Re: [Perc] Magnus Westerlund's Discuss on draft-ietf-perc-double-10: (with DISCUSS and COMMENT)
Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 20 May 2019 07:24 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D4B0120139; Mon, 20 May 2019 00:24:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LstkzpQVNCky; Mon, 20 May 2019 00:24:13 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40079.outbound.protection.outlook.com [40.107.4.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A9F11200D5; Mon, 20 May 2019 00:24:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HBBwoHIDMm/+rmW1d0YlFY6dpYtBv0RJp6M7pbKIXgA=; b=JTT29vrbbPVzE6Ge89x7livAYpvOigjLDIKJCi8bD867xuNIOMVeyFoWGWviCdMET0qmMAII4DC5ZQHQzbH83MHmnfNUmcNMoWk62xUbWRycy38KiESgCDpCBjbWljGZO7JHiC5dPL6w0KVEJ6cMpmwBQFt9pYP1gyf/JJmSd3c=
Received: from HE1PR0701MB2522.eurprd07.prod.outlook.com (10.168.128.149) by HE1PR0701MB2649.eurprd07.prod.outlook.com (10.168.186.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1922.10; Mon, 20 May 2019 07:24:09 +0000
Received: from HE1PR0701MB2522.eurprd07.prod.outlook.com ([fe80::896a:7ada:8bc9:d99d]) by HE1PR0701MB2522.eurprd07.prod.outlook.com ([fe80::896a:7ada:8bc9:d99d%6]) with mapi id 15.20.1922.013; Mon, 20 May 2019 07:24:09 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: Cullen Jennings <fluffy@iii.ca>
CC: The IESG <iesg@ietf.org>, "perc-chairs@ietf.org" <perc-chairs@ietf.org>, "draft-ietf-perc-double@ietf.org" <draft-ietf-perc-double@ietf.org>, "suhasietf@gmail.com" <suhasietf@gmail.com>, "perc@ietf.org" <perc@ietf.org>
Thread-Topic: [Perc] Magnus Westerlund's Discuss on draft-ietf-perc-double-10: (with DISCUSS and COMMENT)
Thread-Index: AQHVC85uMqFQ5/RAl0Cyrib7XAHyUA==
Date: Mon, 20 May 2019 07:24:09 +0000
Message-ID: <HE1PR0701MB2522BE3811FBB03C3846F2EF95060@HE1PR0701MB2522.eurprd07.prod.outlook.com>
References: <155800082724.19580.16483563575859435866.idtracker@ietfa.amsl.com> <65737EA1-49AF-4EB9-AD1F-25157B3F010D@iii.ca>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=magnus.westerlund@ericsson.com;
x-originating-ip: [192.176.1.87]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 86e2fcf8-f33d-4e8b-2869-08d6dcf4265f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:HE1PR0701MB2649;
x-ms-traffictypediagnostic: HE1PR0701MB2649:
x-microsoft-antispam-prvs: <HE1PR0701MB2649A69C9E0CF582A5DF3CAD95060@HE1PR0701MB2649.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 004395A01C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(39860400002)(346002)(136003)(396003)(199004)(189003)(20264003)(99286004)(53546011)(6506007)(446003)(71190400001)(73956011)(7696005)(66946007)(102836004)(66556008)(66446008)(6116002)(476003)(76116006)(66476007)(71200400001)(64756008)(33656002)(256004)(14444005)(3846002)(76176011)(25786009)(68736007)(7736002)(4326008)(9686003)(486006)(54906003)(81166006)(81156014)(8936002)(44832011)(53936002)(14454004)(8676002)(236005)(66066001)(6436002)(55016002)(2906002)(5660300002)(54896002)(478600001)(86362001)(26005)(6246003)(186003)(74316002)(229853002)(52536014)(6916009)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2649; H:HE1PR0701MB2522.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: XKdxv6/LP6K1j18lhdFG9LRnmdJV4oLRjIVA3e37fy1apAnPr6/dipr7FpbtsKryuev74xOPGREDU7nBeqOtUT7EDCYYRYLgIl0UEuG5B35xcK9FgYJD/5IWmTnkAvHBpcSGtFRxea9arUZse0BxYT+Yui2E03rhhluCZCSIsYjbCQ4zD0/v8N0KqQr9oYB+k7tcSojvknVjaxezruKXEFPMU2mfn6U1PFo5fhHbN8801sLAKOod1Q9EMA0UBhZDimG2fzBn9zpRUTcrAEBr3r1pYAlfSPItBRXGeNMw5C6EwF7C1Cimf4hVjskpNJf5K/mqgO99PyrnsCFpdjfmNstouvVpGq9e4zcqk3VFA7xUZkusxmBU56RWsoUwXfFkAlsJinhVc5BJRac03YibVKh8fDc7tvssdz7PtILHRE4=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB2522BE3811FBB03C3846F2EF95060HE1PR0701MB2522_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 86e2fcf8-f33d-4e8b-2869-08d6dcf4265f
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 May 2019 07:24:09.1653 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: magnus.westerlund@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2649
