perc double ekt
play

PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio - PowerPoint PPT Presentation

PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio 1 V3 Agenda One broad open issue on how to deal with repair like packets Specifically, RTX, FlexFEC, and RED Presentation will look at range of options for each Options


  1. PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio 1 V3

  2. Agenda One broad open issue on how to deal with repair like packets Specifically, RTX, FlexFEC, and RED Presentation will look at range of options for each Options looked at includes proposal from the lite draft Exciting and awesome joint proposal from Sergio, Cullen, Emil, & Alex that none of us like and all of us can live with (ietf bumpy consensus) But first … talk about the facts everyone agrees on about what these proposal are .. 2

  3. What is “lite” ? JS Keying Encrypted Media Unencrypted SRTP DTLS-SRTP Media (E2E) (HBH) ● Lite is an approach where SRTP is tunneled inside SRTP ● The E2E SRTP is keyed by the JavaScript in the same way SRTP with SDES would be keyed ● The HBH DTLS-SRTP is keyed by normal DTLS without use of DTLS EKT Repair operations are done before HBH DTLS-SRTP but after the E2E SRTP (details on later slides) 3

  4. FlexFEC 4

  5. FlexFEC Outside of PERC Endpoint (RTP Sender) Unencrypted Unencrypted SRTP SRTP RTP packet RTP packet OR Cache Repair SRTP Cache Repair 5

  6. FlexFEC Proposals for PERC A Unencrypted SRTP-Double RTP packet SRTP Cache Repair (HBH) B Unencrypted SRTP-Double Media Distributor RTP packet can not do repair SRTP Cache Repair Double Lite Unencrypted SRTP SRTP RTP packet E2E HBH1 SRTP 6 Cache Repair (HBH2)

  7. FEC Endpoint (RTP Sender) Media Distributor (RTP Receiver) FlexFec - A Unencrypted SRTP-Double( RTP packet 1) SRTP- Decrypt Decrypt Cache FlexFec FlexFec Cache HBH(2) (HBH2) (HBH1) FlexFec - Lite Unencrypted SRTP SRTP RTP packet E2E HBH1 SRTP- Decrypt Cache FlexFec FlexFec Cache HBH2 (HBH2) 7

  8. RTX 8

  9. RTX Endpoint (RTP Sender) RTX A (Same as FEC A) Unencrypted SRTP-Double(1) RTP packet Single Cache RTX HBH2 RTX B Unencrypted SRTP-Double(1) Media Distributor RTP packet Insert new Header Extension with OSN can not do repair RTX + Cache SRTP-Double(2) OSN Ext RTX - Lite Unencrypted SRTP SRTP RTP packet E2E HBH1 SRTP- Cache RTX 9 HBH2

  10. RED 10

  11. RED - Overview Above from IETF 37 in 1996, Thank you Colin 11

  12. Redundant Encoding (RED) - Use-cases RED (H1, L0) EndPoint Media RED (H1, L0) EndPoint Distributor RED (H1, L0) EndPoint RED (H1, H0) EndPoint Media Primary Stream EndPoint (H0, then H1, ...) Distributor Primary EndPoint 12

  13. Redundant Encoding (RED) RED A (Same as FEC A) RTP Packet SRTP-Double( @ T1 1) Cache-T1 RED SRTP-HBH Cache-T0 F=1 |PT0 | TimeStamp-0 | double(Payload-0…...) | RED B F=0 |PT1 | double(Payload-1 ………....) | RTP Packet @ T1 Cache-T1 RED SRTP-Double Cache-T0 F=1 |PT0 | TimeStamp-0 | Payload-0…..) | Media Distributor can not read things inside RED packet RED Lite F=0 |PT1 | Payload-1 ……….... | RTP Packet SRTP-E2E @ T1 Cache-T1 RED SRTP-HBH Cache-T0 F=1 |PT0 | TimeStamp-0 | E2E(Payload-0…...) | F=0 |PT1 | E2E(Payload-1 ………....) | 13

  14. Proposal 14

  15. Sergio Proposal to move OHB to Payload RTP Header RTP Payload OLD ID len=1 Seq No Encrypted Media RTP Header RTP Payload NEW Encrypted Media bitfield Seq No ● Take the content of OHB and move it to a block at the start of the payload Replace length with single byte bitfield indicating which “original” fields follow in payload. ● ○ Bit 0: PT Bit 1: Seq No ○ ○ Bit 2: M flag Bit 3..6: future extensions ○ ○ Bit 7: reserved for getting more bits Add a bit that is set for a field with counter of number of E2E protected header fields ● ● Have the EKT Message in the DTLS from the Key Distributor tell the client the value of the bitfield (as conveyed by the Media Distributor) 15

  16. Proposal (part 2 of 2) ● Move the OHB information from header extension to payload (see previous slide) ● RTX, RED, and FlexFEC ordering: use the ordering described as “A” in this draft ● DTMF: Do not support the Media Distributor being able to receive DTMF (No change to current drafts) 16

  17. EKT 17

  18. EKT Issues No open issues. Add in to DTLS EKT message, the value of the bitfield value for the new Double Payload if we make the OHB -> Payload change 18

  19. Backup 19

  20. Receiver Processing Recovery Pkt. Notes HBH -double Repair - State of the art [Jennings] HBH Repair HBH - s-flag for E2E vs. HBH After E2E - Keeps unitary transform, with -double Media different output depending on Enc pt WIRE E2E MEDIA s-flag HBH - “Triple” encryption HBH - Breaks apart transform, since HBH Repair Repair repair operation has to operate Lite E2E on intermediate product Media pt WIRE HBH E2E MEDIA - State of the art [FlexFEC?] Repair Repair - Keeps unitary transform, no HBH Before -double need for s-flag E2E Enc pt Media WIRE HBH E2E MEDIA 20 Plaintext SRTP Transform Repair transform (RTX / FEC)

Recommend


More recommend