[sip-comm-dev] SRTP status update


#1

Hi all,

After gsoc mid-term evaluation, here is the current status of SRTP
implementation:

1.In summary, SRTP related coding work is done 70%-80%. By mid-term
evaluation, we had a working SRTP impl. And now I added HMC SHA1
authentication code. (see attachment for updated code pkg)
2.The left works are f8 encryption mode impl (in progress) and replay
checking. I believe the first one could be finished in this week and
the latter one could be finished around 8.10.
3.And there are documentation work. I will start writing now. First I
used omondo free edition to generate the class diagram of my work. It
will give both the reader and myself a big picture of the code. Later
I will update this class diagram as the code evolves and write
description / explanation of the whole work and each individual part.

If you want to know the detailed progress and plan, please have a look
at the RoadMap of my gsoc work:
http://www.sip-communicator.org/index.php/Development/RoadmapSuBing.
:wink:

Best regards,
Su

media.zip (26.3 KB)


#2

Su,

just an idea here: if time is running out then I would propose to
implement f8 mode as a 2nd priority. AFAIK this mode is rarely used
in SRTP implementations, in fact I've never found a SRTP that
implements it. In the GNU ccRTP implementation it exists only
because I was "in the mood to implment it" :slight_smile: .

Regards,
Werner

Bing Su wrote:

···

Hi all,

After gsoc mid-term evaluation, here is the current status of SRTP
implementation:

1.In summary, SRTP related coding work is done 70%-80%. By mid-term
evaluation, we had a working SRTP impl. And now I added HMC SHA1
authentication code. (see attachment for updated code pkg)
2.The left works are f8 encryption mode impl (in progress) and replay
checking. I believe the first one could be finished in this week and
the latter one could be finished around 8.10.
3.And there are documentation work. I will start writing now. First I
used omondo free edition to generate the class diagram of my work. It
will give both the reader and myself a big picture of the code. Later
I will update this class diagram as the code evolves and write
description / explanation of the whole work and each individual part.

If you want to know the detailed progress and plan, please have a look
at the RoadMap of my gsoc work:
http://www.sip-communicator.org/index.php/Development/RoadmapSuBing.
:wink:

Best regards,
Su

------------------------------------------------------------------------

------------------------------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#3

Hi Su,

After gsoc mid-term evaluation, here is the current status of SRTP
implementation

Thanks for this update! See my comments inline.

1.In summary, SRTP related coding work is done 70%-80%. By mid-term
evaluation, we had a working SRTP impl. And now I added HMC SHA1
authentication code. (see attachment for updated code pkg)

I had some problem testing your code, but it seems that it is related to my test computer settings (actually I couldn't even establish a call with the original sip-communicator sources). I'll try again when I'll have more time to investigate the problem.

2.The left works are f8 encryption mode impl (in progress) and replay
checking. I believe the first one could be finished in this week and
the latter one could be finished around 8.10.

Sounds good! As Werner said in another mail, it may not be necessary to spend too much time on the f8 mode implementation. But if you are near from completing it, feel free to go on! (it'll be interesting to test it against ccRTP f8's implementation).

3.And there are documentation work. I will start writing now. First I
used omondo free edition to generate the class diagram of my work. It
will give both the reader and myself a big picture of the code. Later
I will update this class diagram as the code evolves and write
description / explanation of the whole work and each individual part.

Good! Don't forget to add Javadoc comments in your code. This is very important for potential people that will go on working on your code.

If you want to know the detailed progress and plan, please have a look
at the RoadMap of my gsoc work:
http://www.sip-communicator.org/index.php/Development/RoadmapSuBing.
:wink:

The GSoC program timeline says that student have to upload their code on code.google.com/hosting on August 20th. I'd then suggest to finish your current tasks (f8, replay checking), and clean up the code (add the javadoc documentation, etc.) to be ready by August 20th.

About the Key management protocol, do you think you'd have time to perform step 1. and 2. (namely Survey key management protocols & Choose a protocol based on discussion with mentors) after August 20th? I think the implementation may not be possible within GSoC, so it may be better to concentrate on the SRTP base implementation instead.

