Describe B&A payload size optimization options #1183
Conversation
| size bucket smaller than `requestSize` then that size will be used instead. | ||
|
|
||
| If the `perBuyerConfig` field is specified and non-empty, the returned encrypted | ||
| blob will be exactly `requestSize` bytes long unless there was an error. If an error |
There was a problem hiding this comment.
As a seller concerned about request size, perBuyerConfig returning the exact requestSize is quite suboptimal. While it's highly desirable to fairly fit multiple buyers on the request, we would prefer to take the min(actual_size, request_size) instead.
Could we satisfy the privacy constraints in a way that better optimizes for streamlined request payload size?
There was a problem hiding this comment.
I agree that returning the exact request size is unfortunate, but returning even a bucketed size leaks significantly more data than we are comfortable with.
One alternative that we considered was allowing the config to be specified out of band per seller, and only allowed to change relatively slowly (preventing the leak from calling the API multiple times with the slightly different parameters). Unfortunately this can be worked around using multiple sellers that have configs that are slightly different. The sellers don't even have to be cooperating because the attack can be completely client-side.
No description provided.