From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Thu, 2 Feb 95 08:18:34 PST
To: mcip@mcfeeley.cc.utexas.edu
Subject: Video encryption & QTC
Message-ID: <199502021617.AA27746@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[ for cypherpunks: Apple's now beta testing a video conferencing
product called QuickTime Conferencing, or QTC. The Mac crypto
interface list (mcip@feeley.cc.utexas.edu) started a discussion on
video encryption, hence this crosspost. Feel free to chime in. ]

Here are a couple of additional things to consider.

This is a pretty classic application for stream ciphers. Since QTC is
transport-independent (and I'd bet it's using OpenTransport calls,
too), I'm assuming that QTC is using streams for video data, and that
any packetization happens at the transport layer. Just before you call
UDPSend(), ATPSend(), or whatever, just whack that outgoing block
through the crypto function and off you go.

As mentioned, RC4 might be a good choice. It's fast, plus Apple's
already licensed it. It probably provides adequate tactical security,
but as Adam pointed out, it has not been well analyzed in the open
literature. However, there are many other stream ciphers out there:
Diamond, Blowfish, RC5, etc. My gut feel is that RC4 is probably
adequately secure with a 128-bit key; then Apple can dumb down to 40
bits for export approval. After all, they're not likely to build a
product which they can't export.

What about using a PCMCIA card like the National Semi Persona 100? It
includes RSA signatures & verification, Diffie-Hellman key exchange (I
think) and single DES; future versions will include 3DES and IDEA.
Hardware encryption is fast, fast, fast. Don't forget AT&T's recent
announcement of a similar product which does 3DES.

One MCIP reader proposed just using PGP: RSA the session key and send
it along. IMHO Diffie-Hellman is a better way to do this. Rather than
using the PGP metaphor, where RSAing the session key allows you to
send the session key as part of the message, DH allows you to
establish the session key over an insecure channel, then start sending
messages.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
                  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzEFkKfb4pLe9tolAQEtEAP/bxEHw+fwPaJJPyHaRRtuZqlxmzvEyD+w
5cmB9c75gzkY9SpSSLkbtawwUjCCiKynMAX76uSRaDRkVeTILelJ3gvdguRMS3Id
MYQI162mPvCN+lTvsMoXVJAdZzC14WE9JE0t9FC+ovYE8M+/yZ16EGEnvtWbnNYQ
pO8GkvNpR+g=
=n3fX
-----END PGP SIGNATURE-----