Re: [rtcweb] Areas of security concern

John Mattsson <john.mattsson@ericsson.com> Wed, 12 March 2014 09:54 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEA601A0939 for <rtcweb@ietfa.amsl.com>; Wed, 12 Mar 2014 02:54:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.85
X-Spam-Level:
X-Spam-Status: No, score=-3.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4PazM8J29e8p for <rtcweb@ietfa.amsl.com>; Wed, 12 Mar 2014 02:54:16 -0700 (PDT)
Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 8E5A71A0933 for <rtcweb@ietf.org>; Wed, 12 Mar 2014 02:54:12 -0700 (PDT)
X-AuditID: c1b4fb2d-b7f5d8e000002a7b-f9-53202ebd4c20
Received: from ESESSHC020.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id D4.02.10875.DBE20235; Wed, 12 Mar 2014 10:54:05 +0100 (CET)
Received: from ESESSMB307.ericsson.se ([169.254.7.220]) by ESESSHC020.ericsson.se ([153.88.183.78]) with mapi id 14.02.0387.000; Wed, 12 Mar 2014 10:54:05 +0100
From: John Mattsson <john.mattsson@ericsson.com>
To: Watson Ladd <watsonbladd@gmail.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Thread-Topic: [rtcweb] Areas of security concern
Thread-Index: AQHPPbGLVDS5BScXzk6f38VicWm+iJrdNroA
Date: Wed, 12 Mar 2014 09:54:05 +0000
Message-ID: <CF45EAB9.10F08%john.mattsson@ericsson.com>
References: <CACsn0cmnf0Lh8JEmwA2mYEg6hOivrpxc9JhFFAKmYcv1NpLfUA@mail.gmail.com>
In-Reply-To: <CACsn0cmnf0Lh8JEmwA2mYEg6hOivrpxc9JhFFAKmYcv1NpLfUA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.9.131030
x-originating-ip: [153.88.183.154]
Content-Type: multipart/alternative; boundary="_000_CF45EAB910F08johnmattssonericssoncom_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPLMWRmVeSWpSXmKPExsUyM+Jvje5ePYVgg13/zSzW/mtnt+jpPMnm wOSxc9Zddo8lS34yBTBFcdmkpOZklqUW6dslcGW8mrqQqeCXXsWm10+ZGxhP6nYxcnJICJhI bJzTxwJhi0lcuLeerYuRi0NI4BCjxKvfZ6GcJYwS8z6+ZQapYhMwkJi7p4ENxBYR8JHov3GP CcQWFtCXaP83mxUibiDR3PQLKM4BZBtJTDuVDxJmEVCVuD71ENgyXgFzibPXG8DKhQQCJHov zgCzOQUCJXqavoGNZwQ66PupNWDjmQXEJW49mc8EcaiAxJI955khbFGJl4//gfWKCuhJ3Hs0 F+oZJYlFtz9D9cZIPF2wgRlir6DEyZlPWCYwis5CMnYWkrJZSMpmAX3ALKApsX6XPkSJosSU 7ofsELaGROucuVC2tcSqtVdYkNUsYORYxciem5iZk15uuIkRGGkHt/zW3cF46pzIIUZpDhYl cd4Pb52DhATSE0tSs1NTC1KL4otKc1KLDzEycXBKNTDaH1yX7rubO9v93LQvqian++wC99tM ez1L5ZuJ/4TyKzeCtZL9cjf+MFrNqS/Cfnb6BYP4s8v/pTDHpy75q1cz8dvOxsWTNRL8Vd8f 8npwcsaswMQI1/eX7I2tb+fX8LUlvmD5x/bTrmnOrIM/S9q9vKtepF578aX53Lnpt22Xz90S xHgv1lpJiaU4I9FQi7moOBEABjXsMoICAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/D-_drIs10GJg7xiIWyqUFBtINyw
Subject: Re: [rtcweb] Areas of security concern
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 09:54:21 -0000


From: Watson Ladd <watsonbladd@gmail.com<mailto:watsonbladd@gmail.com>>
Date: Wednesday 12 March 2014 05:11
To: "rtcweb@ietf.org<mailto:rtcweb@ietf.org>" <rtcweb@ietf.org<mailto:rtcweb@ietf.org>>
Subject: [rtcweb] Areas of security concern

Dear all,
I've jotted down the following notes when reading the drafts from here and the W3C as potential problem areas. Maybe there are things I've missed in the drafts that address them, but I think they are still worth thinking about. Some of these are more W3C, but we seem to be in charge of the security. These issues vary widely in seriousness. One of them is a demonstrated break of confidentiality, while several are open questions about how we communicate to users.

…


Problem 4: HMAC-SHA1 in SRTP

>If I've chased the chain of references correctly this is the sole MAC provided.

John: Yes this is correct, (But AES-GCM and AES-CCM should  be available before WebRTC)

>Is it okay? I have no idea: SHA-1 has been significantly weakened in recent years.

John: This is ok. While SHA-1 itself is weak and should not be used for signatures, there are no attacks on HMAC-SHA-1.
NIST current recommendations say that HMAC-SHA-1 is good for use beyond 2030 (http://www.keylength.com/<http://www.keylength.com/en/4/> )