- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 6 Apr 2017 08:32:42 +1000
- To: Robert Sparks <rjsparks@nostrum.com>
- Cc: "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-httpbis-encryption-encoding.all@ietf.org, "ietf@ietf.org" <ietf@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
On 6 April 2017 at 06:47, Robert Sparks <rjsparks@nostrum.com> wrote: > > My only concern is that the document suggests it would be ok to use a > counter to provide a unique salt value > for each message. I suspect that provides the kind of information leak > the draft discusses avoiding. Hi Robert, can you explain what sort of leakage you are concerned about? I mean, I can understand how you could construct the sequence of resources that were encrypted using a counter for the salt, but I don't know what that might imply. That said, I think that the counter thing can be removed. We require 128 bits of salt, which is a space that is large enough to select randomly from in perpetuity.
Received on Wednesday, 5 April 2017 22:33:14 UTC