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/5imt75PLyG0GtyhKydevpgfSE2Y>
Subject: Re: [Perc] Magnus Westerlund's Discuss on draft-ietf-perc-double-10: (with DISCUSS and COMMENT)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 May 2019 07:24:16 -0000
Hi Cullen and WG, Implementors, please see question at the end! On 2019-05-17 20:34, Cullen Jennings wrote: 1. Section 5.1: To me it appears that one fundamental security flaw exists in the definition of the inner encryption. That is the fact that RTP padding is not included into the inner encrypted part. This prevents the application of RTP padding to prevent the potential privacy leakage that "Guidelines for the Use of Variable Bit Rate Audio with Secure RTP" (RFC 6562) documents. To prevent this type of information leakage and other privacy preserving operations based on applying RTP padding it would be necessary to include the RTP padding into the inner encrypted envelope. Appendix A figure indicates that is the case, but the process description in 5.1 is not matching that. So my read of 5.1 is that does this. Clearly we need to make the text clear that it does that - what part of the 5.1 makes you think the padding is stripped from the payload ? Perhaps to make it explicitly clear we should change "* Payload: The RTP payload of the original packet” to be "* Payload (including padding) The RTP payload (including passing) of the original packet” Yes, making it explicit is necessary. The payload and the padding are two distinct protocol parts, thus I think using "Including" is not the right way of formulating it. I think it would be clearer to do this: OLD: 3. Form a synthetic RTP packet with the following contents: * Header: The RTP header of the original packet with the following modifications: * The X bit is set to zero * The header is truncated to remove any extensions (i.e., keep only the first 12 + 4 * CC bytes of the header) * Payload: The RTP payload of the original packet NEW: 3. Form a synthetic RTP packet with the following contents: * Header: The RTP header of the original packet with the following modifications: * The X bit is set to zero * The header is truncated to remove any extensions (i.e., keep only the first 12 + 4 * CC bytes of the header) * Payload: The RTP payload of the original packet * Padding: If padding is applied (P=1), include the padding count octet and any padding octets. I would also note that likely the padding need to be explicitly discussed as being applied in the inner stage so that the outer packet generation don't attempt to strip it away if P=1. Otherwise an MD could screw up the packet completely. Actually a question here to the people that has implementation. If P=1 in the RTP header and they apply only the outer part of DOUBLE decryption will their stacks actually attempt to strip an RTP padding off using the OHB config octet as padding byte count? Cheers Magnus Westerlund ---------------------------------------------------------------------- Network Architecture & Protocols, Ericsson Research ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Torshamnsgatan 23 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com> ----------------------------------------------------------------------
- [Perc] Magnus Westerlund's Discuss on draft-ietf-… Magnus Westerlund via Datatracker
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Cullen Jennings
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Magnus Westerlund
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Magnus Westerlund
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Richard Barnes
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Suhas Nandakumar
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Magnus Westerlund
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Richard Barnes
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Magnus Westerlund
- Re: [Perc] Magnus Westerlund's Discuss on draft-i… Richard Barnes