W3C home > Mailing lists > Public > public-webrtc@w3.org > September 2011

Re: Masking (Re: PeerConnection Data Channel)

From: Randell Jesup <randell-ietf@jesup.org>
Date: Sun, 04 Sep 2011 15:50:40 -0400
Message-ID: <4E63D690.7050606@jesup.org>
To: public-webrtc@w3.org
On 9/4/2011 10:04 AM, Harald Alvestrand wrote:
> On 09/02/11 18:59, Matthew Kaufman wrote:
>>
>>> - For encryption, it simply uses the underlying encryption of the 
>>> session, i.e. none, SDES-SRTP, or DTLS-SRTP, as appropriate.
>>
>> Absolutely correct. Possibly needs masking for the "none" case 
>> however... need to discuss.
> Last round, people claimed that you needed masking because the 
> attacker is in control of the data in the UDP packet.

Most of the data is encrypted, so the attacker really doesn't control 
it.  Like SRTP, I assume a few bytes at the front have to be 
unencrypted, so all that needs to be done is be careful about those.

We've talked to encryption being mandatory except for legacy interop, 
and in those cases there would be no data channels.

>
> I asked at the time whether we were going to do masking on raw audio 
> data played back from a file, since the attacker would have complete 
> control over that data too.
>
> After that, the discussion went silent. I'm not sure the silence was 
> caused by the message, but I never got a response.

See above - the data would be encrypted with one possible exception.

>
> (Note: I agree with EKR's comments about the lack of evidence that 
> cross-protocol attacks are a problem once you assume ICE for all 
> sessions.)
>

Right.

-- 
Randell Jesup
randell-ietf@jesup.org
Received on Sunday, 4 September 2011 19:53:54 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:25 UTC