The Secure Realtime Transport Protocol SRTP Authors David
- Slides: 18
The Secure Real-time Transport Protocol (SRTP) Author(s): David Oran 、 Rolf Blom 1
Outline • • • Introduction The format of an SRTP packet SRTP Packet Processing Conclusion Reference 2
The format of an SRTP packet 原本RTP封包 SRTP封包 4
SRTP Packet Processing • Sender: – 1. Determine which cryptographic context to use. Cryptographic context: 1. ROC (Rollover Counter) SEQ歸 0時ROC+1(16 bit) 2. s_l: SEQ最大值(receiver only) 3. The master key(s) 4. A replay list 5. Encryption algorithm(AES_CM 和 AES_F 8) 6. Authentication algorithm(預設HMA C_S H A 1) 5
SRTP Packet Processing(cont. ) – 2. Determine the index of the SRTP packet. index=216*ROC+SEQ(48 bit) SEQ: RTP封包的sequence number(16 bit) 當送出 248個封包時必須重新傳送密鑰 6
SRTP Packet Processing(cont. ) – 3. Determine the master key and master salt. 根據步驟 2推導或是MKI 指定產生master key and master salt – 4. Determine the session keys and session salt 7
SRTP Packet Processing(cont. ) – 5. Encrypt the RTP payload AES(Advanced Encryption Standard)屬於對稱性密碼 技術,加 密 鑰 匙為同一把,其優點是加解密的速度快 ,而缺點則為如何安全地讓雙方共享此一密鑰。 AES定義了兩種加密轉換模式(Encryption Transforms) a. Segmented Integer Counter Mode(AES_CM) b. F 8 Mode(AES _F 8) 8
SRTP Packet Processing(cont. ) IV =(index) XOR (salt_key) XOR(SSRC) 9
SRTP Packet Processing(cont. ) – 6. If the MKI indicator is set to one, append the MKI to the packet. – 7. Compute and append the authentication tag to the packet. • 可以藉此標籤判斷,該訊息是否來自同一持有該密鑰的發 送端所發送。 10
SRTP Packet Processing(cont. ) – 8. If necessary, update the ROC. Receiver: 1~4 the same with Sender. – 5. For message authentication and replay protection 確認packet是否replay如果是則丟棄並記錄 根據session key 確認authentication tag是否正確 11
SRTP Packet Processing(cont. ) – 6. Decrypt the Encrypted Portion of the packet – 7. Update the rollover counter and highest sequence number, s_l, in the cryptographic context – 8. remove the MKI and authentication tag 還原RTP封包 12
RTP波形圖 14
Reference • [1] RFC 3550 RTP: A Transport Protocol for Real-Time Applications. • [2] RFC 3771 The Secure Real-time Transport Protocol (SRTP) 18
- Secure real time transport protocol
- Vanderbilt srtp
- Scottish radiology transformation programme
- Realtime streaming protocol
- Real-time messaging protocol
- Secure printing protocol
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Safe secure transport
- A transport protocol for real time applications
- Internet transport protocol in computer networks
- Dns transport layer protocol
- Design goals of transport layer protocol
- Homa protocol
- Uniport symport antiport
- Primary vs secondary active transport
- Now answer the following questions