Re: [rtcweb] New use-case proposed

"Henry Lum" <Henry.Lum@genesyslab.com> Fri, 11 May 2012 17:26 UTC

Return-Path: <Henry.Lum@genesyslab.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EE0C21F86BD for <rtcweb@ietfa.amsl.com>; Fri, 11 May 2012 10:26:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.165
X-Spam-Level:
X-Spam-Status: No, score=-2.165 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dHvlsuLcIBTo for <rtcweb@ietfa.amsl.com>; Fri, 11 May 2012 10:26:57 -0700 (PDT)
Received: from relay-out1.dc.genesyslab.com (relay-out1.dc.genesyslab.com [198.49.180.220]) by ietfa.amsl.com (Postfix) with ESMTP id 786C321F86A0 for <rtcweb@ietf.org>; Fri, 11 May 2012 10:26:57 -0700 (PDT)
Received: from g2.genesyslab.com (g2.genesyslab.com [192.168.20.138]) by relay-out1.dc.genesyslab.com (8.13.8+Sun/8.13.8) with ESMTP id q4BHQpj6009895; Fri, 11 May 2012 10:26:51 -0700 (PDT)
Received: from NAHALD.us.int.genesyslab.com ([192.168.20.92]) by g2.genesyslab.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 11 May 2012 10:26:51 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD2F9B.409B1582"
Date: Fri, 11 May 2012 10:26:30 -0700
Message-ID: <059AF07365DC474393A19A3AF187DF74087F7090@NAHALD.us.int.genesyslab.com>
In-Reply-To: <CAD5OKxtWq+Gh1wRTo2ZkCH6AdNXfsu7ipzDO+J=wBzNMJ4h3Nw@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [rtcweb] New use-case proposed
Thread-Index: Ac0vktJlEshr9v/oTQmFzvYLBTcEywAB5w9A
References: <4FAD0D8C.7020701@ericsson.com><4FAD3C87.8080908@alvestrand.no> <CAD5OKxtWq+Gh1wRTo2ZkCH6AdNXfsu7ipzDO+J=wBzNMJ4h3Nw@mail.gmail.com>
From: "Henry Lum" <Henry.Lum@genesyslab.com>
To: "Roman Shpount" <roman@telurix.com>, "Harald Alvestrand" <harald@alvestrand.no>
X-OriginalArrivalTime: 11 May 2012 17:26:51.0813 (UTC) FILETIME=[40DACD50:01CD2F9B]
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] New use-case proposed
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2012 17:26:58 -0000

I agree as well since based on our testing for a simple media bridge
that SRTP re-encryption adds a similar amount of CPU load (around 10%). 

 

Henry

 

From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On Behalf
Of Roman Shpount
Sent: May-11-12 12:26 PM
To: Harald Alvestrand
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] New use-case proposed

 

+1

I have provided the CPU requirements for doing SRTP re-encryption
before. Bottom line, on the real conferencing service encryption adds
about 10% extra CPU load. There is no benefit in compromising security
to avoid re-encrypting.
_____________
Roman Shpount



On Fri, May 11, 2012 at 12:21 PM, Harald Alvestrand
<harald@alvestrand.no> wrote:

I propose to reject this use case because it requires yet another
security redesign.
The clue is here:


- The keying solution must allow each participants to encrypt to
multiple receivers without any decryption+encryption in the middle node


This means that each participant must use the same encryption keys to
all other participants; this in turn means that when someone leaves the
group, all participants must change their encryption keys; it also means
that as long as shared keys are used for authentication, all
participants can impersonate all other participants.

In fact, this solution has most of the issues (except for the network
layer deployment issue) that leads me to strongly advocate leaving
multicast out of scope for this effort.

              Harald


_______________________________________________
rtcweb mailing list
rtcweb@ietf.org
https://www.ietf.org/mailman/listinfo/rtcweb