IETF Logo Mail Archive

Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt

Jonathan Lennox <jonathan@vidyo.com> Fri, 06 May 2011 01:29 UTC

Return-Path: <jonathan@vidyo.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B45EBE0759 for <avt@ietfa.amsl.com>; Thu, 5 May 2011 18:29:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.57
X-Spam-Level:
X-Spam-Status: No, score=-2.57 tagged_above=-999 required=5 tests=[AWL=0.029, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ojwmiE1YGIWG for <avt@ietfa.amsl.com>; Thu, 5 May 2011 18:29:29 -0700 (PDT)
Received: from mx1.myoutlookonline.com (mx1.myoutlookonline.com [64.95.72.238]) by ietfa.amsl.com (Postfix) with ESMTP id 438C5E06A5 for <avt@ietf.org>; Thu, 5 May 2011 18:29:29 -0700 (PDT)
Received: from st20.mx1.myoutlookonline.com (localhost [127.0.0.1]) by mx1.myoutlookonline.com (Postfix) with ESMTP id 97FE38BE1C8; Thu, 5 May 2011 21:29:28 -0400 (EDT)
X-Virus-Scanned: by SpamTitan at mail.lan
Received: from HUB024.mail.lan (unknown [10.110.2.1]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mx1.myoutlookonline.com (Postfix) with ESMTPS id 389468BE1C1; Thu, 5 May 2011 21:29:28 -0400 (EDT)
Received: from BE235.mail.lan ([10.110.32.235]) by HUB024.mail.lan ([10.110.17.24]) with mapi; Thu, 5 May 2011 21:28:39 -0400
From: Jonathan Lennox <jonathan@vidyo.com>
To: Qin Wu <sunseawq@huawei.com>
Date: Thu, 05 May 2011 21:29:27 -0400
Thread-Topic: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt
Thread-Index: AcwLjN8rlOnewwcmSKSOoNw5VJ6XUA==
Message-ID: <D85A85CA-DA8A-42E9-95FF-80E851321AED@vidyo.com>
References: <20110328090001.18465.38410.idtracker@localhost> <17CE6EA0-074D-43BD-990F-467F0A8708BD@vidyo.com> <001d01cc0b17$944dc5e0$46298a0a@china.huawei.com> <7D66AF27-F3CD-4E02-849B-DB2D12F60799@vidyo.com> <011e01cc0b8c$883392b0$46298a0a@china.huawei.com>
In-Reply-To: <011e01cc0b8c$883392b0$46298a0a@china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "avt@ietf.org" <avt@ietf.org>
Subject: Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 May 2011 01:29:29 -0000

On May 5, 2011, at 9:25 PM, Qin Wu wrote:

> [Qin]: I agree using the same keystream to encrypt twice  will cause two-time pad security failure issue,
> i.e., first use the keystream to encrypt STRP payload, and then use the same keystream to encrypt 
> header extension elements.
> 
> However if we regard the payload of header extension elements and SRTP payload as a big payload, 
> we only need to use the same keystream to encrypt this big payload once. there is no two-time pad 
> security issue, right?

That's true, but it wouldn't be backward-compatible with existing receivers, which understand SRTP but ignore extension headers they're not familiar with -- the keystream would start in the wrong place.

--
Jonathan Lennox
jonathan@vidyo.com

v2.23.0 | Report a Bug | By Email