All of lore.kernel.org
 help / color / mirror / Atom feed
From: Harsh Jain <harsh@chelsio.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	Jonathan Cameron <Jonathan.Cameron@huawei.com>,
	Gilad Ben-Yossef <gilad@benyossef.com>,
	Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
	linuxarm@huawei.com
Subject: Re: [PATCH v3 1/4] crypto: AF_ALG AIO - lock context IV
Date: Thu, 15 Feb 2018 17:08:12 +0530	[thread overview]
Message-ID: <558ccbb2-040d-232e-179b-92f0522f4bc2@chelsio.com> (raw)
In-Reply-To: <2417115.3KYcYg1eVS@tauon.chronox.de>



On 15-02-2018 12:47, Stephan Mueller wrote:
> Am Donnerstag, 15. Februar 2018, 08:03:20 CET schrieb Harsh Jain:
>
> Hi Harsh,
>
>> Even after guarantee of serialization, In the end we will get wrong result
>> as mentioned above. which destination side cannot decrypt it. What I feel
>> is scenario of sending 2 of more IOCB in case of AEAD itself is wrong.
> Without the inline IV handling, I would concur.
Even with Inline IV, We will have 2 Auth Tag. can we authenticate the data with 2 Auth Tags?
>
>> We
>> should not allow this type of requests for AEAD.
> "Not allow" as in "technically block"? As a user would only shoot itself when 
> he does that not knowing the consequences, I am not in favor of such an 
> artificial block.
Agreed, It may not be right thing to do, but if we allowed it, What he will do with Auth( each processed with final Block) tags received in each request.

I personally feels AEAD IV serialization logic is incomplete without partial tag support.

>> Can you think of any use
>> case it is going to solve?
> Well, I could fathom a use case of this. In FIPS 140-2 (yes, a term not well 
> received by some here), NIST insists for GCM that the IV is handled by the 
> cryptographic implementation.
>
> So, when using GCM for TLS, for example, the GCM implementation would know a 
> bit about how the IV is updated as a session ID. I.e. after the end of one 
> AEAD operation, the IV is written back but modified such to comply with the 
> rules of some higher level proto. Thus, if such a scenarios is implemented by 
> a driver here, multiple IOCBs could be used with such "TLSified" GCM, for 
> example.
>
> And such "TLSification" could be as simple as implementing an IV generator 
> that can be used with every (AEAD) cipher implementation.
>
>> Can receiver decrypt(with 2 IOCB) the same request successfully without
>> knowing  sender has done the operation in 2 request with size "x" each?
>>> Ciao
>>> Stephan
>
>
> Ciao
> Stephan
>
>

  reply	other threads:[~2018-02-15 11:38 UTC|newest]

