Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SDES is a method to pass encryption keys through standard SDP.  Customers are looking to be able to encrypt media on SIP and standard VoIP networks. This feature will support securiting the fax media stream when using G.711 mode.  It does not cover secure T.38 media and secure call-control (SIP over TLS).

Introduction

This document provides a high-level technical description of the customer request for adding support for SRTP for G.711 on the SR140.  This document will cover SDES SRTP as defined by RFC 4568 : ‘Session Description Protocol (SDP) Security Descriptions for Media Streams’ to PowerMedia XMS.  SDES (Session Description Protocol Security Descriptions for Media Streams) is a key exchange mechanism used to negotiate encryption of VoIP sessions using Secure RTP (SRTP), defined by RFC 3711: ‘The Secure Real-time Transport Protocol (SRTP)’.

This feature covers the addition of SDES for key exchange for establishment of SRTP on PowerMedia XMS.  Data security protocols such as SRTP rely upon a separate key management system to securely establish encryption and/or authentication keys.  The key exchange mechanism commonly used in VoIP sessions is called SDES (Security Descriptions for Media Streams).  Using SDES the SRTP keys are negotiated in the SDP of the offer/answer model of a SIP exchange, using an SDP attribute called “crypto” which provides the cryptographic parameters of the requested media stream and other parameters that can be used to configure the SRTP media stream. 

The use of SDES to exchange the keys is not a secure method, since the crypto key is transferred in the SDP as plain text string.  The SDP “crypto” security description is normally used where IPsec, TLS, or some other encapsulating data-security protocol protects the SDP message.  SIP layer security between SIP Client and SIP Server, such as SIP TLS will be required by some customers to use SDES.  However, this document focuses only on the SDES key exchange to establish the Secure RTP session. 

Assumptions

    • Forward Error Correction (FEC) is not required.
    • On SDES offer, the SR140 will support only one crypto attribute per media type.  If more than 1 crypto attribute is offered, the SR140 needs to be ready to figure out which crypto attribute was accepted.
    • SIP security preconditions (sprecon) will not be supported

Requirements

 
#TitleImportanceNotes
1SHALL support SDES (RFC4568) key exchange to establish SRTP (RFC3711) Media streams
2SHALL support SDES-SRTP with or without SIP TLS session establishment.   
3 SHALL support SDP 'crypto' attribute to exchange SDES-SRTP encryption keys.  
4SHALL support the following crypto suites:
  • AES_CM_128_HMAC_SHA1_80 (Default)
  • AES_CM_128_HMAC_SHA1_32
  
5SHALL support the key-method 'inline' for crypto SDP attribute:
“inline:” <key||salt> [“|”lifetime] [“|” MKI “:” length] 
 - key || salt – concatenated master key and salt, base64 encoded
 - Lifetime – masterkey lifetime (max number of SRTP or SRTCP packets using this master key)
 - MKI:length – MKI and length of the MKI field in SRTP packets
 By default this should be forever or the largest possible value. The lifetime paramter should be configurable.
6SHALL support key timeouts and refresh as specified by RFC4568 and key exchange parameters  
7

Configuration Parameters. The configuration parameters for SRTP SHALL be contained within its own configuration file. The callctrl.cfg SHALL define a parameter to state if SRTP is enabled and the location of the configuration file.

  
8The parsing of the configuration parameters SHALL be present in the ecc.log file.  
9

Lifetime: this value determines the maximum number of SRTP/SRTCP packets that can be recieved using the master key selected for the session.
The default value shall be set at 2147483648 (equavilent to 2^31)

  
10

Accept: this is a boolean value that enable processing of SDPs with crypto-attributes. note that if an ingress message (i.e. INVITE) contains SDP without crypto-attributes, the system shall still process the request. When "Disabled", messages with crypto-attributes are rejected.
Default value shall be "Enabled"

  
11

Number of Keys: this is an integer value that specifies the number of keys to use in the key rotation refresh.
Default value shall be 1
Range: 1-10

 Checking on need to support multiple crypto keys.
12

Window Size Hint: this is an integer value that sets the SRTP window size to protect against replay attacks.
Default value shall be 64
Range: 64- 2147483648 (equavilent to 2^31)

 Not sure about the Window Hint, but I think this is pretty standard. May already be supported.
13

Enforce: this is a boolean value that enable/disable mandatory enforcement of ingress calls to contain crypto-attributes. The system shall reject all calls that do NOT contain crypto-attributes in the SDP media lines.
Default value shall be "Disabled"

  
14

Unencrypted SRTP: this is a boolean value that enable/disables receiving unencrypted SRTP packet payloads.
Default value shall be "Disabled"

  
15

Unencrypted SRTCP: this is a boolean value that enable/disables receiving unencrypted SRTCP packet payloads.
Default value shall be "Disabled"

  
16Use Case 1: SIP Invite with SDES - SR140 SHALL support receiving SDES in a receive call.  SIP Invite has Offer SDP with EP 'crypto' attribute.  SR140 answers with crypto to establish the SRTP session.  
717Use Case 2: SIP Invite with SDES - SR140 SHALL support sending SDES in a send call.  SIP Invite has SDP with EP 'crypto' attribute.    
818

SRTP supported on by a single license keywork (Security). This keyword enables SRTP functionality on a per system basis.

Add on part will need to be defined to add security to an existing SR140 deployment.  This part will be added to the back office for normal order processing and will allow the end user to activate a security LAC via the current methods.

The SR140 base feature license will not include Security support. Added support MUST require a seperate add-on LAC for security.

 Part #951-105-20
919COO Will need to be updated with changes to include the updated IPP (version 8.2.x) into the product. Will be required for both Windows and Linux.  

...

User interaction and design

...

...

SDES SRTP

...

 

 

...

Usage

The SDES “a=crypto” attribute is used in the Offer/Answer model, defined in RFC3264, to establish secure unicast RTP streams. To establish the SRTP session, the SIP Offer contains one or more crypto attributes, each with a unique tag.  The crypto attribute only appears at the SDP media level, under the associated m= media line (not at the session level).  The crypto field describes the cryptographic suite, key parameters and session parameters for the media line.   The “inline” parameter conveys the key data (master key) used by the endpoint to encrypt the media stream it sends. (The EP conveys the transmit direction in its offer SDP).  The same keying data will be used by the receiver to decrypt those streams.  There may be one or more key (ie, inline) parameters in a crypto attribute, separated by a semicolon. 

...

Once a session has been established it may be modified at any time in order to perform re-keying or change or remove the crypto-suite. (ie a new crypto suite can be used or a new master key can be established)

Image Added

The SDES crypto attribute has the following format:

...

  • AES_CM_128_HMAC_SHA1_80 (default).  This is default AES standard.  It offers a128bit a 128bit master key with 80 bit authentication tag
  • AES_CM_128_HMAC_SHA1_32 - This crypto-suite is similar to the AES_CM_128_HMAC_SHA1_80 crypto-suite except it offers a 32 bit authentication tag

...