SIP-Tips Podcast - SRTP-Secure Real-time Transport Protocol – Voice Authentication and Encryption

June 10, 2008
SIP-Tips Podcast - SRTP-Secure Real-time Transport Protocol – Voice Authentication and Encryption 
By Thomas B. Cross – Techtionary.com
 
This tutorial is designed to help understand some of the inner workings of key issues related to SIP-Session Initiation protocol. The details of the SIP session, such as the type of media, codec, or sampling rate, are not described using SIP. Rather, a SIP message contains a description of the session, encoded in some other protocol format. One such format is the SDP-Session Description Protocol (RFC 2327).   Within the SDP message are descriptions such as Session Description Protocol Security Descriptions (SDES) for authentication and encrypted media streams used with SRTP-Secure Real-time Transport Protocol (RFC-3711). 
As shown in the animated tutorial, SRTP is referred to as a "profile" or extension of RTP/RTCP and provides security services for both protocols.   SRTP is also a "bump or shim (wedge) in the stack" referring to the OSI-Open Systems Interconnection Model implementation. That is, SRTP resides between RTP-Real-time Transport Protocol and RTCP-Real-time Transport Control Protocol found Application Layer 7 and UDP-User Datagram Protocol in Transport Layer 4. 
SRTP works by intercepting or "bumping" RTP packets and then forwards an equivalent SRTP packet on the sending side, and intercepts SRTP packets and passes an equivalent RTP packet up the stack on the receiving side.   The “key” to SRTP is the Authentication Tag and the Master Key Identifier. The Authentication Tag provides authentication of the RTP header and payload. That is, if both encryption and authentication are applied, encryption is applied before authentication on the sender side and conversely on the receiver side. The MKI-Master Key Identifier identifies the master key from which the session key(s) were derived that authenticate and/or encrypt the particular packet. SRTP uses two types of keys: session keys for the content and master keys like the lock on your door.
 
One example of authentication is MD5-Message Digest 5 which is a 128-bit "digital code." MD5 is one of many "hash" algorithms used in SSH-Secure SHell, SIP-Session Initiation Protocol, Java and other systems. Other hash algorithms include CRC-Cyclic Redundancy Check and SHA-1 Secure Hash Algorithm.    Hash comes from "corn-beef hash" or ground up beef which is created from private or public encryption creating unreadable code characters with a nonce (time stamp or other randomly generated code or word).
 
This free presentation is produced and presented by TECHtionary.com and is available in Adobe Flash (.swf), Quicktime (.mov), audio-only (.mp3) and iPod/iPhone (.mv4) formats for download at: http://www.bizcastingonline.com/educate/media/podcasts/strp for the next week.
 
 when it will be removed unless you are part of the TECHtionary dealer program where there is no expiration. Podcast tutorials, animations and online courses are free to channel partners – see terms and conditions at http://www.techtionary.com/techu/
SIP Road Show, go to: http://www.techtionary.com/sip/roadshow/ Courses are free for registered channel partners - terms and conditions apply - go here for details http://www.techtionary.com/techu/
This course is available for onsite delivery anywhere onsite, online or via webseminar. This presentation is also included in TMC University special course on Microsoft OCS-Office Communications Server at ITexpo.com. For more go here:http://www.tmcnet.com/voip/conference/west-08/tmc-university-microsoft-ocs.htm
This included in online/onsite courses SIP 2.0c and for OCS-101 Office Communications Server per person (volume and site license discounts available).   Discounts are also available to members of the SIP Forum and MS Partners for $99 per student during June. For customizing, special discounts, website animations, technical/sales training, technical writing and other services, go to http://www.techtionary.com or please call Tom Cross at 303-594-1694 or cross@gocross.com
 


See this page in TechnoratiTechnoratibook mark in del.icio.usDel.icio.usSlashdot.comSlashdotSubmit to Digg.comDigg BoingBoingBookmark in FurlFurlBookmark in SpurlSpurl

Related Tags: , , , , ,

Listed below are links to sites that reference SIP-Tips Podcast - SRTP-Secure Real-time Transport Protocol – Voice Authentication and Encryption:

Trackback Pings

TrackBack URL:
http://blog.tmcnet.com/mt3/t.fcgi/36283

Comments to SIP-Tips Podcast - SRTP-Secure Real-time Transport Protocol – Voice Authentication and Encryption


(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)