From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id E0DC28C7760 for ; Fri, 1 Oct 2021 16:20:46 +0200 (CEST) Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 191EKjKb021036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 1 Oct 2021 16:20:45 +0200 Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id 191EKjYL030304; Fri, 1 Oct 2021 16:20:45 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id A25ED10C15C; Fri, 1 Oct 2021 16:20:45 +0200 (CEST) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id 2AsLlZTeEbeQ; Fri, 1 Oct 2021 16:20:43 +0200 (CEST) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 7BDEC10C15A; Fri, 1 Oct 2021 16:20:43 +0200 (CEST) Date: Fri, 01 Oct 2021 16:20:43 +0200 Message-ID: <87k0iw4yis.wl-jch@irif.fr> From: Juliusz Chroboczek To: Dave Taht In-Reply-To: References: <9SCVvWIB9TfyEmG6di6LYCmoEeeJ_2Fsqzh8Y58_q0wSF1hRxJ_2I3YKATYXSCnaZQMJ6CdhvseVnbHsDmnSheS5b9SvRk1f9xhna0e2Y5Q=@protonmail.com> <87pmsp3qnx.wl-jch@irif.fr> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Fri, 01 Oct 2021 16:20:45 +0200 (CEST) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Fri, 01 Oct 2021 16:20:45 +0200 (CEST) X-Miltered: at korolev with ID 6157193D.003 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-Miltered: at potemkin with ID 6157193D.001 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 6157193D.003 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/ X-j-chkmail-Enveloppe: 6157193D.001 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 6157193D.003 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Score: MSGID : 6157193D.001 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-j-chkmail-Status: Ham Message-ID-Hash: QDCJYMOHLUDAJO3UTXRM4PSU5JKCWZ6O X-Message-ID-Hash: QDCJYMOHLUDAJO3UTXRM4PSU5JKCWZ6O X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: "galene@lists.galene.org" X-Mailman-Version: 3.3.4 Precedence: list Subject: [Galene] End-to-end encryption [was: User management] List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: > talking to a trusted videoconferencing server. I did rather like the > insertable streams idea: > > https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/ I like the idea of end-to-end encryption, but I feel that I'm not ready to implement it yet. Insertable streams gives you the ability to perform end-to-end encryption, but it does not define the encryption format. So you end up having to design your own crypto, with all the dangers that this entails. Before we can use insertable streams, we need to have a clear specification of a recommended encrypted format to use with it. There is an IETF effort to do that, but it's IETF, so it won't conclude before a few years. (Last time I checked, they were discussing the benefits of two approaches, SFrame and Spacket, if memory serves, and there was no clear consensus yet.) There are two other issues. First, in order to do simulcast and keyframe optimisation, Galene needs to look inside the packets. Jitsi works around the issue by not encrypting the first 8 octets of every packet, even one that does not start a frame, but it's difficult to tell what amount of information this leaks. The proper solution to the issue is to have an unencrypted header extension that contains the required information, but that's only available with AV1 and not implemented yet (Chrome uses a nonstandard format for AV1). Second, simulcast for VP8 requires rewriting the packet contents, which is obviously impossible if the data is encrypted. This is solved with VP9, but what it means is that you cannot have encrypted simulcast with VP8, something has to give. In short, Dave, I have given some serious thought to the issue of end-to-end encryption, and I feel that it will need to wait a couple of years before we can deploy it in production. -- Juliusz