Re: Secdir last call review of draft-ietf-httpbis-encryption-encoding-08

On 6 April 2017 at 06:47, Robert Sparks <rjsparks(_at_)nostrum(_dot_)com> wrote:


My only concern is that the document suggests it would be ok to use a
counter to provide a unique salt value
for each message. I suspect that provides the kind of information leak
the draft discusses avoiding.


Hi Robert, can you explain what sort of leakage you are concerned
about?  I mean, I can understand how you could construct the sequence
of resources that were encrypted using a counter for the salt, but I
don't know what that might imply.

That said, I think that the counter thing can be removed.  We require
128 bits of salt, which is a space that is large enough to select
randomly from in perpetuity.

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Secdir last call review of draft-ietf-httpbis-encryption-encoding-08, Robert Sparks

Next by Date:

Artart telechat review of draft-ietf-alto-multi-cost-08, Martin Thomson

Previous by Thread:

Secdir last call review of draft-ietf-httpbis-encryption-encoding-08, Robert Sparks

Next by Thread:

Re: Secdir last call review of draft-ietf-httpbis-encryption-encoding-08, Robert Sparks

Indexes:

[Date] [Thread] [Top] [All Lists]