PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio - - PowerPoint PPT Presentation

perc double ekt
SMART_READER_LITE
LIVE PREVIEW

PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio - - PowerPoint PPT Presentation

Nov 23, 2023 45 likes •248 views

PERC: Double + EKT IETF 99, July 2017, Prague - Cullen & Sergio 1 V3 Agenda One broad open issue on how to deal with repair like packets Specifically, RTX, FlexFEC, and RED Presentation will look at range of options for each Options

slide-1
SLIDE 1
  • Cullen & Sergio

IETF 99, July 2017, Prague

1

PERC: Double + EKT

V3

slide-2
SLIDE 2

Agenda

One broad open issue on how to deal with repair like packets Specifically, RTX, FlexFEC, and RED Presentation will look at range of options for each Options looked at includes proposal from the lite draft Exciting and awesome joint proposal from Sergio, Cullen, Emil, & Alex that none of us like and all of us can live with (ietf bumpy consensus) But first … talk about the facts everyone agrees on about what these proposal are ..

2

slide-3
SLIDE 3

What is “lite” ?

3

  • Lite is an approach where SRTP is tunneled inside SRTP
  • The E2E SRTP is keyed by the JavaScript in the same way SRTP with

SDES would be keyed

  • The HBH DTLS-SRTP is keyed by normal DTLS without use of DTLS

EKT Repair operations are done before HBH DTLS-SRTP but after the E2E SRTP (details on later slides)

SRTP (E2E) Unencrypted Media

JS Keying

DTLS-SRTP (HBH)

Encrypted Media

slide-4
SLIDE 4

FlexFEC

4

slide-5
SLIDE 5

Endpoint (RTP Sender)

SRTP Unencrypted RTP packet SRTP Repair Cache

FlexFEC Outside of PERC

SRTP Unencrypted RTP packet Repair Cache

OR

5

slide-6
SLIDE 6

SRTP-Double Unencrypted RTP packet Cache Repair SRTP (HBH)

A

FlexFEC Proposals for PERC

Unencrypted RTP packet Cache Repair SRTP (HBH2)

Lite

SRTP-Double Unencrypted RTP packet Cache Repair SRTP Double

B Media Distributor can not do repair

6 SRTP E2E SRTP HBH1

slide-7
SLIDE 7

SRTP E2E Unencrypted RTP packet Cache FlexFec SRTP- HBH2

FlexFec - Lite

FEC

SRTP-Double( 1) Unencrypted RTP packet Cache FlexFec SRTP- HBH(2)

FlexFec - A

SRTP HBH1

Endpoint (RTP Sender) Media Distributor (RTP Receiver)

Decrypt (HBH2) Decrypt (HBH2) Decrypt (HBH1) Cache Cache FlexFec FlexFec 7

slide-8
SLIDE 8

RTX

8

slide-9
SLIDE 9

Endpoint (RTP Sender)

SRTP-Double(1) Unencrypted RTP packet Cache RTX Single HBH2

RTX A (Same as FEC A)

RTX

SRTP-Double(1) Unencrypted RTP packet Cache RTX + OSN Ext

RTX B

SRTP-Double(2)

Insert new Header Extension with OSN

Unencrypted RTP packet Cache RTX SRTP- HBH2

RTX - Lite

9 SRTP E2E SRTP HBH1

Media Distributor can not do repair

slide-10
SLIDE 10

RED

10

slide-11
SLIDE 11

RED - Overview

Above from IETF 37 in 1996, Thank you Colin

11

slide-12
SLIDE 12

Redundant Encoding (RED) - Use-cases

EndPoint Media Distributor

RED (H1, L0)

EndPoint EndPoint EndPoint Media Distributor

Primary Stream (H0, then H1, ...)

EndPoint EndPoint

Primary RED (H1, H0)

RED (H1, L0) RED (H1, L0)

12

slide-13
SLIDE 13

SRTP-Double( 1) RTP Packet @ T1 Cache-T1

Redundant Encoding (RED)

Cache-T0 RED

F=1 |PT0 | TimeStamp-0 | double(Payload-0…...)| F=0 |PT1 | double(Payload-1 ………....)|

SRTP-HBH

RED A (Same as FEC A)

RTP Packet @ T1 Cache-T1 Cache-T0 RED

F=1 |PT0 | TimeStamp-0 | Payload-0…..)| F=0 |PT1 | Payload-1 ………....|

SRTP-Double

RED B Media Distributor can not read things inside RED packet

SRTP-E2E RTP Packet @ T1 Cache-T1 Cache-T0 RED

F=1 |PT0 | TimeStamp-0 | E2E(Payload-0…...)| F=0 |PT1 | E2E(Payload-1 ………....)|

SRTP-HBH

RED Lite

13

slide-14
SLIDE 14

Proposal

14

slide-15
SLIDE 15
  • Take the content of OHB and move it to a block at the start of the payload
  • Replace length with single byte bitfield indicating which “original” fields follow in payload.

○ Bit 0: PT ○ Bit 1: Seq No ○ Bit 2: M flag ○ Bit 3..6: future extensions ○ Bit 7: reserved for getting more bits

  • Add a bit that is set for a field with counter of number of E2E protected header fields
  • Have the EKT Message in the DTLS from the Key Distributor tell the client the value of the bitfield

(as conveyed by the Media Distributor)

15

ID len=1 Seq No Encrypted Media OLD

RTP Header

NEW

RTP Payload

Encrypted Media

RTP Header RTP Payload

bitfield Seq No

Sergio Proposal to move OHB to Payload

slide-16
SLIDE 16

Proposal (part 2 of 2)

  • Move the OHB information from header extension to payload (see previous slide)
  • RTX, RED, and FlexFEC ordering: use the ordering described as “A” in this draft
  • DTMF: Do not support the Media Distributor being able to receive DTMF (No change to current

drafts)

16

slide-17
SLIDE 17

EKT

17

slide-18
SLIDE 18

EKT Issues

No open issues. Add in to DTLS EKT message, the value of the bitfield value for the new Double Payload if we make the OHB -> Payload change

18

slide-19
SLIDE 19

Backup

19

slide-20
SLIDE 20

After Enc

Lite

Before Enc

  • State of the art [Jennings]
  • s-flag for E2E vs. HBH
  • Keeps unitary transform, with

different output depending on s-flag

  • “Triple” encryption
  • State of the art [FlexFEC?]
  • Keeps unitary transform, no

need for s-flag

Receiver Processing Recovery Pkt. Notes

HBH E2E Repair WIRE MEDIA

Media E2E Repair HBH

HBH E2E Repair WIRE MEDIA

Media E2E HBH Repair HBH

Repair HBH E2E WIRE MEDIA

pt

  • Breaks apart transform, since

repair operation has to operate

  • n intermediate product
  • double

Media E2E HBH Repair Plaintext SRTP Transform Repair transform (RTX / FEC)

pt

HBH

pt

HBH

  • double
  • double

20