Re: [rtcweb] Require/Suggest AEAD GCM for SRTP
Sean DuBois <sean@pion.ly> Thu, 11 July 2019 11:00 UTC
Return-Path: <sean@pion.ly>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 696A512011E for <rtcweb@ietfa.amsl.com>; Thu, 11 Jul 2019 04:00:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.602
X-Spam-Level:
X-Spam-Status: No, score=-0.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pion-ly.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ggRpS-e1yxca for <rtcweb@ietfa.amsl.com>; Thu, 11 Jul 2019 04:00:23 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DD45120307 for <rtcweb@ietf.org>; Thu, 11 Jul 2019 04:00:23 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id u19so11512225ior.9 for <rtcweb@ietf.org>; Thu, 11 Jul 2019 04:00:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pion-ly.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=AGx6can113ieyW2bllJlbhe1Vl9zt69JkXaELRnGzz0=; b=B0dy+giRHH5A0xEQZoRNZuAltajxo9jNFVqWk/hXCNoSm2/UTG++eVphpckojawB9s tEuMpCWjFaPyDP/1xJJbn1OGEEOw6ZYWzjUfLkI/s6LyLtodZgzw8Mo1T41emRwSL5L6 G/kDvvKwPT7ct/fg57UO9FNItelXsAdXzt/EdzUPIR0Nl1KBapOQo3CJv9sv3u8ofaMp OX9Fb4TnuMdE3zQ3ZWt7vnMCohSKzQVjb0r8phGZP7J7ghzoEuUVg/gG1ylA1FO+oZaf NDnLSpZUhhA4cehEczk3UO2BI2nkaeKw7efci997S+BT8KaXwzCdtE9suwl6FgD9OFTc VXBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=AGx6can113ieyW2bllJlbhe1Vl9zt69JkXaELRnGzz0=; b=QuFR4vqcAmXgyzW7Y8jWzfhaCsbGzfwJ9yuFZFeee689j19ZiTT8RxpjWqXGIqgv53 ALeIGm60fyucHCIKMta9DXfiYukYHmElj3IU3V4DKjWhmEnB8y3QpywtdJtsvHr33W3n 7TAAJGj9oLZ3OEnfvGfgz5orBWTlvyPyZV1A1e6t0PjxEQ6RFEjfaiSMx9j7IHr9xqBN bnpEnujTLH2lHQJkIqAS8T4PzT/EPWJv1Lajzy/bj6t5d2Y1tU6dZxoRDVlKmBP+fxsu wid5ppPSWFHcoZV+2gL2mkq9u1EF7JtNbk6vIDM/ET4S5yrXathxfJsQ5pstnPHPMB9t U1VQ==
X-Gm-Message-State: APjAAAXU9gBjT3248SjhYMy57wolL5WJCNxACHGL+gSjyatOAWWbKRJk bcca+GzUWOzxZZoGPtu+yoQ=
X-Google-Smtp-Source: APXvYqzAUj/+KZFrudN7xGtvNrrU75Mx9tficJp5I37j5/s2QQjuw9q9DJSH1irgVpWcCMvTvLNRmQ==
X-Received: by 2002:a6b:8f47:: with SMTP id r68mr3782748iod.204.1562842822610; Thu, 11 Jul 2019 04:00:22 -0700 (PDT)
Received: from 38f9d359441f.ant.amazon.com ([8.46.76.46]) by smtp.gmail.com with ESMTPSA id b20sm4047524ios.44.2019.07.11.04.00.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 11 Jul 2019 04:00:21 -0700 (PDT)
Date: Thu, 11 Jul 2019 12:00:28 +0100
From: Sean DuBois <sean@pion.ly>
To: Justin Uberti <juberti@google.com>
Cc: Philipp Hancke <fippo@goodadvice.pages.de>, RTCWeb IETF <rtcweb@ietf.org>
Message-ID: <20190711110028.oj3mv7mamafzrauj@38f9d359441f.ant.amazon.com>
References: <CA+b7xQtG-PLo8i3ojOs2pmiVbuKU0aFGRMsdQss22rEnqRgybg@mail.gmail.com> <385683CD-3B17-4A11-8B39-F300FB861964@mozilla.com> <dacfb776-b7bf-c262-03a4-662175e35233@goodadvice.pages.de> <20190710222800.cyjvtkek7rbhy72k@38f9d359441f.ant.amazon.com> <CAOJ7v-2m_dAHXi__2pqe-DYamuhZrmcjgZbhSFXsF5EsOrSdLg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAOJ7v-2m_dAHXi__2pqe-DYamuhZrmcjgZbhSFXsF5EsOrSdLg@mail.gmail.com>
User-Agent: NeoMutt/20180716
