[VOIPSEC] RTP packet signature

[Pankaj Shroff]

*True enough of snooping the srtp stream looking for repetition, but I'm
more
worried about pre-knowing what the first packets contain. By that I mean at
the beginning of a g711 call there is frequently a multi-second period of
silence, so the plaintext can be reasonably guessed. So since AES is in
counter mode with a reset of the IV each packet using some values sent in
the clear (ssrc + sequence num), can the salt and key be determined by a
snooper? (not in real-time, but in an hour?) Or is it still too complex?

-hadriel*
 Wouldn't the ciphertext block size have to be significantly large for the
"silence" packets for the hacker to come close to breaking the code?
 Pankaj
 --
Pankaj Shroff
shroffg at gmail.com