IETF Logo Mail Archive

Re: [MMUSIC] Review of draft-ietf-mmusic-sdp-bundle-negotiation-32 - Magnus' comments - MID security

Jonathan Lennox <jonathan@vidyo.com> Fri, 07 October 2016 13:32 UTC

Return-Path: <prvs=4088fb606e=jonathan@vidyo.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EAEF1295D5 for <mmusic@ietfa.amsl.com>; Fri, 7 Oct 2016 06:32:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.896
X-Spam-Level:
X-Spam-Status: No, score=0.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_WEB=3.496, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uzKexLbVjkn6 for <mmusic@ietfa.amsl.com>; Fri, 7 Oct 2016 06:32:25 -0700 (PDT)
Received: from mx0b-00198e01.pphosted.com (mx0b-00198e01.pphosted.com [67.231.157.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90F791295D8 for <mmusic@ietf.org>; Fri, 7 Oct 2016 06:32:25 -0700 (PDT)
Received: from pps.filterd (m0073110.ppops.net [127.0.0.1]) by mx0b-00198e01.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id u97DT7UM014309; Fri, 7 Oct 2016 09:32:21 -0400
Received: from mail.vidyo.com ([162.209.16.214]) by mx0b-00198e01.pphosted.com with ESMTP id 25wj2194jt-1 (version=TLSv1 cipher=AES128-SHA bits=128 verify=NOT); Fri, 07 Oct 2016 09:32:20 -0400
Received: from 492132-EXCH1.vidyo.com ([fe80::50:56ff:fe85:4f77]) by 492133-EXCH2.vidyo.com ([fe80::50:56ff:fe85:6b62%13]) with mapi id 14.03.0195.001; Fri, 7 Oct 2016 08:32:19 -0500
From: Jonathan Lennox <jonathan@vidyo.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Thread-Topic: [MMUSIC] Review of draft-ietf-mmusic-sdp-bundle-negotiation-32 - Magnus' comments - MID security
Thread-Index: AQHSIJ7bI6DSyxAykkyV07AZPatBU6CdUQYA
Date: Fri, 07 Oct 2016 13:32:18 +0000
Message-ID: <FEB4A43F-B38F-43C3-A3D7-345C97AC73DC@vidyo.com>
References: <D41C238A.1095B%christer.holmberg@ericsson.com> <71419d1f-af1d-46e9-401d-81c5df73fc49@ericsson.com> <58510E68-A045-4312-B3B3-3468E83C8EB7@iii.ca> <243c777f-46f9-4053-1588-7e6b58a06c8c@ericsson.com>
In-Reply-To: <243c777f-46f9-4053-1588-7e6b58a06c8c@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [160.79.219.114]
Content-Type: multipart/alternative; boundary="_000_FEB4A43FB38F43C3A3D7345C97AC73DCvidyocom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-10-07_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1609300000 definitions=main-1610070233
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/8F5G1cQFPKFCwHgfhdSCinQZtR8>
Cc: Paul Kyzivat <pkyzivat@alum.mit.edu>, mmusic <mmusic@ietf.org>, Cullen Jennings <fluffy@iii.ca>, Christer Holmberg <christer.holmberg@ericsson.com>
Subject: Re: [MMUSIC] Review of draft-ietf-mmusic-sdp-bundle-negotiation-32 - Magnus' comments - MID security
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2016 13:32:27 -0000

On Oct 7, 2016, at 4:41 AM, Magnus Westerlund <magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com>> wrote:

Den 2016-10-06 kl. 23:59, skrev Cullen Jennings:

I'm not getting the problem here and mandating 6904 is not an easy
thing to do.

So, lets be clear on what I have proposed. For bundle in general it is RECOMMENDED to encrypt MIDs in RTP header extensions. I have also proposed that for RTCWeb implementation and use should be mandated. I was not clear in what applies when an WebRTC endpoint talks to a legacy endpoint what is expected here. I guess this is the thorny issue.