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/1sPXt79o4NEygp17ymoFTrN9Xd0>
Subject: Re: [rtcweb] Require/Suggest AEAD GCM for SRTP
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 11:00:26 -0000
On Wed, Jul 10, 2019 at 04:02:59PM -0700, Justin Uberti wrote: > We looked into this in Chrome in > https://bugs.chromium.org/p/chromium/issues/detail?id=713701, but we > decided not to proceed because of the resultant blowup from using the > non-truncatable AEAD MAC (16 bytes per packet vs 4/10 for HMAC-SHA1). > > I think we'd be open to revisiting this if there were obvious performance > benefits, but your numbers for HMAC-SHA1 seem unusually bad. For example, > "openssl speed sha1" yields 500 MB/s for 256-byte packets on my MacBook > Pro, compared to the 28 MB/s that you noted in the bug. "openssl speed > aes-128-gcm" does yield 1500 MB/s, so there's clearly some upside here, but > it's hard to see this as a must-have. > Here are my numbers using libsrtp, still pretty significant I think! People have fought a lot harder for much smaller improvements. -- aes_cm_128_hmac_sha1_32 ./a.out 1.83s user 0.01s system 99% cpu 1.843 total ./a.out 1.84s user 0.01s system 99% cpu 1.856 total ./a.out 1.83s user 0.00s system 99% cpu 1.837 total ./a.out 1.82s user 0.01s system 99% cpu 1.831 total ./a.out 2.04s user 0.01s system 99% cpu 2.065 total ./a.out 1.82s user 0.01s system 99% cpu 1.834 total ./a.out 1.84s user 0.01s system 99% cpu 1.857 total ./a.out 1.83s user 0.00s system 99% cpu 1.843 total ./a.out 1.85s user 0.01s system 99% cpu 1.860 total ./a.out 1.83s user 0.01s system 99% cpu 1.839 total -- aes_gcm_128_16 ./a.out 0.76s user 0.00s system 99% cpu 0.772 total ./a.out 0.81s user 0.00s system 99% cpu 0.814 total ./a.out 0.75s user 0.00s system 99% cpu 0.762 total ./a.out 0.75s user 0.01s system 99% cpu 0.760 total ./a.out 0.76s user 0.00s system 99% cpu 0.765 total ./a.out 0.76s user 0.00s system 99% cpu 0.765 total ./a.out 0.79s user 0.01s system 99% cpu 0.803 total ./a.out 0.77s user 0.01s system 99% cpu 0.780 total ./a.out 0.75s user 0.00s system 99% cpu 0.762 total ./a.out 0.79s user 0.01s system 99% cpu 0.796 total Hopefully my test is good, whipped it up while waiting for my flight. https://gist.github.com/Sean-Der/7a42bd70edfe1324ccc6ab399d653c0e
- [rtcweb] Require/Suggest AEAD GCM for SRTP Sean DuBois
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Nils Ohlmeier
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Philipp Hancke
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Sean DuBois
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Justin Uberti
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Martin Thomson
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Harald Alvestrand
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Sean DuBois
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Sean Turner
- Re: [rtcweb] Require/Suggest AEAD GCM for SRTP Martin Thomson