> At Thu, 31 Jul 2008 20:54:43 -0400, > Hadriel Kaplan wrote: > > > > > > > > > -----Original Message----- > > > From: Eric Rescorla [mailto:[EMAIL PROTECTED] > > > > > > Funny you should mention that. > > > > > > It's becoming increasingly clear that VBR codecs leak a fair > > > amount of information, even when they are encrypted [WBC+08]. > > > So, if, for instance, you were planning to use a fixed-rate > > > codec and an attacker could force you into a VBR codec, that > > > might leak information. > > > > Fascinating paper. (truly) But it sounds more like just a reason to > > fix SRTP for VBR, through random padding or whatever. > > I haven't studied the problem, but I suspect random padding > is of limited use because it averages out. Probably better > to use a fixed length codec. > > However, I think focusing on that misses the larger point: the UAC and > UAS have certain desires as expressed in the messages/SDP > To the extent to which we allow the intermediaries to change > those messages, we need to carefully analyze each instance, > and this analysis may actually depend on facts yet to be > discovered.
4474 allows intermediaries to change SDP, and re-create a new >From and a new signature. This (a) destroys end-to-end identity (which is the subject of this thread) *and* (b) allows intermediaries to perform the very downgrade attack you cited ([WBC+08]). This is why I want to improve upon 4474. -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
