RE: Change to padding in encryption -- enabling random access

>> How about a flag in the padding delimiter byte that, if set, means there is no padding in earlier records?

> It was always my thought that this sort of signal could be carried out
> of band even more easily.  Indicating to a random access reader that
> padding is always at the end achieves the goal without increasing
> per-record complexity anywhere.

But an out-of-band signal doesn't sound easy. Maybe the distribution of the key (IKM) could say "no padding will ever be used with this key". But that feels fragile, and is per-key not per-message. Other signals from the web server don't help as the point of an encrypted content-encoding was not to have to trust the web server.

Padding is in-band even when the encryptor doesn't want to use any, so an in-band signal that there is no earlier padding doesn't feel like complexity that is out-of-place.

James Manger

Received on Monday, 30 January 2017 06:05:09 UTC