IETF Logo Mail Archive

[Perc] SSRC splicing attach in perc double when MID/BUNDLE is used (i.e. WebRTC)

Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> Thu, 21 February 2019 17:57 UTC

Return-Path: <sergio.garcia.murillo@gmail.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 200DB131011 for <perc@ietfa.amsl.com>; Thu, 21 Feb 2019 09:57:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aiBs4Cn9j4Kd for <perc@ietfa.amsl.com>; Thu, 21 Feb 2019 09:57:51 -0800 (PST)
Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25124130F99 for <perc@ietf.org>; Thu, 21 Feb 2019 09:57:51 -0800 (PST)
Received: by mail-wr1-x432.google.com with SMTP id i12so31700664wrw.0 for <perc@ietf.org>; Thu, 21 Feb 2019 09:57:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:subject:message-id:date:user-agent:mime-version :content-language; bh=7u5LuoN/ouBsYgUW7mVJrRHi5Ecj449kT7jkyR15V5s=; b=Yah0Ncsjdb88EQ3GkXpveacRciwJJWSA8msOwUYPAKh1dVA8It2LLsRSd8rATNlN+h NgSo9atpPZsBpCDXSH7f79zbrAVKg7YZwPh1sTG278XU5gPDiIDFINEUycsdffRpJiKs EJRFTq9uj0FeJo9dcAaxi+UeZArYNsZEplROMf0aszFfqr5ylgS60qK19BaqqYiONXLz /qH9awhipje6jw35HRsVStvXpzXgXX2iEgyZd/YciT80M6MMqkhj1Hqa0zeGKEpAgY9Q 9bVEFFu8FDwm2gJzxDbrLLyVUhcuApfEol+c0G/RR9QM/R30g5P1TzTqrzFgr/2ulvLZ 5Efw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language; bh=7u5LuoN/ouBsYgUW7mVJrRHi5Ecj449kT7jkyR15V5s=; b=KTSbHYywzrr8yysTTukAxW30a2J+ruubAPLDcpFkFNzPKJwtYtUrSIzby+8BzFT/EY eD+85aCDPM5xzpgJ2yCv66N0jMjNxs4wAJWWP5/5PtUKHkoLYdRQ84tpRsPbkjwhrhdH Y+ZqQbZidebIL668piFVdREczq8k1gaT07lJwTuR6SzYU23naj1viNbLFk2Ylt++maFi gvEmIDj/0kHWRFF+3PRWypVup6f48pbMBTvRAEQff1+52XTepQUZHj8YvCM6XDnjgPgy 3/nj46LMc9y1yYCzMtkslo4whh0rOm13gRCzI7dridZTm5QmbMrnYnVxwcAG5t1aR7w2 6NRA==
X-Gm-Message-State: AHQUAubckjFN5Ur38yLVnicWGdwl4CmIh4pQMZwkbORFqomKNo6YLH5E +re5KWbsT/Yfr3BfjpNAwULtaVyE
X-Google-Smtp-Source: AHgI3IYAJgN+jP/qmpobxYVRL0jJmx7qBfyxbGHc05QEUpzeAcliXwiqyiDb2VA4Pw2h1JxZVf1GQQ==
X-Received: by 2002:adf:8447:: with SMTP id 65mr28117747wrf.328.1550771869249; Thu, 21 Feb 2019 09:57:49 -0800 (PST)
Received: from [192.168.0.111] (37.red-80-28-109.staticip.rima-tde.net. [80.28.109.37]) by smtp.googlemail.com with ESMTPSA id 132sm25028587wmd.27.2019.02.21.09.57.48 for <perc@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 21 Feb 2019 09:57:48 -0800 (PST)
To: "perc@ietf.org" <perc@ietf.org>
From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Message-ID: <91eeccf6-d09e-2542-3d63-18f09ee073ed@gmail.com>
Date: Thu, 21 Feb 2019 19:02:39 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------7B41591198D2DED906317F9E"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/K2jFqTwc249dPmk8rRq8H0WVxxI>
Subject: [Perc] SSRC splicing attach in perc double when MID/BUNDLE is used (i.e. WebRTC)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 17:57:53 -0000

In the media framework it is stated the following regarding SSRC 
splicing attacks:

    The splicing attack is an attack where a Media Distributor receiving
    multiple media sources splices one media stream into the other.  If
    the Media Distributor is able to change the SSRC without the receiver
    having any method for verifying the original source ID, then the
    Media Distributor could first deliver stream A and then later forward
    stream B under the same SSRC as stream A was previously using.  By
    not allowing the Media Distributor to change the SSRC, PERC mitigates
    this attack.

However, if BUNDLE and MID are used, and there is no ssrc signaling done 
in SDP, the following RTP demuxing rules from BUNDLE spec applies:

    If the packet has a MID, and the packet's extended sequence number
    is greater than that of the last MID update, as discussed in
    [RFC7941], Section 4.2.6  <https://tools.ietf.org/html/rfc7941#section-4.2.6>, update the MID associated with the RTP
    stream to match the MID carried in the RTP packet, then update the
    mapping tables to include an entry that maps the SSRC of that RTP
    stream to the "m=" section for that MID.

Given that MID is by definition HBH as it must match the negotiated SDP 
O/A, then the MD could arbitrarily change the MID for an RTP packet and 
associate it with whatever transceiver it wishes, effectively having the 
same effect than the SSRC splicing attack (at least in perc double where 
all participants share the same inner e2e key and there).

Best regards

Sergio

v2.23.0 | Report a Bug | By Email