Overview
Secure Real-time Transport Protocol (SRTP) is a security protocol for Real-time Transport Protocol (RTP), which is intended to provide replay protection, encryption, and message integrity and authentication to the RTP data in both multicast and unicast networks. In March 2004, Internet Engineer Task Force (IETF) published SRTP has RFC 3711.
It was developed by a small team of cryptographic experts from Ericsson and Cisco, IP protocol ,including Mark Baugher, David Oran, Mats Nutsland, David McGrew, Rolf Blom, Karl Norman and Elisabetta Carrara.
SRTP provides security features to both RTP and RTCP (Real Time Control Protocol). SRTCP (Secure Real Time Control Protocol) is another version of SRTP, which is also known as sister of SRTP. SRTP depends on external key management to produce initial master key. ZRTP and MIKEY are the two protocols specifically designed to be used with SRTP for this purpose.
Data flow encryption
SRTP uses AES (Advanced Encryption Standard) as the default cipher for the encryption and decryption of data flow. There are two block cipher modes defined, which allow the block cipher to be used as stream cipher –
1. F8-mode – It is a variation of output feedback mode (OFB). The default values of salt key and encryption key are the same as for AES.
2. Segmented Integer Counter mode – It is a counter mode, which allows random access to any block. The default value for the salt key is 112 bits and 128 bits for encryption key.
Message protection
SRTP uses HMAC-SHA1 (Hash-based Message Authentication Code) algorithm to authenticate the message and to protect its integrity. The HMAC is calculated over the packet payload and material from packet header, including the packet sequence number. The HMAC produces 16 bits authentication tag, which is then shortened to 32 or 80 bits. To protect a message against replay attacks, the receiver maintains the indices of the previously received messages, compares them with index of a new received message and accepts the new message only if it has not been received before.
Terms Related to SRTP
Cipher – It is an art of protecting information by encrypting it.
Block Cipher – It is a symmetric key (class of algorithm for encryption and decryption) cipher, which operates on fixed-length group of bits (called as block).
Stream Cipher – It is symmetric key cipher where bits of plaintext are merged with a pseudorandom cipher bit stream.
Replay attack – It is a type of network attack where data transmission is spitefully delayed or repeated.
MIKEY – It is an abbreviation for Multimedia Internet Keying. It is a key management protocol use with real-time applications for multimedia sessions.
Counter mode and Output feedback mode (OFB) – It is used to convert block cipher into a synchronous stream cipher.
Key – In encryption, a key specifies the transformation of plaintext into cipertext, and vice-versa during decryption.
Salt key – It is a part of key used in cryptographic algorithm.