RFC 7904 (SDES header extensions) says:


   In RTP sessions where any type of confidentiality protection is
   enabled for RTCP, the SDES item header extensions MUST also be
   protected.  This implies that to provide confidentiality, users of
   the Secure Real-time Transport Protocol (SRTP) need to implement and
   use encrypted header extensions per [RFC6904<https://tools.ietf.org/html/rfc6904>].

This was after a fair bit of back-and-forth with the security ADs.  MID is a 7904 header extension, so I don’t think BUNDLE can override this MUST.


I'm not getting what the issue is here. If mid are random, or are
just a count of n'th m-line in the sdp, what is the problem with
exposing them to people are getting the media?

The issue is that these identifiers are going from having only been visiable in the signalling messages to be visible also on the RTP media plane. And without RFC6904 even if one uses SRTP, these values are exposed. This have several different effects as I see it. So if the generation algorithm are not strictly defined, the implementation gets possible to fingerprint. In addition the device gets to be fingerprinted based on the number of streams offered and their identifiers. Thus, it is not only what is actually used that is exposed, but what was originally offered, i.e. the full offer leaks into unencrypted domain on the media plane. Note, this later can't be dealt with any mid id creation rules, it will still leak. Thus devices that have more exotic configurations when it comes to media streams, i.e. number of cameras etc this can still be fingerprinted by passive attacks from third parties.

It is the passive attack from third parties that has me worried here. A peer in the signalling has massively more powerful fingerprinting, but that requires one to be in the signalling context, not passively observe traffic that goes past.


Cheers

Magnus





On Oct 6, 2016, at 7:39 AM, Magnus Westerlund
<magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com>> wrote:

Den 2016-10-06 kl. 14:49, skrev Christer Holmberg:

Hi,

Magnus suggested usage of RFC 6904 for encryption of the RTP SDES
header extension for MID. I guess it would be a SHUOLD?

In addition, we would say that a corresponding level of security
must be applied to the RTP SDES header extension for MID and to
the RTCP SDES MID item.

Any opinions?

I think this is fine solution to this issue. I would probably
formulate the security considerations like this.

The identfication-tag when included in the RTP MID SDES item,
independent of transport, RTCP SDES packet or RTP header extension,
can expose the value to parties beyond the signaling chain.
Therefore, the identification-tag MUST NOT contain any user related
information. However, the implementation's method for generating
identfication-tags combined with hardware configuration can enable
fingerprinting of the endpoint device and thus its user. As the
identification-tag is also used to route the media stream to the
right application functionality it is also important that the value
received is the one intended by the sender, thus integrity and the
authenticity of the source are important to prevent denial of
service on the application. At least to prevent third parties from
modifying the identification-tag value.

Due to the security risks associated with the MID values in RTP and
RTCP it is strongly RECOMMENDED that the MID SDES item is both
confidentiality protected as well as source authenticated when
transported in either RTCP or RTP header extensions. The security
mechanisms used SHALL provide corresponding levels of security for
both RTP header extensions and RTCP. Confidentiality mechanisms for
RTP/RTCP are discussed in Options for Securing RTP Sessions
[RFC7201], for example SRTP [RFC3711] with SRTCP encryption enabled
combined with [RFC6904] can provide the necessary security
functions.


Cheers

Magnus Westerlund

----------------------------------------------------------------------


Services, Media and Network features, Ericsson Research EAB/TXM
----------------------------------------------------------------------


Ericsson AB                 | Phone  +46 10 7148287
Färögatan 6                 | Mobile +46 73 0949079 SE-164 80
Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com>
----------------------------------------------------------------------



_______________________________________________
mmusic mailing list mmusic@ietf.org<mailto:mmusic@ietf.org>
https://www.ietf.org/mailman/listinfo/mmusic




--

Magnus Westerlund

----------------------------------------------------------------------
Services, Media and Network features, Ericsson Research EAB/TXM
----------------------------------------------------------------------
Ericsson AB                 | Phone  +46 10 7148287
Färögatan 6                 | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com>
----------------------------------------------------------------------

_______________________________________________
mmusic mailing list
mmusic@ietf.org<mailto:mmusic@ietf.org>
https://www.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email