IETF Logo Mail Archive

Re: [rtcweb] [AVTCORE] Randomly-generated CNAMEs

"Ali C. Begen (abegen)" <abegen@cisco.com> Fri, 22 June 2012 00:47 UTC

Return-Path: <abegen@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E687311E80BE; Thu, 21 Jun 2012 17:47:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dJVZQ2kJSKph; Thu, 21 Jun 2012 17:47:53 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id C5B6811E8072; Thu, 21 Jun 2012 17:47:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=abegen@cisco.com; l=4105; q=dns/txt; s=iport; t=1340326073; x=1341535673; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=5vG1J9T2OSEZ2+elvIf8DtIJpFqMkxH+9fi3O1BbDoI=; b=XRrpZyV3xubv/itx1tRks3HSa11bxlFeJkR+k+YRHwUSHxMdQFB2BCV5 nQON52gY98sPxSgptfN8zHS7P6XbyIj7cy1vbBzhb0/wTIuVqfBbAHmlZ QMoY5g6AGNEj8QQJk+YFw86mZidno/WImNYHh2xR8q4eVNgHpxT+W9bDV s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EADbA40+tJV2c/2dsb2JhbABFtVyBB4IYAQEBBAEBAQ8BZgwEAgEIEQQBAQEKHQcnCxQJCAIEAQ0FCBqHaQEKmiygEosuhSJgA5Y8jQmBZoJfgV8
X-IronPort-AV: E=Sophos;i="4.77,454,1336348800"; d="scan'208";a="94782737"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-6.cisco.com with ESMTP; 22 Jun 2012 00:47:52 +0000
Received: from xhc-aln-x08.cisco.com (xhc-aln-x08.cisco.com [173.36.12.82]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id q5M0lqCb028049 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 22 Jun 2012 00:47:52 GMT
Received: from xmb-aln-x01.cisco.com ([fe80::747b:83e1:9755:d453]) by xhc-aln-x08.cisco.com ([173.36.12.82]) with mapi id 14.02.0298.004; Thu, 21 Jun 2012 19:47:51 -0500
From: "Ali C. Begen (abegen)" <abegen@cisco.com>
To: Kevin Gross <kevin.gross@avanw.com>, Colin Perkins <csp@csperkins.org>
Thread-Topic: [AVTCORE] [rtcweb] Randomly-generated CNAMEs
Thread-Index: AQHNUALsL5A4WY2ALUqSNGtL0fD+lpcFgQpg
Date: Fri, 22 Jun 2012 00:46:14 +0000
Message-ID: <C15918F2FCDA0243A7C919DA7C4BE994CABC2B@xmb-aln-x01.cisco.com>
References: <CABcZeBOGHimbibmQNOKrSEKqFRkq7Y1nWfSJJofP5eLZkJ+ULg@mail.gmail.com> <075C431A-A103-4C7E-9D4A-F80CB97DD9FB@csperkins.org> <BB321CED-DBDD-4E6F-997B-8490912F6315@iii.ca> <CABcZeBNvOJJL7YMk4jEQi5g=LbULiNob4LrxUuL-d-qO05_5PQ@mail.gmail.com> <CABkgnnUZOPygWgUQ7f4LnFEjOmQE2vA+KNic0gts3=MTHs8b8Q@mail.gmail.com> <0114FC22-FAE9-491D-8E5B-97A38F7714E7@csperkins.org> <CABcZeBMU4NNfmWRDXD30OmdvJLCSeJnQPgrkdLBFumepYsFoYg@mail.gmail.com> <A09FD671-5818-4881-9DD9-30FC0EA3D7EE@csperkins.org> <CALw1_Q2=4U7Fx2P5K448L2qcBjntgT_Yb4WwVEGwucE+RCj_1Q@mail.gmail.com>
In-Reply-To: <CALw1_Q2=4U7Fx2P5K448L2qcBjntgT_Yb4WwVEGwucE+RCj_1Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.86.244.29]
x-tm-as-product-ver: SMEX-10.2.0.1135-7.000.1014-18988.001
x-tm-as-result: No--43.431300-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailman-Approved-At: Mon, 25 Jun 2012 01:34:56 -0700
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>, "avt@ietf.org" <avt@ietf.org>
Subject: Re: [rtcweb] [AVTCORE] Randomly-generated CNAMEs
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jun 2012 00:47:54 -0000

Many implementors just assume "0" for any random number they need to come up with. So, saying to choose a random number may not cut it.

