IETF Logo Mail Archive

Re: [Perc] Magnus Westerlund's Discuss on draft-ietf-perc-double-10: (with DISCUSS and COMMENT)

Richard Barnes <rlb@ipv.sx> Thu, 29 August 2019 13:50 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9932212007C for <perc@ietfa.amsl.com>; Thu, 29 Aug 2019 06:50:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ox7Y9YQuEUjK for <perc@ietfa.amsl.com>; Thu, 29 Aug 2019 06:50:35 -0700 (PDT)
Received: from mail-oi1-x230.google.com (mail-oi1-x230.google.com [IPv6:2607:f8b0:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96371120071 for <perc@ietf.org>; Thu, 29 Aug 2019 06:50:35 -0700 (PDT)
Received: by mail-oi1-x230.google.com with SMTP id l2so2613034oil.0 for <perc@ietf.org>; Thu, 29 Aug 2019 06:50:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Nkcf6IS4VPV5sPNELUmSN1B0RqgM+ar2wCELsMUb36E=; b=RiZjlDWtYCgZl2fDN59KmurOd1wpCSOMuYfBYXiYu+xB6uNl43lxMJbTAEtwsL25R4 PpFqoGf5gZouujp0aZSmb7s3GYk3QFHNmAwhVjmzt6M9cHqp4We5eu5q5+JvgVFldr1d 0nJs8lScbijb+iqPzpmvuUaVOZol2CPWGSerKbedEbxMAxzh/a8k62yJOeDWkp/ShnbH aUo55vMNHk8ckgFk08RZriMTmyMX31rJv7oFb9KSf8lQLNKLgrndQDtZ0hz7RepsPK26 cNZhT3+amoQDxfg6fm9FDp6e3pPQtjVOTxeampK4kEIXBJeLZC+ClmA3oWXR6iJU3nI5 hNqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Nkcf6IS4VPV5sPNELUmSN1B0RqgM+ar2wCELsMUb36E=; b=Y023u753RVNS3DmmSAhXAxFoD0gSUyKk4pGG3DKzxA8O1GMWQvHYaLHGEbF7iVNM1e gg+w7OwRbtZlmJZtOE899CqsUj0pTWc6kKrjziaHIhlhTf3gyINXVmZFa28hOZVvZynG uhZYp0AHvPBCo5+oqHWIYe1LCQIckVbKbZL5VXaRe/8z6yETI1f7yHJRTblZ7NEr5JvR raZdf+vWu5zIODoNIyswvad86CelnP4TiB/bhdI+FemgowY3lTdwzWmAhKIvd7FRUtYt sdbU2/CqUjlNKYpL6hKoBVpciTfZZvQBj2jtZX4eo/IdFtOSFsc/r+zx4Ex7iG8dmohI YiOA==
X-Gm-Message-State: APjAAAU/JcvmpiN/31nFEx6aoAZ+XWpz3YkFBzCBqIcVAU6UfG0XLnCp aU7AM0AZwiduDFlNUCKBbVOXVCtXf4WvGZXfyWRZ9w==
X-Google-Smtp-Source: APXvYqxMj9wgaSbQQDSd0hV7iaF7gQHtZo5iRpScRjQHHJYrnzzFNm03+zIhxOjltIIcW869ZpIeH8gAh3n5kbKyf8M=
X-Received: by 2002:aca:4f15:: with SMTP id d21mr6352381oib.36.1567086634507; Thu, 29 Aug 2019 06:50:34 -0700 (PDT)
MIME-Version: 1.0
References: <155800082724.19580.16483563575859435866.idtracker@ietfa.amsl.com> <65737EA1-49AF-4EB9-AD1F-25157B3F010D@iii.ca> <HE1PR0701MB25220714DB8E5AE970E0FDFA95DA0@HE1PR0701MB2522.eurprd07.prod.outlook.com> <CAL02cgTf9sMonRFG1qi9pLxuK8ruvxUStdcju8JU_9+5Kty53w@mail.gmail.com> <CAMRcRGT-izdwyuLX+kiPL5q5TnhoTKGw_9OJSvkDQo59JujS6w@mail.gmail.com> <5cec79c71d859aa95e352824320ad261f8525916.camel@ericsson.com>
In-Reply-To: <5cec79c71d859aa95e352824320ad261f8525916.camel@ericsson.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 29 Aug 2019 09:50:13 -0400
Message-ID: <CAL02cgRRckXWtuA_dnOLz7mvWEeDetW+2dqq5+sDBraDFLqqZg@mail.gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Cc: "suhasietf@gmail.com" <suhasietf@gmail.com>, "perc@ietf.org" <perc@ietf.org>, "perc-chairs@ietf.org" <perc-chairs@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-perc-double@ietf.org" <draft-ietf-perc-double@ietf.org>, "fluffy@iii.ca" <fluffy@iii.ca>
Content-Type: multipart/alternative; boundary="0000000000002eb91a059141ca5e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/StKuINlx5DVB10A2Y4rPETvkM30>
Subject: Re: [Perc] Magnus Westerlund's Discuss on draft-ietf-perc-double-10: (with DISCUSS and COMMENT)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Aug 2019 13:50:39 -0000

Easy enough.  I think RFC 3711 is clear enough, but if you want it to be
more explicit, so it shall be.  I just copied over the language from 3711.