Cheers,

···

On 2007/08/01, at 2:57, Bing Su wrote:

--
Romain KUNTZ
kuntz@lsiit.u-strasbg.fr
Louis Pasteur University - Networks and Protocols Team

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#4

Hi Romain,

Sorry for the delay of replying your mail. :slight_smile:

Here's my recent status:
1. F8 mode encryption and replay attach check related coding work are
done. But test is not finished.
2. I did some code cleanup, renamed some variable name to make single
line a little shorter
. (Wrapping makes the code not so easy to read.)
3. I refactored SRTPCipher class into one interface (SRTPCipher) and
two impl classes SRTPCipherF8 and SRTPCipherCTR, which handles F8 mode
and Counter mode encryption respectively. Common AES related operation
are moved to AESCipher class.

Next, according to your suggestion, I will do the following things:
1. Test the code written recently. When I believe they have no
problem, I will post a source code update.
2. Add javadoc documentation to the classes I wrote.
3. Update the class diagram. Write explanation documentation.

As pointed out by your last mail, students will submit their code to
google by Aug 20th. I believe those work can be done by then. :slight_smile:

And about the key management protocol, l agree with you. Let's focus
first on SRTP before Aug 20th and then start with the survey and
protocol choosing work. :slight_smile:

Best wishes,
Su

···

On 8/3/07, Romain KUNTZ <kuntz@clarinet.u-strasbg.fr> wrote:

Hi Su,

On 2007/08/01, at 2:57, Bing Su wrote:
> After gsoc mid-term evaluation, here is the current status of SRTP
> implementation

Thanks for this update! See my comments inline.

> 1.In summary, SRTP related coding work is done 70%-80%. By mid-term
> evaluation, we had a working SRTP impl. And now I added HMC SHA1
> authentication code. (see attachment for updated code pkg)

I had some problem testing your code, but it seems that it is related
to my test computer settings (actually I couldn't even establish a
call with the original sip-communicator sources). I'll try again when
I'll have more time to investigate the problem.

> 2.The left works are f8 encryption mode impl (in progress) and replay
> checking. I believe the first one could be finished in this week and
> the latter one could be finished around 8.10.

Sounds good! As Werner said in another mail, it may not be necessary
to spend too much time on the f8 mode implementation. But if you are
near from completing it, feel free to go on! (it'll be interesting to
test it against ccRTP f8's implementation).

> 3.And there are documentation work. I will start writing now. First I
> used omondo free edition to generate the class diagram of my work. It
> will give both the reader and myself a big picture of the code. Later
> I will update this class diagram as the code evolves and write
> description / explanation of the whole work and each individual part.

Good! Don't forget to add Javadoc comments in your code. This is very
important for potential people that will go on working on your code.

> If you want to know the detailed progress and plan, please have a look
> at the RoadMap of my gsoc work:
> http://www.sip-communicator.org/index.php/Development/RoadmapSuBing.
> :wink:

The GSoC program timeline says that student have to upload their code
on code.google.com/hosting on August 20th. I'd then suggest to finish
your current tasks (f8, replay checking), and clean up the code (add
the javadoc documentation, etc.) to be ready by August 20th.

About the Key management protocol, do you think you'd have time to
perform step 1. and 2. (namely Survey key management protocols &
Choose a protocol based on discussion with mentors) after August
20th? I think the implementation may not be possible within GSoC, so
it may be better to concentrate on the SRTP base implementation instead.

Cheers,

--
Romain KUNTZ
kuntz@lsiit.u-strasbg.fr
Louis Pasteur University - Networks and Protocols Team

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#5

Hi Su,

Here's my recent status:
1. F8 mode encryption and replay attach check related coding work are
done. But test is not finished.

Ok that's great!

2. I did some code cleanup, renamed some variable name to make single
line a little shorter. (Wrapping makes the code not so easy to read.)
3. I refactored SRTPCipher class into one interface (SRTPCipher) and
two impl classes SRTPCipherF8 and SRTPCipherCTR, which handles F8 mode
and Counter mode encryption respectively. Common AES related operation
are moved to AESCipher class.

Ok.

Next, according to your suggestion, I will do the following things:
1. Test the code written recently. When I believe they have no
problem, I will post a source code update.

Ok. Would it be possible for you to post the code by Friday this week? This would give me a few days to look and test it before we upload it on the google server.

2. Add javadoc documentation to the classes I wrote.
3. Update the class diagram. Write explanation documentation.

Ok. Note that the javadoc documentation is the most important. The explanation report can be short (1 or 2 pages to explain the content and functionalities of each package is enough).

And about the key management protocol, l agree with you. Let's focus
first on SRTP before Aug 20th and then start with the survey and
protocol choosing work. :slight_smile:

Ok, let's discuss that at the beginning of next week.

Thanks!
romain

···

On 2007/08/08, at 4:35, Bing Su wrote:

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net