-acbegen

> -----Original Message-----
> From: avt-bounces@ietf.org [mailto:avt-bounces@ietf.org] On Behalf Of Kevin Gross
> Sent: Thursday, June 21, 2012 7:09 PM
> To: Colin Perkins
> Cc: Martin Thomson; rtcweb@ietf.org; avt@ietf.org; Cullen Jennings
> Subject: Re: [AVTCORE] [rtcweb] Randomly-generated CNAMEs
> 
> It seems like, pure random CNAMEs would have the same or better probability of uniqueness compared to the hashed values
> specified in 6222. I don't think it is difficult to prove this if you assume the hash function does what it's designed to and makes
> data white. 48 is not enough bits to ensure uniqueness of a large population of random numbers. If I remember correctly, 64
> bits is where the statistics start to get comfortable. See  http://en.wikipedia.org/wiki/Birthday_problem. Potentially there's a
> bigger problem here than linkability :(
> 
> Kevin Gross
> 
> 
> On Thu, Jun 21, 2012 at 4:28 PM, Colin Perkins <csp@csperkins.org> wrote:
> 
> 
> 	On 21 Jun 2012, at 23:10, Eric Rescorla wrote:
> 	> On Thu, Jun 21, 2012 at 2:54 PM, Colin Perkins <csp@csperkins.org> wrote:
> 	>> On 21 Jun 2012, at 20:09, Martin Thomson wrote:
> 	>>> On 21 June 2012 05:48, Eric Rescorla <ekr@rtfm.com> wrote:
> 	>>>> On Thu, Jun 21, 2012 at 5:39 AM, Cullen Jennings <fluffy@iii.ca> wrote:
> 	>>>>> I think what EKR was getting at is that if A call B in one phone call, then day later A wants to make an
> anonymous call to B, B should not be able to tell the second call is coming from same devices. I think that was part of the
> goal of 6222 but from EKR's email it looks like it fails to provide that.
> 	>>>>
> 	>>>> Exactly.
> 	>>>
> 	>>> I agree with the analysis.  The idea that the same browser could be
> 	>>> correlated across two independent sessions bothers me.  Within the one
> 	>>> "session", fine - on the contrary, mandatory.  Outside of that, I'd
> 	>>> like at least an option for anonymity.
> 	>>
> 	>> Using SRTP to encrypt the traffic will stop third-parties correlating the sessions, and RTCWeb is mandates SRTP
> and encryption.
> 	>
> 	> I'm concerned about tracking by people who are second parties.
> 	>
> 	> Consider the case where I call you from an anonymous phone at a domestic violence shelter. I record the CNAME
> and then call all the DV shelters until I determine which one has a CNAME from the same device.
> 	>
> 	>> RFC 6222 does define per-session RTCP CNAME values, if you're concerned about the called party being able to
> correlate sessions based on the RTCP CNAME. We could mandate those instead of short-term persistent RTCP CNAME values.
> If that's not sufficient, then someone will need to write a draft that defines a new RTCP CNAME generation algorithm, which
> this draft can refer to.
> 	>
> 	> The problem is that those per-session CNAME values do not appear to be
> 	> unlinkable. I.e., they are distinct but they are generated from the same underlying data with insufficient entropy to
> prevent someone who knows two CNAMEs from determining if they are from the same device.
> 	>
> 	> As far as new algorithm goes, is there some reason "Random" isn't good enoguh?
> 
> 
> 
> 	There's some discussion in RFC 3550 Section 6.5.1 and RFC 6222. It might be possible to use a random choice,
> provided the same random value is used across all sessions that need to be correlated, and the value is chosen to be unique
> with high probability. I haven't thought about it in detail. In any case, it's an update to RFC 3550 and RFC 6222, so someone
> will have to write up the draft defining this.
> 
> 
> 	--
> 	Colin Perkins
> 	http://csperkins.org/
> 
> 
> 
> 
> 	_______________________________________________
> 	Audio/Video Transport Core Maintenance
> 	avt@ietf.org
> 	https://www.ietf.org/mailman/listinfo/avt
> 
>

v2.23.0 | Report a Bug | By Email