[kwlug-disc] Videoconference in end-to-end

[Chris Frey]

On Fri, Apr 10, 2020 at 09:55:25AM -0400, Mikalai Birukou via kwlug-disc wrote:
> Suggestion:
> 
> 1) Key distribution among participants, trust -- all of these we take from
> end-to-end encrypted text chats. Therefore, we can lean on work and advances
> done there.
> 
> 2) Stream from each participant we treat as one message broadcasted to a
> group. Have appropriate keys.
> 
> 3) Owner of the server, or user who provides server resources, randomly
> generates ids for each participant. User instructs server to allow requests
> and streams from those who provide given ids/creds. Respective ids/creds are
> distributed to participants via end-to-end encrypted messaging.
> 
> 4) Participants figure out keys for streams according to (1).

This is the step where you would create one symmetric key, and then
sign it with the public keys of all members of the conference and
send it to them.  Everyone in the conference would have access to your
uploaded stream.  Without this sharing of symmetric key, you'd have to
upload multiple streams for each member.

Otherwise, looks like a good set of suggestions.  I'm still on the learning
curve of WebRTC, so I don't know how lag and real time stream adjustments
will work in a broadcasted encrypted situation.


> As a result we have stream content that servers can't see, and servers don't
> know who participants are, in accordance with 3N principle (slides from
> September's talk:
> https://kwlug.org/sites/default/files/2019-09/mikalai-PrivacySafe.pdf ).

I missed that talk.  Thanks.  The Romeo and Juliet slide was classic. :-)
I'll have to dig deeper into 3NWeb.

- Chris