https://github.com/ietf/perc-wg/pull/174



On Thu, Aug 29, 2019 at 5:50 AM Magnus Westerlund <
magnus.westerlund@ericsson.com> wrote:

> Hi,
> Hi,
>
>
> Back from vacation.
>
> No Richards explanation doesn't help. Section 5.1 contains a normative
> description of how to create a synthetic packet. That description is
> not expplicit that the padding shall be part of the information that is
> included. Thus, implicitly the described procedure forbidds padding.
> Per RFC 3550 the padding is not part of the payload thus the need for
> being explicit about that the padding is to be included here.
>
> My suggestion is still that the following bullet:
>
>  *  Payload: The RTP payload of the original packet
>
> Is changes to be explicit that padding is to be included:
>
> "* Payload: The RTP payload (including
>    padding) of the original packet”
>
> Any other way that makes it explcit that the origianl packets padding
> is to be included is fine by me. But it does need to be explcit.
>
> Cheers
>
> Magnus
>
> On Fri, 2019-08-16 at 07:46 -0700, Suhas Nandakumar wrote:
> > Hey Magnus
> >
> >    Wondering if Richard's response answers your question?
> >
> > Thanks
> > Suhas
> >
> > On Mon, Aug 5, 2019 at 7:48 AM Richard Barnes <rlb@ipv.sx> wrote:
> > > Hey Magnus,
> > >
> > > Sorry, should have responded on Point 1.  I think you're just
> > > mistaken on that point.  Padding is included within the inner
> > > encryption.  The double transform is an SRTP transform like any
> > > other; outside of the SRTP stack, there is no "inner" or "outer",
> > > just the same old protect and unprotect.  So padding works the same
> > > as it does with any other SRTP transform.
> > >
> > > Was there some text in the document that gave you the impression
> > > that padding was not included under the inner encryption?  The only
> > > mention of padding I see in the document is in the figure in
> > > Appendix A [1], where the padding is correctly shown to be within
> > > the inner encryption.  Happy to clarify if you have some
> > > suggestions for how.
> > >
> > > --Richard
> > >
> > > [1]
> > > https://tools.ietf.org/html/draft-ietf-perc-double-11#appendix-A
> > >
> > > On Mon, Aug 5, 2019 at 2:32 AM Magnus Westerlund <
> > > magnus.westerlund@ericsson.com> wrote:
> > > > Hi,
> > > >
> > > > Sorry, I missed when this update was submitted, thanks for the
> > > > reminder.
> > > >
> > > > The new version addresses most of my discuss, but missed to do
> > > > anything about point 1 below.
> > > >
> > > > Otherwise it appears to address my discuss points. How do you
> > > > want to resolve it?
> > > >
> > > > Cheers
> > > >
> > > > Magnus Westerlund
> > > >
> > > > > -----Original Message-----
> > > > > From: Cullen Jennings <fluffy@iii.ca>
> > > > > Sent: den 17 maj 2019 20:34
> > > > > To: Magnus Westerlund <magnus.westerlund@ericsson.com>
> > > > > Cc: The IESG <iesg@ietf.org>; perc-chairs@ietf.org; draft-ietf-
> > > > perc-
> > > > > double@ietf.org; suhasietf@gmail.com; perc@ietf.org
> > > > > Subject: Re: [Perc] Magnus Westerlund's Discuss on draft-ietf-
> > > > perc-double-
> > > > > 10: (with DISCUSS and COMMENT)
> > > > >
> > > > > >
> > > > > > 1. Section 5.1:
> > > > > >
> > > > > > To me it appears that one fundamental security flaw exists in
> > > > the
> > > > > > definition of the inner encryption. That is the fact that RTP
> > > > padding
> > > > > > is not included into the inner encrypted part. This prevents
> > > > the
> > > > > > application of RTP padding to prevent the potential privacy
> > > > leakage
> > > > > > that "Guidelines for the Use of Variable Bit Rate Audio with
> > > > Secure
> > > > > > RTP" (RFC 6562) documents. To prevent this type of
> > > > information leakage
> > > > > > and other privacy preserving operations based on applying RTP
> > > > padding
> > > > > > it would be necessary to include the RTP padding into the
> > > > inner
> > > > > > encrypted envelope. Appendix A figure indicates that is the
> > > > case, but the
> > > > > process description in 5.1 is not matching that.
> > > > > >
> > > > >
> > > > > So my read of 5.1 is that does this. Clearly we need to make
> > > > the text clear
> > > > > that it does that - what part of the 5.1 makes you think the
> > > > padding is
> > > > > stripped from the  payload ?
> > > > >
> > > > > Perhaps to make it explicitly clear we should change
> > > > >
> > > > > "* Payload: The RTP payload of the original packet”
> > > > >
> > > > > to be
> > > > >
> > > > > "* Payload (including padding) The RTP payload (including
> > > > passing) of the
> > > > > original packet”
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> --
> Cheers
>
> Magnus Westerlund
>
>
> ----------------------------------------------------------------------
> Network Architecture & Protocols, Ericsson Research
> ----------------------------------------------------------------------
> Ericsson AB                 | Phone  +46 10 7148287
> Torshamnsgatan 23           | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
>
>

v2.23.0 | Report a Bug | By Email