Re: [rtcweb] Resolving RTP/SDES question in Paris

Eric Rescorla <ekr@rtfm.com> Tue, 20 March 2012 00:19 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CD8821F877C for <rtcweb@ietfa.amsl.com>; Mon, 19 Mar 2012 17:19:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.177
X-Spam-Level:
X-Spam-Status: No, score=-106.177 tagged_above=-999 required=5 tests=[AWL=-3.200, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SD-GKVdIq850 for <rtcweb@ietfa.amsl.com>; Mon, 19 Mar 2012 17:19:19 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 0291021F8778 for <rtcweb@ietf.org>; Mon, 19 Mar 2012 17:19:18 -0700 (PDT)
Received: by vcbfk13 with SMTP id fk13so8317669vcb.31 for <rtcweb@ietf.org>; Mon, 19 Mar 2012 17:19:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=8jkzEXUHYelYq2sbwhKdIweBGf4Rvktpf0iFujDvwSQ=; b=Nac3PEBGazUaBxIYeMVC2rFDLF8zcOEJxeZjZSLK5q5ac0J5c3hBrMVoHwazwsJv1F Wt0hRJFbMO2nMlCm18eY1Pi4YNuM6Tu3jNwytnjTi4gyc/vPYkYP/wQNEIzDkAHJEVWk Nf+Zy5ReSwxBOomgMmVz34ElRO3SdgrETCzhwuhNS9zXc7LTFN34BBuo0+6rIsGdJpKW 0RD/20c0JhGdwUJ80eUxdOMm9DuSijevhQo0DC6FrpBFzq/9aEEQKBVA3DsHyw16VHDl 0OBS/mBtjkdd8/zjPkTlDXDA/xM1eaK9621pbpDtzu6+RckRWNeuLWFnMCqahw+Hz0Ut MikA==
Received: by 10.220.224.197 with SMTP id ip5mr5633216vcb.41.1332202758470; Mon, 19 Mar 2012 17:19:18 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.22.195 with HTTP; Mon, 19 Mar 2012 17:18:37 -0700 (PDT)
X-Originating-IP: [63.245.220.224]
In-Reply-To: <CAD5OKxustPmGJRMKoUU4kXosALpG8RzHC50-sjb5KKUPq3L3XA@mail.gmail.com>
References: <4F4759DC.7060303@ericsson.com> <387F9047F55E8C42850AD6B3A7A03C6C0E1FEB69@inba-mail01.sonusnet.com> <CALiegfnkYVEpmPV-zSL_4wOY-HiFZN-qJCQCiioaS=5NaqhLZw@mail.gmail.com> <CAD5OKxvtOAxMBx6xDnyfTnEq76oDEm6uj1xL6wGjjrtKUAHy3g@mail.gmail.com> <CABcZeBNZiotPmCfT53uEo+O0xw4xv6tXW1M_G-3A5BHuncsduA@mail.gmail.com> <CAD5OKxvYOY5JZ2mYNGiH1poUBQkyOOycePFijH5H+SxtcdqujQ@mail.gmail.com> <CABkgnnVe-b6Sv=R67bMJk_NQqQwdrRUn6rBm7Gu_CMcfPQwtEg@mail.gmail.com> <CAD5OKxvZbEJ7sV4WPAYoQapzMR_QwAftj-oKg=ioMKHNT792wQ@mail.gmail.com> <6F428EFD2B8C2F49A2FB1317291A76C113563C5A92@USNAVSXCHMBSA1.ndc.alcatel-lucent.com> <CALiegf=jtkDCS_D0ZFe9UpbiadQ0vsJ+4MppQSbLr-wbaXNrfQ@mail.gmail.com> <BLU169-W29E5B86F9E2C6F3126961C93420@phx.gbl> <CALiegfk2aT+6Psr4nT-hG1G7eYRBfFCcT+25On2O4HfUXJ6-ng@mail.gmail.com> <CAD6AjGSmi9j+sdGWPts20-iwGvGij05ek0OKYEPULC6B=aFpQg@mail.gmail.com> <6F428EFD2B8C2F49A2FB1317291A76C113564482A7@USNAVSXCHMBSA1.ndc.alcatel-lucent.com> <ADBB75F3-E20C-4EC4-B9C3-EF2E4BFF409C@phonefromhere.com> <CAD5OKxvuEV8Vbq3h7=ZgcKmREjmguvz5n-SpXr2n-EY7a_ddxg@mail.gmail.com> <CALiegfk1ozOKPcDjbd3H_z2Edzh4RcZpYyJSWdw_1DJ04muQXA@mail.gmail.com> <CAD5OKxu8-+0O0=eE7mD1hi=nPUpEXczGj=bRNQCQL1BW8c-c-Q@mail.gmail.com> <D75A384B-0F38-4E30-8C03-12E903A69B64@acmepacket.com> <CAD5OKxustPmGJRMKoUU4kXosALpG8RzHC50-sjb5KKUPq3L3XA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 19 Mar 2012 17:18:37 -0700
Message-ID: <CABcZeBNHY8k5YNiZt2=wqKo1Bkecxvyw4kyGi9W235fmdhwjGw@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQnSk7VW9N6zl6JeyZ+/sTE926MXrLAxvgEVbgiTyxeYFiYh7Okz6JUZMFVJazHZVl41FX7r
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Resolving RTP/SDES question in Paris
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2012 00:19:19 -0000

On Mon, Mar 19, 2012 at 4:34 PM, Roman Shpount <roman@telurix.com> wrote:
> Here are the levels of security that we get right now:
>
> 1. DTLS SRTP with Identity provider with signaling over HTTP or HTTPS. As
> long as identity provider is not compromised, user knows who they are
> talking to and that conversation is reasonably secure.
>
> 2. DTLS SRTP or SDES SRTP with signaling over HTTPS. There are no guarantees
> on who exactly the user is talking to, but as long we assume that web server
> and javascript applications are not compromised, conversation is secured to
> some application selected destination. Cannot tell the user that the call is
> secure, but probably not going to be something that can be picked up by a
> script kiddy with a network sniffer.

As discussed in draft-ietf-rtcweb-security, I don't agree that DTLS-SRTP without
identity and SDES-SRTP offer the same level of security. Most of what I have
to say about that is already said there, but briefly:

- DTLS-SRTP is secure against retrospective attack whereas SDES-SRTP is not.
- If there is a mechanism such as fingerprints *is* available for
checking against
MITM, then DTLS-SRTP is secure against active attack as well. Additionally,
the existence of fingerprint type mechanisms acts as a partial deterrent against
MITM attack by the signaling provider even if only a small number of people
check.

-Ekr