Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt
Jonathan Lennox <jonathan@vidyo.com> Thu, 05 May 2011 15:34 UTC
Return-Path: <jonathan@vidyo.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A086E08B9 for <avt@ietfa.amsl.com>; Thu, 5 May 2011 08:34:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.566
X-Spam-Level:
X-Spam-Status: No, score=-2.566 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bpz3kBWKFMRW for <avt@ietfa.amsl.com>; Thu, 5 May 2011 08:34:39 -0700 (PDT)
Received: from mx1.myoutlookonline.com (mx1.myoutlookonline.com [64.95.72.238]) by ietfa.amsl.com (Postfix) with ESMTP id D2928E0775 for <avt@ietf.org>; Thu, 5 May 2011 08:34:38 -0700 (PDT)
Received: from st23.mx1.myoutlookonline.com (localhost [127.0.0.1]) by mx1.myoutlookonline.com (Postfix) with ESMTP id D5250416EFE; Thu, 5 May 2011 11:34:37 -0400 (EDT)
X-Virus-Scanned: by SpamTitan at mail.lan
Received: from HUB028.mail.lan (unknown [10.110.2.1]) by mx1.myoutlookonline.com (Postfix) with ESMTP id 80623416ECE; Thu, 5 May 2011 11:34:21 -0400 (EDT)
Received: from BE235.mail.lan ([10.110.32.235]) by HUB028.mail.lan ([10.110.17.28]) with mapi; Thu, 5 May 2011 11:33:09 -0400
From: Jonathan Lennox <jonathan@vidyo.com>
To: Qin Wu <sunseawq@huawei.com>
Date: Thu, 05 May 2011 11:34:20 -0400
Thread-Topic: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt
Thread-Index: AcwLObyfA+1hTHBqQgeYOo7ibaJF4g==
Message-ID: <7D66AF27-F3CD-4E02-849B-DB2D12F60799@vidyo.com>
References: <20110328090001.18465.38410.idtracker@localhost> <17CE6EA0-074D-43BD-990F-467F0A8708BD@vidyo.com> <001d01cc0b17$944dc5e0$46298a0a@china.huawei.com>
In-Reply-To: <001d01cc0b17$944dc5e0$46298a0a@china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "avt@ietf.org" <avt@ietf.org>
Subject: Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 May 2011 15:34:40 -0000
On May 5, 2011, at 7:28 AM, Qin Wu wrote: > Some fairly minor comments below. Overall I think the document provides useful mechanism to deal with tradeoff between RTP header extension encryption and RTP header > compression efficiency when we use multiple header extension. That's good to hear! Responses inline. > Section 3 Encryption Mechanism > " > To encrypt (or decrypt) an encrypted extension header, an SRTP > participant first generates a keystream for the SRTP extension > header. This keystream is generated in the same manner as the > encryption keystream for the corresponding SRTP payload, except the > the SRTP encryption and salting keys k_e and k_s are replaced by the > keys k_he and k_hs, respectively. > " > [Qin]: Is it possible to use the same keystream and crypto-suite for SRTP payload > to provide encryption for the payload of header extension element? > What's the benefit to choose the different keystream and crypto-suite for header extension elements? > Can we say the same keystream and crypto-suite for SRTP payload can be applied to header extension elements? It definitely uses the same cryptosuite, but it can't be the same keystream -- if the payload and the extension elements are encrypted with the same keystream, you have a two-time-pad security failure. In principle you could use a different region of the same keystream, but there's no obvious way to do that in a way that's backward-compatible with existing SRTP. Since SRTP implementations are already generating six separate keys based on the master key (encryption, salting, and authentication for both RTP and RTCP) and two keystreams (for RTP and RTCP), adding two additional keys and one additional keystream doesn't seem like a particularly large implementation burden. > Section 4: > " > Encrypted header extension elements are signaled in the SDP extmap > attribute, using the URI "urn:ietf:params:rtp-hdrext:encrypt", > followed by the URI of the header extension element being encrypted > as well as any extensionattributes that extension normally takes. > " > [Qin]: Are you going to define new URI for Encryption of Header Extensions or use existing URI? The intention is that the new URI you quoted specifies generic encryption, and the extmap attribute takes as a parameter the existing URI describing the header being