Cryptology ePrint Archive: Report 2021/424

Security Analysis of SFrame

Takanori Isobe and Ryoma Ito and Kazuhiko Minematsu

Abstract: As people become more and more privacy conscious, the need for end-to-end encryption (E2EE) has become widely recognized. We study the security of SFrame, an E2EE mechanism recently proposed to IETF for video/audio group communications over the Internet. Although a quite recent project, SFrame is going to be adopted by a number of real-world applications. We inspected the original specification of SFrame. We found a critical issue that will lead to an impersonation (forgery) attack by a malicious group member with a practical complexity. We also investigated the several publicly-available SFrame implementations, and confirmed that this issue is present in these implementations.

Category / Keywords: cryptographic protocols / End-to-End Encryption SFrame Authenticated Encryption

Date: received 31 Mar 2021

Contact author: takanori isobe at ai u-hyogo ac jp, itorym@nict go jp, k-minematsu@nec com

Available format(s): PDF | BibTeX Citation

Version: 20210406:070937 (All versions of this report)

Short URL: ia.cr/2021/424


[ Cryptology ePrint archive ]