* the integrity of the entire RTP and RTCP packets, together with * the confidentiality of the RTP and RTCP payloads, and The security goals for SRTP are to ensure: Provided is actually only integrity protection and not data origin Though in some circumstances, e.g., group communication, the service With slight abuse of notation, we use the terms "messageĪuthentication" and "authentication tag" as is common practice, even In practice does leave the data in the clear). The word "encryption" includes also use of the NULL algorithm (which Significant bits of C are the bits of A, and the least significantīits of C equal the bits of B. In other words, if C = A || B, then the most We mean bitwise addition modulo 2 of binary strings, and || denotesĬoncatenation.
I.e., the left most bit (octet) is the most significant one. īy convention, the adopted representation is the network byte order, Random bits may be difficult to obtain, and for the security of SRTP, Randomly or pseudo-randomly generated values. Simplicity we use the term "random" throughout the document to denote Terminology conforms to with the following exception. "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thisĭocument are to be interpreted as described in. The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", RTP sequence number for SRTP and an index number for Secure RTCP Transforms are described, based on an additive stream cipher forĮncryption, a keyed-hash based function for message authentication,Īnd an "implicit" index for sequencing/synchronization based on the Proves to be a suitable protection for heterogeneous environments SRTP can achieve high throughput and low packet expansion. (Sections 9) for unicast and multicast RTP applications ( Section 11). WithĪppropriate key management (Sections 7 and 8), SRTP is secure Transforms to be introduced in the future ( Section 6). SRTP defines a set of defaultĬryptographic transforms (Sections 4 and 5), and it allows new SRTP provides a framework for encryption and message authentication RTCP (the Real-time Transport Control Protocol). Protection to the RTP traffic and to the control traffic for RTP, 48 Appendix A: Pseudocode for Index Determination. Interaction with Forward Error Correction mechanisms. Risks of Weak or Null Message Authentication. Short and Zero-length Message Authentication. Data Origin Authentication Considerations. Message Integrity from Universal Hashing. Message Authentication/Integrity: HMAC-SHA1. Default and mandatory-to-implement Transforms. Packet Index Determination, and ROC, s_l Update. Mapping SRTP Packets to Cryptographic Contexts. Real-time Transport Control Protocol (RTCP).ġ. Protection to the RTP traffic and to the control traffic for RTP, the (SRTP), a profile of the Real-time Transport Protocol (RTP), whichĬan provide confidentiality, message authentication, and replay This document describes the Secure Real-time Transport Protocol Distribution of this memo is unlimited.Ĭopyright (C) The Internet Society (2004).
Official Protocol Standards" (STD 1) for the standardization stateĪnd status of this protocol.
Please refer to the current edition of the "Internet Internet community, and requests discussion and suggestions for This document specifies an Internet standards track protocol for the The Secure Real-time Transport Protocol (SRTP) BaugherĬategory: Standards Track Cisco Systems, Inc. Updated by: 5506, 6904 Errata Exist Network Working Group M. RFC 3711: The Secure Real-time Transport Protocol (SRTP)
0 kommentar(er)
