Re: [Perc] PERC LIte
Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> Wed, 24 May 2017 21:55 UTC
Return-Path: <sergio.garcia.murillo@gmail.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 426BF129B9C for <perc@ietfa.amsl.com>; Wed, 24 May 2017 14:55:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E4ED62AkSbYa for <perc@ietfa.amsl.com>; Wed, 24 May 2017 14:55:30 -0700 (PDT)
Received: from mail-wr0-x22d.google.com (mail-wr0-x22d.google.com [IPv6:2a00:1450:400c:c0c::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BE4D129BF7 for <perc@ietf.org>; Wed, 24 May 2017 14:55:30 -0700 (PDT)
Received: by mail-wr0-x22d.google.com with SMTP id j27so8700716wre.1 for <perc@ietf.org>; Wed, 24 May 2017 14:55:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=vGppwHLs/OysyMOPLoqxqaZcPgfnrxYbAL7pXuBwkM4=; b=IFHctwrh1/h/sV2b1Nx/GfzL4vZ0G/OelupEvuLRIalAjvqVExukPmYDCy1X/wG2xk Z2D6ZsJwdQom2IShhf1xucVtxXRiRazsaOBQuvftM5x50EHfD/b8iKl9ajyojgcfTtt2 XCbr8az+j3Z1mWiWTTuegvKnIHknktet32pLs3+1usSbtsbI2M0lRKBXiQZePA6HsVcc CgII5pOfop5J6/bMh0ukUjuNedgzl03ql5+xAT2tYIprq+8YOEXNzMjxouK1dPaMrqEF zOLi1KrR35N8L0qTTXXWk6MiF6DlzpyYlj/PKiZwQKu/i3D3W50lPYNjoTG5Hd/0rMnm AXpg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=vGppwHLs/OysyMOPLoqxqaZcPgfnrxYbAL7pXuBwkM4=; b=UqGWzFPvkeV6G1PsCBKuf946YFD33zAop4pngfCJezZfUwLinDfNXyyqQpIbS0ReAg BaN0Y1pjVPFB7Z6H4BaCLnBwThM1XWNIl1HI4Jbq+zxQ84RM/eMqMICCetKYMP0wXhZL QCwcuiF8EIo70Uu1C05c2uutaC1eYP0Np2Zt6vSx8l7q4Q8mqUeThUYRumuI8CGqOR8O 1Fp4OleOOV5x1JQ90/CJPKp20ef1Pt5wblvk47KDi3mguCd9su7ZyKN595DxU9jCecT5 QUQ3aTfhwTQhnpT4NHO1fSAUnAeBI0mZBPc3HvOUZEI8QzPeREeFpmT69pFNSo9r7OtV vZaw==
X-Gm-Message-State: AODbwcAWIxIpGzvuqiX1gFkrQSIjIa2qD3tZ70jOuoiUmYGKGDzZpK4t 4uo0CEhtobg6ecfboss=
X-Received: by 10.223.164.9 with SMTP id d9mr19536354wra.91.1495662928141; Wed, 24 May 2017 14:55:28 -0700 (PDT)
Received: from [192.168.0.199] ([193.125.41.240]) by smtp.googlemail.com with ESMTPSA id v22sm3407176wrd.38.2017.05.24.14.55.26 for <perc@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 May 2017 14:55:27 -0700 (PDT)
To: perc@ietf.org
References: <9d1552b8-b69f-ac14-e28b-2905bd5e5692@gmail.com> <CAOW+2dtRYXcnzUnP3cZKKNXJ1FxJPwMw3hmb349KpbLJwQD5FA@mail.gmail.com> <1adbb700-b61e-b283-6e29-ff3b5fd0d5ee@gmail.com> <CAHgZEq46mBQMEcQY-EM36s5_8FWCLJx9nrDo6FX4DA6COmmUYA@mail.gmail.com> <D54B71A7.6E93C%mzanaty@cisco.com>
From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Message-ID: <9c8f493d-74f8-0c65-f660-289df0239d46@gmail.com>
Date: Wed, 24 May 2017 23:55:28 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <D54B71A7.6E93C%mzanaty@cisco.com>
Content-Type: multipart/alternative; boundary="------------4D63525E75FC3450C2DF7DC1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/TBknJPBHVXRqDUNlatMJD61M5-k>
Subject: Re: [Perc] PERC LIte
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2017 21:55:36 -0000
Hi Mo, The key in JS is just for the media cencryption, DTLS/SRTP is setup normally on top, so it is in no way less secure than current DTLS/SRTP. If JS is compromised, and an attacker gets the key, he will still be unable to access the media data as is encrypted HBH by DTLS. To gain access to the media, he would need to get the key AND break HBH DTLS. Also, if JS is compromised, PERC will be defeated completely (any solution) as it could clone all the media streams and sent it to a rogue MD with a different PC. To prevent that is why IdP was introduced into WebRTC, and a similar solution could be done for setting the key (just run a js script from the KD on an independent context and restrict the usage of that stream to the required identity). Anyway, I understand this will be a sensible topic, so I am willing to discuss this in detail. Best regards Sergio On 24/05/2017 23:42, Mo Zanaty (mzanaty) wrote: > Keys in JS app signaling/APIs??? Have we come full circle back to SDES??? > > Seems like PERC lite would weaken not strengthen the security of > DTLS-SRTP / WebRTC apps, if JS can inject keys to ignore DH, defeat > PFS, etc. > > Confused, > Mo > > From: Perc <perc-bounces@ietf.org <mailto:perc-bounces@ietf.org>> on > behalf of Alexandre GOUAILLARD <agouaillard@gmail.com > <mailto:agouaillard@gmail.com>> > Date: Wednesday, May 24, 2017 at 5:14 PM > To: Sergio Murillo <sergio.garcia.murillo@gmail.com > <mailto:sergio.garcia.murillo@gmail.com>> > Cc: "perc@ietf.org <mailto:perc@ietf.org>" <perc@ietf.org > <mailto:perc@ietf.org>>, Bernard Aboba <bernard.aboba@gmail.com > <mailto:bernard.aboba@gmail.com>> > Subject: Re: [Perc] PERC LIte > > bernard, > > Good point. > > i'm discussing with peter T, and proposal for webrtc WG and ORTC CG > API extensions are coming your way this week. Sergio did it at the > PeerConnection level while peter is advocating an Api at the > RTPSender/Receiver level. Of course, the crypto-algorithm needs to be > an input variable as well. > > On Thu, May 25, 2017 at 5:46 AM, Sergio Garcia Murillo > <sergio.garcia.murillo@gmail.com > <mailto:sergio.garcia.murillo@gmail.com>> wrote: > > Hi Bernard, > > Yes, the example API is just the lazy approach I have taken on my > modified chromium, hardcoding the key to AES-GCM 256 so I didn't > have to add an object to the IDL and worry about how to retrieve > later on the c++ code. > > The API should allow to set the key and look more like: > > * > > const pc = new RTCPeerConnection({ > > mediaCrypto : { > > key : 'VEhJUyBJUyBUSEUgMzIgS0VZIFdJVEggMTIgU0FMVCBET1VCTEUgUEVSQyE=', > > suite : 'AEAD_AES_256_GCM' > > } > > });* Anticipating the security comments, I don't expect that to be > the final API for WebRTC, which IMHO should be a similar mechanism > as the one in place for IdP (or even integrated with it), but I > feel that that discussion should take place on the RTCWeb group > and not here. Best regardsSergio > On 24/05/2017 19:56, Bernard Aboba wrote: >> Thanks for posting this. >> Question: In terms of API support, how is the crypto-algorithm >> specified? So far, the proposed API just has the key. >> On Wed, May 24, 2017 at 10:11 AM, Sergio Garcia Murillo >> <sergio.garcia.murillo@gmail.com >> <mailto:sergio.garcia.murillo@gmail.com>> wrote: >> >> Hi all again, >> >> Also to start the discussion about 5), I would like to >> introduce again my proposal for a "PERC Lite" approach. >> >> The main objectives and key points of this proposal are: >> >> * Minimum viable PERC implementation >> * Minimize impact on both endpoints and MD >> * OHB is carried in the RTP payload (Encrypted Payload >> Header). >> * No changes to the DTLS/SRTP code/api/standards >> * No RTP E2E Header extensions >> * RTX/FEC/RED is supported HBH without any change to >> current standards/implementations. >> >> Best regards >> >> Sergio >> >> _______________________________________________ Perc mailing >> list Perc@ietf.org <mailto:Perc@ietf.org> >> https://www.ietf.org/mailman/listinfo/perc >> <https://www.ietf.org/mailman/listinfo/perc> >> > _______________________________________________ Perc mailing list > Perc@ietf.org <mailto:Perc@ietf.org> > https://www.ietf.org/mailman/listinfo/perc > <https://www.ietf.org/mailman/listinfo/perc> > > -- > Alex. Gouaillard, PhD, PhD, MBA > ------------------------------------------------------------------------------------ > President - CoSMo Software Consulting, Singapore > ------------------------------------------------------------------------------------ > sg.linkedin.com/agouaillard <http://sg.linkedin.com/agouaillard> > > * > > _______________________________________________ > Perc mailing list > Perc@ietf.org > https://www.ietf.org/mailman/listinfo/perc
- [Perc] PERC LIte Sergio Garcia Murillo
- Re: [Perc] PERC LIte Bernard Aboba
- Re: [Perc] PERC LIte Sergio Garcia Murillo
- Re: [Perc] PERC LIte Alexandre GOUAILLARD
- Re: [Perc] PERC LIte Mo Zanaty (mzanaty)
- Re: [Perc] PERC LIte Alexandre GOUAILLARD
- Re: [Perc] PERC LIte Alexandre GOUAILLARD
- Re: [Perc] PERC LIte Sergio Garcia Murillo
- Re: [Perc] PERC LIte Richard Barnes
- Re: [Perc] PERC LIte Mo Zanaty (mzanaty)
- Re: [Perc] PERC LIte Sergio Garcia Murillo
- Re: [Perc] PERC LIte Sergio Garcia Murillo