[VOIPSEC] can we use UDP for keying?
Weidong Shao
weidongshao at gmail.com
Wed Apr 19 03:21:09 CDT 2006
Of course it is possible.
In most key exchange methods, the initiator needs to wait for verification
(or response) message for mutual authentication. You can design a
retransmission mechanism if verification message is not received upon
timeout.
Other techniques include adding sequence number, cookies or nonce values in
the handshake. These values are used for anti-replay and basis for timeout
and retransmission.
A good example of this is the design of DTLS.
Weidong
On 4/18/06, Sergey Vointsev <vointsev at gmail.com> wrote:
>
> Good day everyone!
>
> And again I need your advice.
> I wonder if it is necessary to use reliable transport (TCP) for keying
> and if we use UDP how should we act in case of packet loss?
>
> Thanks. Sergey.
>
> --
> Also available for instant messaging via Google Talk.
> Need invite to Gmail? I have one for you! Just ask.
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
--
Weidong Shao
Information Security Consultant
Just another googler
http://secureminded.blogspot.com/
More information about the Voipsec
mailing list