[VOIPSEC] Key Negotiation for SRTP

Dan Wing dwing at cisco.com
Fri Aug 26 19:05:07 PDT 2005


...
> So my bottom line of this discussion so far is (for someone 
> who wants to implement this in a few MB):
> 
> 1. Implement SRTP
> 
> 2. Put the keys for SRTP in the SDP, probably with the 
> a=crypto line(s)
> 
> 3. Use either TLS or S/MIME to make the key exchange secure/private.
> 
> Even if someone uses an insecure transport protocol for sending the
> keys, that's a start. At least it does not reduce the security level.
> Hey lets think a little bit strategically here. Lure the implementors
> with SRTP and the crypto line, cuz that can be done relatively easily.
> Then step number three will come automatically later. Jumping over the
> mikey wall right from the beginning seems to be pretty hard to me. And
> in the end everybody has to implement TLS anyway.

I don't believe any standards organization would approve a recommendation
for implementors to do (2) -- send encryption keys over an unencrypted
channel.

> Having several conflicting proposals is not a good situation. 
> It will help those people who want to see SIP dead.

I honestly don't know how to reduce this set of conflicting proposals:

  1. Security Descriptions (draft-ietf-mmusic-sdescriptions)
  2. MIKEY with null encryptor (RFC3830)
  3. MIKEY with pre-shared keys (RFC3830) 
  4. MIKEY with RSA (public key) (RFC3830) 
  5. MIKEY with DH (RFC3830)
  6. MIKEY with DHHMAC (draft-ietf-msec-mikey-dhhmac)
  7. MIKEY with ECIES (draft-ietf-msec-mikey-ecc)
  8. MIKEY with ECMQV (draft-ietf-msec-mikey-ecc)
  9. MIKEY with RSA-R (draft-ietf-msec-mikey-rsa-r)

-d




More information about the Voipsec mailing list