[VOIPSEC] Secure Real-time Transport Protocol (SRTP)
rgm at icsalabs.com
Thu Mar 24 14:54:02 GMT 2005
At 06:02 PM 3/23/2005, Pbt wrote:
> > Sometimes there can be an overlap between layers in the nature of security
> > offered. But, for example, if you look at my tunneling methods, layer 3
> > security of IPsec would not protect likely the RTP connection
>So, what kind of tunneling do you use ?
I use so many different tunneling technologies It is part of my job. Part
of my CV is that I co-chaired teh IPsec workgroup. I started the first
work on CTR mode for IPsec and SRTP, and when I was ill, others filled in
the gap (Steve Kent and I and a few others really debated formats; fun had
all around kind of thing).
>IPSec can easily protect RTP (and other flows you want : by example
>defining them properly in your racoon conf or other implementations
>allowing port/proto/host selection). Its main lack is its bandwidth
Problem is that IPsec has no API. We had one from NRL, but it went
nowhere. So how does the app know there is protection? Also there are too
many network architectures where IPsec will let you down. So I still favor
SRTP for VoIP. If you are running a soft phone this could be very
important. And even a hard phone does not know what the communicating
party's situation is.
I was once in the camp of IPsec for everything. I left that long ago. I
am rather upset that Better than Nothing Security got ran over by the IPsec
bullies. But in MAY just give us that API I mentioned early. Joe Touch is
not such a pushover.
>In fact, you can choose BETWEEN an IPSec solution, or in another one
>(often more complex to deploy).
Part of the reason I would go wiht SRTP. It is reality ease to set policy
for SRTP. To set the PDB of IPsec is a real challenge; particularly with
no way for the app to learn the policy or influence it.
>If you choose a solution based on SRTP (cyphered payload, algorithm &
>MKI), you'll have to find a good key exchange protocol (as MiKEY :
>Multimedia Internet Keyring) replacing IKE by example for IPSec.
>Used with SIP (which encapsulates MiKEY), you will need to use TLS then.
>DNS transactions (SRV & A requests) should also be secured with DNSSEC..
I really need to go back and look at MiKEY.
For all that I have implied about IPsec, IKEv2 is a powerful protocol and
is self protecting. It follows the SIGMA provably secure protocol. You
would only need encapsulation, not protoection. Of course this practically
imposes x.509 certs for the clients.
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
E: rgm at icsalabs.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
More information about the Voipsec