Re: [Cfrg] possibly dumb question about the opus codec and padding

Russ Housley <housley@vigilsec.com> Wed, 06 June 2012 15:57 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56F8921F86A2 for <cfrg@ietfa.amsl.com>; Wed, 6 Jun 2012 08:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.575
X-Spam-Level:
X-Spam-Status: No, score=-102.575 tagged_above=-999 required=5 tests=[AWL=0.024, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D-y-yWCzo9ua for <cfrg@ietfa.amsl.com>; Wed, 6 Jun 2012 08:57:36 -0700 (PDT)
Received: from odin.smetech.net (mail.smetech.net [208.254.26.82]) by ietfa.amsl.com (Postfix) with ESMTP id B752A21F8618 for <cfrg@irtf.org>; Wed, 6 Jun 2012 08:57:36 -0700 (PDT)
Received: from localhost (unknown [208.254.26.81]) by odin.smetech.net (Postfix) with ESMTP id D5CBBF2403B; Wed, 6 Jun 2012 11:57:52 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([208.254.26.82]) by localhost (ronin.smetech.net [208.254.26.81]) (amavisd-new, port 10024) with ESMTP id SItUoU-nKEbA; Wed, 6 Jun 2012 11:57:15 -0400 (EDT)
Received: from [192.168.2.110] (pool-96-255-37-161.washdc.fios.verizon.net [96.255.37.161]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 0E21BF2403A; Wed, 6 Jun 2012 11:57:51 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <4FCF6F34.1040302@cs.tcd.ie>
Date: Wed, 06 Jun 2012 11:57:31 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <610BE690-1A25-45A6-A1AE-65F569992484@vigilsec.com>
References: <4FCF6F34.1040302@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.1084)
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] possibly dumb question about the opus codec and padding
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jun 2012 15:57:37 -0000

I'd encourage the documentation of the concerns with known plaintext (the zero pad) and a poor stream cipher.  It seems like a simple sentence or two in the Security Considerations section.

Russ


On Jun 6, 2012, at 10:54 AM, Stephen Farrell wrote:

> 
> Hiya,
> 
> I'm reviewing the opus codec spec [1] for this week's
> IESG telechat.
> 
> On p20, they say to zero out padding bits to avoid a covert
> channel.
> 
> Now I don't know how often that might happen, nor for how
> many bits (its a complicated beast;-) but I wondered if
> there's a possible problem there if the resulting encoded
> bits are stream-enciphered with a not-quite-good-enough
> cipher and for whatever reason there's a lot of padding.
> 
> I could ask 'em to say "pad randomly if these may be
> stream enciphered since you can hide the covert channel
> in the ciphertext nicely in any case" but it may be
> hard to know from within the codec if a stream cipher
> will be used elsewhere in the stack. Or, perhaps I
> could suggest they add a warning that these zero'd
> padding bits would be problematic if you use a crap
> stream cipher, but then that's motherhood/apple-pie
> and would be ignored, buried as it is within the bowels
> of a 331 page spec.
> 
> Any thoughts? (Most usefully before 1530 UTC tomorrow:-)
> 
> Ta,
> S.
> 
> [1] http://tools.ietf.org/html/draft-ietf-codec-opus-14