Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reopen AEAD limits #246

Closed
yaronf opened this issue Aug 15, 2021 · 5 comments · Fixed by #251
Closed

Reopen AEAD limits #246

yaronf opened this issue Aug 15, 2021 · 5 comments · Fixed by #251
Assignees
@stpeter
Labels
BCP195

Comments

@yaronf
Copy link
Owner

yaronf commented Aug 15, 2021

More detailed analysis in the AEAD limits draft is complicated:

cfrg/draft-irtf-cfrg-aead-limits#40
@yaronf yaronf added the BCP195 label Aug 15, 2021
@yaronf
Copy link
Owner Author

yaronf commented Aug 23, 2021

Or replace the number with a reference to the CFRG draft, assuming they plan to publish it.

@stpeter
Copy link
Collaborator

stpeter commented Aug 23, 2021

I will follow up with the CFRG authors.

@stpeter stpeter self-assigned this Aug 23, 2021
@thomas-fossati
Copy link
Collaborator

I have opened an "help wanted" issue in the AEAD-limits repo.

@yaronf
Copy link
Owner Author

yaronf commented Oct 5, 2021

Given your discussion, I think I'd rather say "the limits for 1.2 are somewhat higher but for consistency, we recommend the same 2^24.5 for both versions." Because if we cite the 2^28 number, people could easily end up using it with TLS 1.3, too. WDYT?

@thomas-fossati
Copy link
Collaborator

thomas-fossati commented Oct 5, 2021
edited
Loading

Sounds like reasonable advice. I don't think there is any existing recommendation about bounds for GCM forgeries in DTLS 1.2 though (i.e., the q =~ 2^28 number). We probably want to add that.

thomas-fossati added a commit that referenced this issue Oct 17, 2021
@thomas-fossati
integrity and confidentiality bounds for TLS 1.2 ciphersuites
fcd0c7e 
Fixes #246
@thomas-fossati thomas-fossati mentioned this issue Oct 17, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stpeter stpeter

Labels
BCP195
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

integrity and confidentiality bounds for TLS 1.2 ciphersuites yaronf/I-D
3 participants
@stpeter @yaronf @thomas-fossati