From: Dave Taht <dave.taht@gmail.com>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: "galene@lists.galene.org" <galene@lists.galene.org>
Subject: [Galene] Re: End-to-end encryption [was: User management]
Date: Fri, 1 Oct 2021 08:24:38 -0700 [thread overview]
Message-ID: <CAA93jw7RrrJoCKs82YWXYG=cmkW_-aaGMEc9h55a1DfKSsRqBg@mail.gmail.com> (raw)
In-Reply-To: <87k0iw4yis.wl-jch@irif.fr>
On Fri, Oct 1, 2021 at 7:20 AM Juliusz Chroboczek <jch@irif.fr> wrote:
>
> > talking to a trusted videoconferencing server. I did rather like the
> > insertable streams idea:
> >
> > https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
>
> I like the idea of end-to-end encryption, but I feel that I'm not ready to
> implement it yet.
>
> Insertable streams gives you the ability to perform end-to-end encryption,
> but it does not define the encryption format. So you end up having to
> design your own crypto, with all the dangers that this entails. Before we
> can use insertable streams, we need to have a clear specification of
> a recommended encrypted format to use with it. There is an IETF effort to
> do that, but it's IETF, so it won't conclude before a few years. (Last
> time I checked, they were discussing the benefits of two approaches,
> SFrame and Spacket, if memory serves, and there was no clear consensus yet.)
>
> There are two other issues. First, in order to do simulcast and keyframe
> optimisation, Galene needs to look inside the packets. Jitsi works around
> the issue by not encrypting the first 8 octets of every packet, even one
> that does not start a frame, but it's difficult to tell what amount of
> information this leaks. The proper solution to the issue is to have an
> unencrypted header extension that contains the required information, but
> that's only available with AV1 and not implemented yet (Chrome uses
> a nonstandard format for AV1).
>
> Second, simulcast for VP8 requires rewriting the packet contents, which is
> obviously impossible if the data is encrypted. This is solved with VP9,
> but what it means is that you cannot have encrypted simulcast with VP8,
> something has to give.
>
> In short, Dave, I have given some serious thought to the issue of
> end-to-end encryption, and I feel that it will need to wait a couple of
> years before we can deploy it in production.
thanks for having given it much deeper thought than I have so far!
I would like then, to somehow, push harder to embed videoconferencing
servers such as galene into more edge embedded products. I am very
disturbed by the widespread belief among users that videoconferencing
servers in the cloud are actually secure, and would like to see services
like baby-cams, and personal interactions, move back to the edge, and
back under user control (and there's also a bandwidth savings to be had)
There is a lot of work going on on edge cpe - like prplos, rdk-b,
and security products like these,
https://www.theverge.com/2021/9/28/22692073/ring-alarm-pro-amazon-event-release-date-specs-price-features
running on capable hardware, that might be used.
> -- Juliusz
--
Fixing Starlink's Latencies: https://www.youtube.com/watch?v=c9gLo6Xrwgw
Dave Täht CEO, TekLibre, LLC
next prev parent reply other threads:[~2021-10-01 15:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-28 18:29 [Galene] User management Jeroen van Veen
2021-10-01 11:55 ` [Galene] " Juliusz Chroboczek
2021-10-01 14:05 ` Dave Taht
2021-10-01 14:20 ` [Galene] End-to-end encryption [was: User management] Juliusz Chroboczek
2021-10-01 14:38 ` [Galene] Re: End-to-end encryption Michael Ströder
2021-10-01 15:24 ` Dave Taht [this message]
2021-10-03 19:15 ` [Galene] Re: User management Jeroen van Veen
2021-10-26 19:02 ` [Galene] Config branch [was: User management] Juliusz Chroboczek
2021-10-27 18:23 ` [Galene] " Jeroen van Veen
2021-10-29 9:10 ` Jeroen van Veen
2021-10-29 17:52 ` Juliusz Chroboczek
2021-10-30 8:22 ` Jeroen van Veen
2021-10-01 14:43 ` [Galene] Re: User management Dernat Rémy
2021-10-03 19:15 ` Jeroen van Veen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAA93jw7RrrJoCKs82YWXYG=cmkW_-aaGMEc9h55a1DfKSsRqBg@mail.gmail.com' \
--to=dave.taht@gmail.com \
--cc=galene@lists.galene.org \
--cc=jch@irif.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox