[Cryptography] NSA security guidelines for videoconferencing

Phillip Hallam-Baker phill at hallambaker.com
Mon May 4 22:11:27 EDT 2020

On Mon, May 4, 2020 at 2:24 AM Whitfield Diffie <whitfield.diffie at gmail.com>

> BW> Unless the algorithm is rot0 or the user is a savant, some
> software is being trusted. And I doubt
> BW> that even a savant could handle video encryption at frame rate.
>     This is a different sort of objection and surprises me.  It is a
> factual question; does somebody have the facts?
>                           Whit

Since I regularly stream HD video over an IPSEC VPN using AES, my hardware
can clearly keep up.

There are issues that probably need to be considered though. If you want
the video to look good over a jerky connection, you need to be able to drop
frames so you can catch up. Or switch to a different resolution, etc. etc.

So the approach I think we are going to want is not full hard boiled end to
end encryption but a sequence of encrypted frames so that the reflector has
sufficient metadata to intelligently manage the video but no access to the

And for a full solution, I would want the client to have the option to send
a low res stream on a best effort basis and then forward the full HD stream
when it can.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200504/4b0122b2/attachment.htm>

More information about the cryptography mailing list