encrypted. For example, encrypted SMPTE timecodes would be described as: a=extmap:1 urn:ietf:params:rtp-hdrext:encrypt urn:ietf:params:rtp-hdrext:smpte-tc 25@600/24 > Section 4: > > [Qin]: If one header extension has three elements, > a) the header extension and elements header will not be encrypted, only payload of each elements need encryption > b) or both elements header and elements payload will be encrypted? > I believe it is former. That's correct. > [Qin]: If the number of header extension element included in each RTP packet changes during a stream, e.g., Firstly three header extension elements > to be encrypted carried in the first RTP packet are sent to the receiver, and then, two header extension elements carried in > the second RTP packet are sent to the same receiver, is the receiver aware of this change and choosing the right encryption mask? How? > based on non-encrypted header? The header extension elements are identified by the (unencrypted) header extension element headers, and you know based on the SDP which ones are encrypted. Thus, the encryption mask can be computed on a packet-by-packet basis. > [Qin]: If there are no payload for header extension elements, i.e., the length of header extension elements is zero, the mechanism described in this document > does not apply to this case, right? For the one-byte-header form of header extension elements (0xBEDE), RFC 5285 doesn't support zero-length header extension elements, so it's moot. For the two-byte-header form of header extension elements (0x100x), indeed this mechanism doesn't apply to zero-length extension elements. The mechanism also doesn't apply to the long-form extension's app bits (the unspecified four bits of the "specified by profile" field). > Regards! > -Qin > ----- Original Message ----- > From: "Jonathan Lennox" <jonathan@vidyo.com> > To: <avt@ietf.org> > Sent: Monday, March 28, 2011 5:08 PM > Subject: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt > > > Hello, all -- > > I've updated my draft on encrypting RTP header extensions, targeting the draft at the AVTCore WG, in the hope that the group will find it a suitable starting point for the WG milestone. > > This version of the draft has no substantial changes from draft-lennox-avt-srtp-encrypted-extension-headers-02, only the name change and some reference updates. > > Begin forwarded message: > >> From: "Internet-Drafts@ietf.org" <Internet-Drafts@ietf.org> >> Date: March 28, 2011 11:00:01 AM GMT+02:00 >> To: "i-d-announce@ietf.org" <i-d-announce@ietf.org> >> Subject: I-D Action:draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt >> Reply-To: "internet-drafts@ietf.org" <internet-drafts@ietf.org> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> >> Title : Encryption of Header Extensions in the Secure Real-Time Transport Protocol (SRTP) >> Author(s) : J. Lennox >> Filename : draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt >> Pages : 8 >> Date : 2011-03-28 >> >> The Secure Real-Time Transport Protocol (SRTP) provides >> authentication, but not encryption, of the headers of Real-Time >> Transport Protocol (RTP) packets. However, RTP header extensions may >> carry sensitive information for which participants in multimedia >> sessions want confidentiality. This document provides a mechanism, >> extending the mechanisms of SRTP, to selectively encrypt RTP header >> extensions in SRTP. >> >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-lennox-avtcore-srtp-encrypted-header-ext-00.txt >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> Below is the data which will enable a MIME compliant mail reader >> implementation to automatically retrieve the ASCII version of the >> Internet-Draft. >> -- Jonathan Lennox jonathan@vidyo.com
- [AVTCORE] Fwd: I-D Action:draft-lennox-avtcore-sr… Jonathan Lennox
- Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcor… Qin Wu
- Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcor… Jonathan Lennox
- Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcor… Qin Wu
- Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcor… Jonathan Lennox
- Re: [AVTCORE] Fwd: I-D Action:draft-lennox-avtcor… Qin Wu