Thread overview: 63+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-12 13:21 [RFC] AF_ALG AIO and IV Stephan Mueller
2018-01-15  9:35 ` [PATCH] crypto: AF_ALG - inline IV support Stephan Mueller
2018-01-21 12:14   ` Stephan Müller
2018-01-23 11:02     ` Harsh Jain
2018-01-30  8:27       ` [PATCH] crypto: AF_ALG AIO - lock context IV Stephan Müller
2018-01-30 14:04         ` Stephan Mueller
2018-01-30 15:51         ` Jonathan Cameron
2018-01-31 12:29           ` Jonathan Cameron
2018-02-01  9:35             ` Gilad Ben-Yossef
2018-02-01  9:46               ` Stephan Mueller
2018-02-01 10:06                 ` Gilad Ben-Yossef
2018-02-01 10:15                   ` Stephan Mueller
2018-02-01 10:04               ` Stephan Mueller
2018-02-01 10:07                 ` Gilad Ben-Yossef
2018-02-01 10:25                   ` Jonathan Cameron
2018-02-01 10:55                     ` Harsh Jain
2018-02-07  7:42                     ` [PATCH v2 0/4] crypto: AF_ALG AIO improvements Stephan Müller
2018-02-07  7:43                       ` [PATCH v2 1/4] crypto: AF_ALG AIO - lock context IV Stephan Müller
2018-02-07  7:43                       ` [PATCH v2 2/4] crypto: AF_ALG - inline IV support Stephan Müller
2018-02-07 13:54                         ` Jonathan Cameron
2018-02-07 14:01                           ` Stephan Müller
2018-02-07  7:43                       ` [PATCH v2 3/4] crypto: AF_ALG - allow driver to serialize IV access Stephan Müller
2018-02-07  7:44                       ` [PATCH v2 4/4] crypto: add CRYPTO_TFM_REQ_PARALLEL flag Stephan Müller
2018-02-07 12:48                         ` Stephan Mueller
2018-02-07 15:39                           ` Jonathan Cameron
2018-02-07 15:43                             ` Stephan Mueller
2018-02-07 16:14                               ` Jonathan Cameron
2018-02-07 16:25                                 ` Stephan Mueller
2018-02-07  8:52                       ` [PATCH v2 0/4] crypto: AF_ALG AIO improvements Harsh Jain
2018-02-07 15:37                       ` Jonathan Cameron
2018-02-09 22:02                       ` [PATCH v3 " Stephan Müller
2018-02-09 22:03                         ` [PATCH v3 1/4] crypto: AF_ALG AIO - lock context IV Stephan Müller
2018-02-14  5:43                           ` Harsh Jain
2018-02-14 12:52                             ` Stephan Mueller
2018-02-15  5:30                               ` Harsh Jain
2018-02-15  6:28                                 ` Stephan Mueller
2018-02-15  7:03                                   ` Harsh Jain
2018-02-15  7:17                                     ` Stephan Mueller
2018-02-15 11:38                                       ` Harsh Jain [this message]
2018-02-15 11:45                                         ` Stephan Mueller
2018-02-15 12:45                                           ` Harsh Jain
2018-02-15 13:04                                             ` Stephan Mueller
2018-02-15 13:26                                               ` Jeffrey Walton
2018-02-15 18:09                                               ` Stephan Mueller
2018-02-09 22:03                         ` [PATCH v3 2/4] crypto: AF_ALG - inline IV support Stephan Müller
2018-02-09 22:04                         ` [PATCH v3 3/4] crypto: AF_ALG - allow driver to serialize IV access Stephan Müller
2018-02-09 22:04                         ` [PATCH v3 4/4] crypto: add CRYPTO_TFM_REQ_IV_SERIALIZE flag Stephan Müller
2018-02-14  5:50                           ` Harsh Jain
2018-02-14 12:47                             ` Stephan Mueller
2018-01-22 14:11   ` [PATCH] crypto: AF_ALG - inline IV support Jonathan Cameron
2018-01-22 14:30     ` Stephan Mueller
2018-01-22 14:52       ` Jonathan Cameron
2018-01-15  9:39 ` [RFC] AF_ALG AIO and IV Stephan Mueller
2018-01-15 11:05 ` Jonathan Cameron
2018-01-15 12:07   ` Stephan Mueller
2018-01-15 12:59     ` Jonathan Cameron
2018-01-15 13:15       ` Stephan Mueller
2018-01-15 14:25         ` Jonathan Cameron
2018-01-15 14:31           ` Stephan Mueller
2018-01-15 14:42             ` Jonathan Cameron
2018-01-16  6:28               ` Stephan Mueller
2018-01-16 10:51                 ` Jonathan Cameron
2018-01-15 14:37           ` Jonathan Cameron

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=558ccbb2-040d-232e-179b-92f0522f4bc2@chelsio.com \
    --to=harsh@chelsio.com \
    --cc=Jonathan.Cameron@huawei.com \
    --cc=gilad@benyossef.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linuxarm@huawei.com \
    --cc=smueller@chronox.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.