Browse Prior Art Database

The Secure Real-time Transport Protocol (SRTP) (RFC3711)

IP.com Disclosure Number: IPCOM000022360D
Original Publication Date: 2004-Mar-01
Included in the Prior Art Database: 2004-Mar-11

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Baugher: AUTHOR [+5]

Abstract

This document describes the Secure Real-time Transport Protocol (SRTP), a profile of the Real-time Transport Protocol (RTP), which can provide confidentiality, message authentication, and replay protection to the RTP traffic and to the control traffic for RTP, the Real-time Transport Control Protocol (RTCP).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group M. Baugher

Request for Comments: 3711 D. McGrew

Category: Standards Track Cisco Systems, Inc.

M. Naslund

E. Carrara

K. Norrman

Ericsson Research

March 2004

The Secure Real-time Transport Protocol (SRTP)

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

This document describes the Secure Real-time Transport Protocol

(SRTP), a profile of the Real-time Transport Protocol (RTP), which

can provide confidentiality, message authentication, and replay

protection to the RTP traffic and to the control traffic for RTP, the

Real-time Transport Control Protocol (RTCP).

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3

2. Goals and Features . . . . . . . . . . . . . . . . . . . . . . 4

2.1. Features . . . . . . . . . . . . . . . . . . . . . . . . 5

3. SRTP Framework . . . . . . . . . . . . . . . . . . . . . . . . 5

3.1. Secure RTP . . . . . . . . . . . . . . . . . . . . . . . 6

3.2. SRTP Cryptographic Contexts. . . . . . . . . . . . . . . 7

3.2.1. Transform-independent parameters . . . . . . . . 8

3.2.2. Transform-dependent parameters . . . . . . . . . 10

3.2.3. Mapping SRTP Packets to Cryptographic Contexts . 10

3.3. SRTP Packet Processing . . . . . . . . . . . . . . . . . 11

3.3.1. Packet Index Determination, and ROC, s_l Update. 13

3.3.2. Replay Protection. . . . . . . . . . . . . . . . 15

3.4. Secure RTCP . . . . . . . . . . . . . . . . . . . . . . . 15

Baugher, et al. Standards Track [Page 1]

RFC 3711 SRTP March 2004

4. Pre-Defined Cryptographic Transforms . . . . . . . . . . . . . 19

4.1. Encryption . . . . . . . . . . . . . . . . . . . . . . . 19

4.1.1. AES in Counter Mode. . . . . . . . . . . . . . . 21

4.1.2. AES in f8-mode . . . . . . . . . . . . . . . . . 22

4.1.3. NULL Cipher. . . . . . . . . . . . . . . . . . . 25

4.2. Message Authentication and Integrity . . . . . . . . . . 25

4.2.1. HMAC-SHA1. . . . . . . . . . . . . . . . . . . . 25

4.3. Key Derivation . . . . . . . . . . . . . . . . . . . . . 26

4.3.1. Key Derivation Algorithm . . . . . . . . . . . . 26

4.3.2. SRTCP Key Derivation . . . . . . . . . . . . . . 28

4.3.3. AES-CM PRF . . . . . . . . . . . . . . . . . . . 28

5. Default and mandatory-to-implement Transforms. . . . . . . . . 28

5.1. Encryption: AES-CM and NULL. . . . . . . . . . . . . . . 29

5.2. Message Authentication/Integrity: HMAC-SHA1. . . . . . . 29

5.3. Key Derivation: AES-CM PRF . . . . . . . . . . . . . . . 29

6. Adding SRTP Transforms . . . . . . . . . . . . . . . . . . . . 29

7. Rationale. . . . . . . . . . . ....