[VOIPSEC] Key Negotiation for SRTP (Ahmar Ghaffar)
Johnston, Alan
alan.johnston at mci.com
Tue Aug 30 11:21:21 CDT 2005
<snip>
> It's like Waiting for Godot. Phil Zimmerman has an alternative
> approach that does not require one. That's yet another way to key
> SRTP, however.
>
Hi Mark,
Phil Zimmermann's Zfone approach is quite different from MIKEY or SDES
in that it doesn't even use the SIP signaling path for key management.
Instead, it does a DH exchange in RTP extension headers, much the same
way that secure PSTN phones work today, using only the media path. To
protect against a man-in-the-middle attack, a voice authentication
digest is used. In addition, previous shared secrets are cached and
used as input to generate a session key.
With this approach, no PKI is needed, and all the ugly backwards
compatibility issues that Andy mentioned (which are really, really bad
IMHO) are avoided. At the start of each call, the DH exchange is
attempted - if it succeeds, both parties switch to SRTP using the
session key and the users are informed that the session is now secure.
If no, the call proceeds with RTP as normal.
Thanks,
Alan Johnston
sip:alan at sipstation.com
> Mark
> >
> >
> >
More information about the Voipsec
mailing list