From: Andrew Lunn <andrew@lunn.ch>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: linux-mips@linux-mips.org, Netdev <netdev@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"Dan Lüdtke" <mail@danrl.com>, "Willy Tarreau" <w@1wt.eu>,
"Måns Rullgård" <mans@mansr.com>,
"Hannes Frederic Sowa" <hannes@stressinduktion.org>,
"WireGuard mailing list" <wireguard@lists.zx2c4.com>,
"Greg KH" <gregkh@linuxfoundation.org>,
"Felix Fietkau" <nbd@nbd.name>, "Jiri Benc" <jbenc@redhat.com>,
"David Miller" <davem@davemloft.net>
Subject: Re: Misalignment, MIPS, and ip_hdr(skb)->version
Date: Sun, 11 Dec 2016 16:30:27 +0100 [thread overview]
Message-ID: <20161211153027.GD29761@lunn.ch> (raw)
In-Reply-To: <CAHmME9q5ifwwishXjXYE3J=sVeR4jYY9fLUgs_FHCP594EZr6g@mail.gmail.com>
> 3. Add 3 bytes of padding, set to zero, to the encrypted section just
> before the IP header, marked for future use.
> Pros: satisfies IETF mantras, can use those extra bits in the future
> for interesting protocol extensions for authenticated peers.
> Cons: lowers MTU, marginally more difficult to implement but still
> probably just one or two lines of code.
I'm not a crypto expert, but does this not give you a helping hand in
breaking the crypto? You know the plain text value of these bytes, and
where they are in the encrypted text.
Andrew
WARNING: multiple messages have this Message-ID (diff)
From: Andrew Lunn <andrew@lunn.ch>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: linux-mips@linux-mips.org, "Måns Rullgård" <mans@mansr.com>,
LKML <linux-kernel@vger.kernel.org>,
"Jiri Benc" <jbenc@redhat.com>,
"David Miller" <davem@davemloft.net>,
"Hannes Frederic Sowa" <hannes@stressinduktion.org>,
Netdev <netdev@vger.kernel.org>, "Willy Tarreau" <w@1wt.eu>,
"WireGuard mailing list" <wireguard@lists.zx2c4.com>,
"Felix Fietkau" <nbd@nbd.name>
Subject: Re: Misalignment, MIPS, and ip_hdr(skb)->version
Date: Sun, 11 Dec 2016 16:30:27 +0100 [thread overview]
Message-ID: <20161211153027.GD29761@lunn.ch> (raw)
In-Reply-To: <CAHmME9q5ifwwishXjXYE3J=sVeR4jYY9fLUgs_FHCP594EZr6g@mail.gmail.com>
> 3. Add 3 bytes of padding, set to zero, to the encrypted section just
> before the IP header, marked for future use.
> Pros: satisfies IETF mantras, can use those extra bits in the future
> for interesting protocol extensions for authenticated peers.
> Cons: lowers MTU, marginally more difficult to implement but still
> probably just one or two lines of code.
I'm not a crypto expert, but does this not give you a helping hand in
breaking the crypto? You know the plain text value of these bytes, and
where they are in the encrypted text.
Andrew
next prev parent reply other threads:[~2016-12-11 15:30 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-07 18:35 Misalignment, MIPS, and ip_hdr(skb)->version Jason A. Donenfeld
2016-12-07 18:47 ` Dave Taht
2016-12-07 18:47 ` Dave Taht
2016-12-07 18:51 ` David Miller
2016-12-07 18:51 ` David Miller
2016-12-07 18:54 ` Jason A. Donenfeld
2016-12-07 18:54 ` Jason A. Donenfeld
2016-12-07 19:52 ` David Miller
2016-12-07 19:52 ` David Miller
2016-12-08 0:29 ` Jason A. Donenfeld
2016-12-08 0:29 ` Jason A. Donenfeld
2016-12-08 0:37 ` David Miller
2016-12-08 0:37 ` David Miller
2016-12-08 22:20 ` Jason A. Donenfeld
2016-12-08 22:20 ` Jason A. Donenfeld
2016-12-08 23:14 ` David Miller
2016-12-08 23:14 ` David Miller
2016-12-11 8:07 ` Willy Tarreau
2016-12-11 8:07 ` Willy Tarreau
2016-12-11 10:47 ` Måns Rullgård
2016-12-11 10:47 ` Måns Rullgård
2016-12-10 12:25 ` Felix Fietkau
2016-12-10 12:25 ` Felix Fietkau
2016-12-10 13:25 ` Måns Rullgård
2016-12-10 13:25 ` Måns Rullgård
2016-12-10 13:25 ` Måns Rullgård
2016-12-10 20:09 ` Felix Fietkau
2016-12-10 20:09 ` Felix Fietkau
2016-12-10 20:32 ` Måns Rullgård
2016-12-10 20:32 ` Måns Rullgård
2016-12-10 20:32 ` Måns Rullgård
2016-12-10 20:36 ` Felix Fietkau
2016-12-10 20:36 ` Felix Fietkau
2016-12-10 20:36 ` Felix Fietkau
2016-12-12 16:19 ` David Laight
2016-12-12 16:19 ` David Laight
2016-12-12 16:31 ` Måns Rullgård
2016-12-12 16:31 ` Måns Rullgård
2016-12-12 16:31 ` Måns Rullgård
2016-12-12 16:31 ` Måns Rullgård
2016-12-08 0:30 ` Hannes Frederic Sowa
2016-12-08 4:34 ` Daniel Kahn Gillmor
2016-12-09 11:26 ` Jiri Benc
2016-12-09 11:26 ` Jiri Benc
2016-12-10 22:18 ` Dan Lüdtke
2016-12-10 22:18 ` Dan Lüdtke
2016-12-10 22:18 ` Dan Lüdtke
2016-12-10 22:18 ` Dan Lüdtke
2016-12-11 7:15 ` Greg KH
2016-12-11 7:15 ` Greg KH
2016-12-11 14:50 ` Jason A. Donenfeld
2016-12-11 14:50 ` Jason A. Donenfeld
2016-12-11 15:30 ` Andrew Lunn [this message]
2016-12-11 15:30 ` Andrew Lunn
2016-12-11 15:37 ` Jason A. Donenfeld
2016-12-11 15:37 ` Jason A. Donenfeld
2016-12-11 16:44 ` Willy Tarreau
2016-12-11 16:44 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161211153027.GD29761@lunn.ch \
--to=andrew@lunn.ch \
--cc=Jason@zx2c4.com \
--cc=davem@davemloft.net \
--cc=gregkh@linuxfoundation.org \
--cc=hannes@stressinduktion.org \
--cc=jbenc@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=mail@danrl.com \
--cc=mans@mansr.com \
--cc=nbd@nbd.name \
--cc=netdev@vger.kernel.org \
--cc=w@1wt.eu \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.