Posts Tagged ‘technology’

SRTP – Secure RTP

Sunday, March 7th, 2010

SRTP is an encrypted version of RTP. It also includes SRTCP, which is the secure version of RTCP. This protocol assumes that a key exchange already happened in another protocol, like SIP/SDP offer/answer or another mechanism, like SIP/SDES. Assuming that both ends have an encryption key, SRTP will provide confidentiality, message authentication and replay protection.

From RFC 3711:

“SRTP provides a framework for encryption and message authentication of RTP and RTCP streams (Section 3). SRTP defines a set of default cryptographic transforms (Sections 4 and 5), and it allows new transforms to be introduced in the future (Section 6). With appropriate key management (Sections 7 and 8), SRTP is secure (Sections 9) for unicast and multicast RTP applications (Section 11).

SRTP can achieve high throughput and low packet expansion. SRTP proves to be a suitable protection for heterogeneous environments (mix of wired and wireless networks). To get such features, default transforms are described, based on an additive stream cipher for encryption, a keyed-hash based function for message authentication, and an “implicit” index for sequencing/synchronization based on the RTP sequence number for SRTP and an index number for Secure RTCP (SRTCP).”

Key exchange in SIP/SRTP calls

There are multiple ways to handle key exchange.

  • MIKEY, Multimedia Internet Keying, RFC 3830, supports pre-shared keys, PKI-supported key exchange and a few other mechanisms.
  • SDES, key exchange using SDP, RFC 4568, assumes protection of the signalling by TLS
  • Using DTLS/UDP for key exchange using the same mechanism as TLS/TCP is the IETF recommendation (see this the SRTP/DTLS draft which will be published as RFC 5763)

Links:

Related posts

Tags: , , , , ,
Posted in | No Comments »

SIMPLE :: IM and Presence

Friday, March 5th, 2010

Jonathan Rosenberg describes SIMPLE like this:

SIMPLE, which stands for SIP for Instant Messaging and Presence Leveraging Extensions, is a clearly contrived acronym that describes a body of work going on in the Internet Engineering Task Force (IETF). This body of work builds upon the Session Initiation Protocol (SIP), used for multimedia communication signaling over IP networks, adding presence and instant messaging (IM) functionality.Adding presence and IM to SIP was a natural extension of the technology. Indeed, the primary value proposition of SIMPLE is that presence and IM become just additional components in an overall communications system that allows voice, video, application sharing, and messaging, all of which are linked by presence. In the SIMPLE model, presence is much more than IM: it’s about a user’s willingness, ability and desire to communicate across all different kinds of media types, devices, and places. Before a user makes any kind of communication attempt with SIP — whether its to set up a voice-over-IP call, a video conference, or an IM chat — presence indicates the willingness of the recipients to participate in that session. Furthermore, in the SIMPLE model, IM is not something distinct from voice or video. Rather, IM is just another type of media that users can use to communicate. As a result of that view, all of the breadth of SIP’s capabilities — conferencing, third-party call control, call features, security, and so on — can all be directly applied to IM as well as voice and video.

Links

Related posts

Tags: , , , ,
Posted in | No Comments »

Discover SIP!

Friday, March 5th, 2010

In this category, you can find a number of pages with short introductions to SIP and related technology. Check the links on the right hand side of this page!

Related posts

Tags: ,
Posted in | No Comments »