Re: Masking (Re: PeerConnection Data Channel)

On 9/4/2011 10:04 AM, Harald Alvestrand wrote:
> On 09/02/11 18:59, Matthew Kaufman wrote:
>>
>>> - For encryption, it simply uses the underlying encryption of the 
>>> session, i.e. none, SDES-SRTP, or DTLS-SRTP, as appropriate.
>>
>> Absolutely correct. Possibly needs masking for the "none" case 
>> however... need to discuss.
> Last round, people claimed that you needed masking because the 
> attacker is in control of the data in the UDP packet.

Most of the data is encrypted, so the attacker really doesn't control 
it.  Like SRTP, I assume a few bytes at the front have to be 
unencrypted, so all that needs to be done is be careful about those.

We've talked to encryption being mandatory except for legacy interop, 
and in those cases there would be no data channels.

>
> I asked at the time whether we were going to do masking on raw audio 
> data played back from a file, since the attacker would have complete 
> control over that data too.
>
> After that, the discussion went silent. I'm not sure the silence was 
> caused by the message, but I never got a response.

See above - the data would be encrypted with one possible exception.

>
> (Note: I agree with EKR's comments about the lack of evidence that 
> cross-protocol attacks are a problem once you assume ICE for all 
> sessions.)
>

Right.

-- 
Randell Jesup
randell-ietf@jesup.org

Received on Sunday, 4 September 2011 19:53:54 UTC