Looking Further into the Security of End-to-End Encryption of SFrame

Abstract

The global outbreak of COVID-19 has rapidly increased the use of video conferencing systems, highlighting the importance of end-to-end encryption (E2EE) technology for protecting user privacy. This paper analyzes the security of SFrame, an E2EE technology used in Cisco Webex and similar systems. Specifically, we assess the security of SFrame as described in two versions published by the IETF: an older version known as draft-omara-sframe-01 and the latest version at the time of writing this paper, draft-ietf-sframe-enc-03. The draft-omara-sframe-01 had signature vulnerabilities pointed out by Isobe et al., and the draft-ietf-sframe-enc-03 includes updates addressing these issues. First, we analyze the older version of SFrame, draft-omara-sframe-01, and propose new attacks that allows us to manipulate more plaintext than the attacks identified by Isobe et al. Next, we study the latest version, draft-ietf-sframe-enc-03, showing that many of the attacks proposed by Isobe et al. and our new attacks are still effective against this latest version, even when it uses the same signature process as the older version.