stein
- [Wimse] Re: Runtime costs of multiple signatures? Brian Campbell
- [Wimse] Re: Runtime costs of multiple signatures? Dmitry Izumskiy
- [Wimse] Re: Runtime costs of multiple signatures? Yaron Sheffer