[VOIPSEC] RTP or SRTP inside UDP - how understand?
Lee Dilkie
lee_dilkie at mitel.com
Mon Mar 27 13:16:27 CST 2006
The simple answer is: "you can't". If no extra SRTP headers (footers?)
are present then the only difference is the fact that the RTP payload is
encrypted. Detecting an encrypted payload is possible, analyzing the
payload would yield a white noise spectra in the case of an SRTP stream,
but it's not particularly practical.
The more pressing question would be: if you're receiving an SRTP stream,
why don't you know about it?
Sergey Vointsev wrote:
> Greetings gentlemen!
>
> I've got a question, but Mr.Google keeps silence on it. So I think
> this maillist is the best place to ask.
> How can we determine if the packet we have is RTP or SRTP packet, i.e.
> payload is encrypted or just encoded? As I understand, they have
> absolutely the same header. The only difference is encryption and
> optional fields MKI and AUTH_TAG. Moreover, UDP hasn't got any fields
> for indicating higher lever protocol type.
> Could you please explain this moment?
>
> Thanks. Sergey.
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
More information about the Voipsec
mailing list