[openssl-project] Potentially adding TLS record header to TLS 1.3 AAD
Benjamin Kaduk
kaduk at mit.edu
Mon Feb 26 21:28:16 UTC 2018
On Mon, Feb 26, 2018 at 12:33:20PM +0000, Matt Caswell wrote:
>
>
> On 24/02/18 18:57, Benjamin Kaduk wrote:
> > Hi all,
> >
> > There's a pull request open against the TLS 1.3 spec to include the
> > record header in the AAD for record protection
> > (https://github.com/tlswg/tls13-spec/pull/1158). We're somewhat on
> > the fence about this, with the main advantage seeming to be for DTLS
> > and not plain TLS, but it would probably still be useful to have
> > some sense for how hard it would be to implement. Matt, do you have
> > any thoughts off the top of your head?
>
> I've looked into this. And because I can't put this stuff down I played
> around to see what it would take to implement it:
Thank you!
-Ben
> https://github.com/mattcaswell/openssl/commit/46494d3056fdfb9416b3585c8a5430e53abe0a58
>
> It's quite straight forward really. The above commit still leaves a
> couple of test failures there - but I went far enough to prove the
> concept. The test failures just need a bit more time to solve (one is
> something to do with the way I set up AAD for CCM ciphersuites; and the
> other is that the TLSv1.3 encryption test vectors need updating).
>
> Matt
>
More information about the openssl-project
mailing list