Re: [rtcweb] Require/Suggest AEAD GCM for SRTP

Sean DuBois <> Wed, 10 July 2019 22:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4D95112004F for <>; Wed, 10 Jul 2019 15:27:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.603
X-Spam-Status: No, score=-0.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EfnvZFviSBma for <>; Wed, 10 Jul 2019 15:27:41 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::436]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9C4D0120033 for <>; Wed, 10 Jul 2019 15:27:41 -0700 (PDT)
Received: by with SMTP id n9so4095278wrr.4 for <>; Wed, 10 Jul 2019 15:27:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=TS8guhEExd2CCdoY7KoYWF6fzNqS9esRu9UGc5ohgUs=; b=Ep4m3Unbeb5/7hqdGenLeOMJSXuUe3TprD+O1YqKQnAVTo3yqTGamn/b7PZ3pW+PoX 5w5w81TJjv/1QuTQn/OQR20mZLSSSB+y990Io0so2TfLIu8yAXVL/AASYN69l1TTxH2q q6SnTslTzayC05ZO4A613/gCMzRJKZ1GjAPLabEYHl25R++ohYwd3PTSbyTnLz6ewQ+l meaOLyh8JZNz5iqNU1YzyB/g8QOqEl71rMj3LN5o3phqlIfy8hwyE52W8GbRzTgWsAOo cbgIL3xv/187bh727wnsNSebS3TUx+pIjVMCJzyHzVC7OejKQYV7ZtEMSy6aePHn9KNg r6+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=TS8guhEExd2CCdoY7KoYWF6fzNqS9esRu9UGc5ohgUs=; b=kNFjFmDpoQrFqqfOrxfeM8iGUQvjiPwrO83t20hF1K3pr4bXCg+wX1tA7V5lR0pUkF Gy51YZuyfTsr3UXoCk2Gn4ztOclAXYvUVj4co/dZyt8VVpjs/mri6TyBDtMsrH2C8Gra cMGBn1aOWEPOxeUP/4JaS9AyVEGitvNkq44lYKWI4BaJZ1gDBaeHVaqCbM/Qw0hR7Vye tsFgHQjGlhnOeRfADfXz9W7saEsqpu8uoTviwc1EtPQ6aP0ySslNIxEvABjNlWpGNfSk pVTFwCHba3uWCYHDaEZFRHjh+YAYXV6/8ZJxDMztdUe07UiIzcV6psouIXkhECzx8ldQ BeNQ==
X-Gm-Message-State: APjAAAXdJcWIsoXLDy+2NbIpVyEoazF1SiGIILPhtIgz7cEsifL35TOA /0rOFZBzxGFr1PDvXus0TpE=
X-Google-Smtp-Source: APXvYqysJ7iSzOY4L93Wbw24WUNI6Sm3SsaDM4dRIJyFXLrhA/xk/0h2Rrqw8tuVmcYEvx/shxw4QQ==
X-Received: by 2002:adf:f246:: with SMTP id b6mr44803wrp.92.1562797659921; Wed, 10 Jul 2019 15:27:39 -0700 (PDT)
Received: from ([]) by with ESMTPSA id 91sm6116033wrp.3.2019. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Jul 2019 15:27:38 -0700 (PDT)
Date: Wed, 10 Jul 2019 23:28:00 +0100
From: Sean DuBois <>
To: Philipp Hancke <>
Message-ID: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <>
User-Agent: NeoMutt/20180716
Archived-At: <>
Subject: Re: [rtcweb] Require/Suggest AEAD GCM for SRTP
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 10 Jul 2019 22:27:43 -0000

On Wed, Jul 10, 2019 at 10:20:24PM +0200, Philipp Hancke wrote:
> Am 10.07.19 um 20:25 schrieb Nils Ohlmeier:
> <snip/>
> > As Firefox supports GCM already I’m in favor of adding it to the spec.
> >
> > AFAIK GCM support in Chrome is behind a flag because they ran into some interop issues with early GCM implementations.
> >
> > But it is pretty late in the standardization process to make/request such changes. I’ll leave it to other to judge this.
> I don't think we need any mandatory requirement, we have negotiation built
> in. AES-NI does not require GCM though?
Agree! I do get hw-accel right now when encrypting, but it is the HMAC-SHA1
for the authentication tag that takes up most of the time.

Lots of calls to HMAC-SHA1 for both send/recv

I don't know libsrtp well enough, but I assume the situation is the same?

> I tested GCM with both Chrome and Firefox, found a small bug in the latter
> (which was quickly fixed by you) but other than that it worked like charm.
> How chrome solves their "stuff bitrotting behind flags forever" is not an
> IETF problem thankfully.
I am happy to help with this case! I am just hoping if I go the
IETF route. It will make it easier to get things merged/enabled in projects.