Re: [rtcweb] Consensus call regarding media security

Roman Shpount <roman@telurix.com> Thu, 29 March 2012 14:31 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD83721E81B9 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 07:31:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.677
X-Spam-Level:
X-Spam-Status: No, score=-2.677 tagged_above=-999 required=5 tests=[AWL=-0.016, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-zug42Gb5yR for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 07:31:16 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 5B34421F869D for <rtcweb@ietf.org>; Thu, 29 Mar 2012 07:31:16 -0700 (PDT)
Received: by yenm5 with SMTP id m5so1646655yen.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 07:31:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=dnQFRPqM4R1DhrpXC5RdqPiEj2GEKcW6DW3Vkco/m4Y=; b=bOo9HxvGxteEUWy2bOZafjbWxv6V8XwgPRvSEs2wDMlg3iGwHV+c6093G3ryQTAQiv paLtQ6a1qmJj1vyiG6k1bM9RohERy7TdUrEh6h96x/MaVDD7QABfGSGrOULC+8GrlNw3 tE9sNialTVuS6Mwzb6cV46TMJenSc6K+JynHt9nFDj95E3jYX6QPHDZdLb5obhIdr3Vq plA/7V7DJBUjXcTGZifbEgdQEMSXSrMNOL4PYYW9exC6vyiGHwqeKha7l9wTJV2lsJa+ S+OpliEq2RGXGtXlNuXuLPgB/wGg2Sjw5aQ9qyIu3erXC0amhMci8rpXOmeKVGBUmPq2 lC4Q==
Received: by 10.236.161.72 with SMTP id v48mr26374676yhk.112.1333031475991; Thu, 29 Mar 2012 07:31:15 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by mx.google.com with ESMTPS id f40sm8101883ani.16.2012.03.29.07.31.13 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 07:31:14 -0700 (PDT)
Received: by yenm5 with SMTP id m5so1646607yen.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 07:31:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.240.6 with SMTP id vw6mr570240pbc.76.1333031473312; Thu, 29 Mar 2012 07:31:13 -0700 (PDT)
Received: by 10.68.6.67 with HTTP; Thu, 29 Mar 2012 07:31:13 -0700 (PDT)
In-Reply-To: <CAOJ7v-0ePiqkrswGbvLZTrZCPFLGxy6KCg79kiMRtLGR9PqeOg@mail.gmail.com>
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com> <CALiegfn4MZYb-qCnM62T7w4EgWqrC5baN+pAYBZF84kEA7Ko6A@mail.gmail.com> <CAD5OKxtDED1vSFrw4V9TKkUzdSSXNg+S_WBrxmnFo21hjJvqMA@mail.gmail.com> <4F737DB3.5020804@hidayahonline.org> <CAD5OKxuJq7x-_QTK49ZEgeBhMLhYQimPcs3g-BDM6vYWdH5Lng@mail.gmail.com> <CAOJ7v-0ePiqkrswGbvLZTrZCPFLGxy6KCg79kiMRtLGR9PqeOg@mail.gmail.com>
Date: Thu, 29 Mar 2012 10:31:13 -0400
Message-ID: <CAD5OKxvVkiFK06nOnLqGXaj7mR-WvJ9tcnDdZo-XegF4qiQ7bg@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Justin Uberti <juberti@google.com>
Content-Type: multipart/alternative; boundary=047d7b3395a170f41304bc6293b0
X-Gm-Message-State: ALoCoQnO2l025ptds4dXRrmLQ/3xeItqGUQcH4HbMZRkCdGJF9rgOQeKi2UIVJXGxnAsmWT3nokc
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 14:31:18 -0000

On Thu, Mar 29, 2012 at 10:00 AM, Justin Uberti <juberti@google.com> wrote:

> This is FUD. Google+ Hangouts uses libsrtp for all of its calls, and over
> the billions of minutes of call time to date, we haven't seen any crash
> bugs that could be blamed on libsrtp. And we track this stuff pretty
> closely.
>
>
> This is not a FUD. Even with 100s of millions of secured minutes we are
pushing we see new libsrtp related problems on a weekly basis. I gave you a
reference to the Asterisk bug. This bug is addressed in sourceforge, but
present in the download library (1.4.4) that is included in a lot of the
products. This bug guarantees a crash in case RTCP and even small packet
loss are present.  You can try to run crypto_get_random in a loop until it
generates an error. Simple and easy to reproduce bug. There is probably
more, but it is outside of the scope of this list. If you want to do your
users a favor -- swap this lib out from your code. You probably have a much
better crypto utilities (random, AES) in other code you use, such as
OpenSSL. The rest is trivial to re-implement and it will make the result
product faster and more secure.
_____________
Roman Shpount