Paper 2021/424

Security Analysis of SFrame

Takanori Isobe, University of Hyogo
Ryoma Ito, National Institute of Information and Communications Technology
Kazuhiko Minematsu, NEC (Japan)
Abstract

Increasing privacy consciousness has popularized the use of end-to-end encryption (E2EE). In this paper, we discuss the security of SFrame, an E2EE mechanism proposed to the Internet Engineering Task Force for video/audio group communications over the Internet. Despite being a quite recent project, SFrame has been deployed in several real-world applications. The original specification of SFrame is evaluated herein to find critical issues that can cause impersonation (forgery) attacks with a practical complexity by a malicious group member. Further investigations have revealed that these issues are present in several publicly available SFrame implementations. Therefore, we provide several countermeasures against all the proposed attacks and considerations from performance and security perspectives toward their implementation.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ESORICS 2021
Keywords
End-to-End EncryptionSFrameAuthenticated EncryptionSignatureImpersonation
Contact author(s)
takanori isobe @ ai u-hyogo ac jp
itorym @ nict go jp
k-minematsu @ nec com
History
2024-12-23: last of 3 revisions
2021-04-06: received
See all versions
Short URL
https://ia.cr/2021/424
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/424,
      author = {Takanori Isobe and Ryoma Ito and Kazuhiko Minematsu},
      title = {Security Analysis of {SFrame}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/424},
      year = {2021},
      url = {https://eprint.iacr.org/2021/424}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.