Re: TLS1.3 record padding

Mon, 07 Nov 2022 08:22:37 -0800 

> What kind of padding length customization would you like to see in the JDK?


I may be hesitate to add a new API.  A default random padding could be used 
instead, and might be controlled with a system property (e.g, 
“jdk.tls.client/server.maxRecordPadding” or 
“jdk.tls.client/server.recordPaddingRange”).  If random padding is enable, the 
padding adding/removing should be constant-time.

Xuelei 


> On Nov 7, 2022, at 6:21 AM, Daniel Jeliński <djelins...@gmail.com> wrote:
> 
> Thanks Xuelei and Brad for your replies!
> 
> https://bugs.openjdk.org/browse/JDK-8244983 
> <https://bugs.openjdk.org/browse/JDK-8244983> mentions that random padding 
> could be used to mitigate BREACH attack. I googled for "breach random 
> padding", found 3 similar requests [1] [2] [3] for enhancements, none of them 
> was implemented. Also https://www.breachattack.com/ 
> <https://www.breachattack.com/> does not list TLS record padding as a means 
> to mitigate the attack, presumably because even with random padding the 
> response length will be eventually revealed if the request can be repeated.
> 
> What kind of padding length customization would you like to see in the JDK?
> 
> Daniel
> 
> [1] https://www.drupal.org/project/seckit/issues/2737783 
> <https://www.drupal.org/project/seckit/issues/2737783>
> [2] https://bz.apache.org/bugzilla/show_bug.cgi?id=64434 
> <https://bz.apache.org/bugzilla/show_bug.cgi?id=64434>
> [3] https://trac.nginx.org/nginx/ticket/1977 
> <https://trac.nginx.org/nginx/ticket/1977>
> 
> 
> sob., 5 lis 2022 o 04:01 Bradford Wetmore <bradford.wetm...@oracle.com 
> <mailto:bradford.wetm...@oracle.com>> napisał(a):
> 
> 
> On 11/4/2022 8:58 AM, Xuelei Fan wrote:
> > The padding may be also necessary to prevent from a kind of attacks, 
> > besides hiding the length.  But I cannot recall the details.
> 
> I have a vague recollection of that, but I was thinking it was something 
> pre-1.3.  But I'm not seeing any special padding in the pre-TLSv1.3 
> changeset:
> 
> c7c819cd8bba9f204f23b24a0d788fda61823eb3
> 
> so I may be off in my recollections.
> 
> >  Here is an enhancement 
> > request in JBS (https://bugs.openjdk.org/browse/JDK-8244983 
> > <https://bugs.openjdk.org/browse/JDK-8244983> 
> > <https://bugs.openjdk.org/browse/JDK-8244983 
> > <https://bugs.openjdk.org/browse/JDK-8244983>>), please feel free to take 
> > it.
> 
> Ah yes.
> 
> Brad
>

Reply via email to