9
IETF71, Philadelphia, March draft-wing-avt-dtls-srtp-key- 1 draft-wing-avt-dtls-srtp-key- transport-01 Dan Wing, [email protected] MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, [email protected] MSEC Working Group DTLS-SRTP Key Transport

Embed Size (px)

Citation preview

Page 1: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 1

draft-wing-avt-dtls-srtp-key-transport-01

Dan Wing, [email protected]

MSEC Working Group

DTLS-SRTP Key Transport

Page 2: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 2

Overview

• IETF68 (Prague), RTPSEC BoF selected DTLS-SRTP as the preferred SRTP keying mechanism

• Only unicast, point-to-point was in scope

• DTLS-SRTP Key Transport allows efficient SRTP operation for– Several unicast conferencing scenarios– Multicast

Page 3: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 3

Why Consider DTLS-SRTP for Multicast?

• DTLS-SRTP works for group of 2

• GDOI-SRTP is overkill for a group of 3– Useful for a larger group

• DTLS-SRTP-Key-Transport allows optimizing SRTP keying for ‘small groups’

Page 4: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 4

Operation of DTLS-SRTP Key Transport

for Multicast

Page 5: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 5

DTLS-SRTP-Key-Transport

• DTLS-SRTP-Key-Transport is negotiated during TLS handshake

• DTLS-SRTP session stays up for duration of call

• SRTP key is sent within the DTLS session itself– As a new TLS content-type

Page 6: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 6

DTLS session with each listener

1. Each listener establishes unicast DTLS-SRTP session with speaker

2. Speaker uses DTLS-SRTP Key Transport to tell every listener the same SRTP key

speaker

Listener 1

Listener 2

Listener 3

DTLS-SRTP, transport speaker’s SRTP key “A”

Page 7: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 7

SRTP multicasting

• SRTP packets are then multicasted to listeners

speaker

Listener 1

Listener 2

Listener 3

SRTP packet, key “A”

Page 8: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 8

DTLS-SRTP-Key-Transport

• DTLS-SRTP-Key-Transport is negotiated during TLS handshake

• DTLS-SRTP session stays up for duration of call

• SRTP key is sent within the DTLS session itself– As a new TLS content-type

Page 9: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 9

Questions

draft-wing-avt-dtls-srtp-key-transport-01

Dan Wing, [email protected]


SRTP Metro Board Letter

SRTP Metro Board Letter

Documents
SRTP Replay Protection

SRTP Replay Protection

Documents
Lucky Thirteen: Breaking the TLS and DTLS Record …isg.rhul.ac.uk/tls/TLStiming.pdfLucky Thirteen: Breaking the TLS and DTLS Record Protocols Nadhem J. AlFardan and Kenneth G. Paterson

Lucky Thirteen: Breaking the TLS and DTLS Record …isg.rhul.ac.uk/tls/TLStiming.pdfLucky Thirteen: Breaking the TLS and DTLS Record Protocols Nadhem J. AlFardan and Kenneth G. Paterson

Documents
USING CISCO SIP TLS/SRTP XIC - Interactive …testlab.inin.com/compatibilityfiles_external/documents/xICwith...USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis,

USING CISCO SIP TLS/SRTP XIC - Interactive …testlab.inin.com/compatibilityfiles_external/documents/xICwith...USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis,

Documents
CoAP over DTLS TinyOS Implementation and …tesi.cab.unipd.it/44973/1/Thesis.pdfGiulio Peretti CoAP over DTLS TinyOS Implementation and Performance Analysis Implementazione di CoAP

CoAP over DTLS TinyOS Implementation and …tesi.cab.unipd.it/44973/1/Thesis.pdfGiulio Peretti CoAP over DTLS TinyOS Implementation and Performance Analysis Implementazione di CoAP

Documents
DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar

DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar

Documents
1 DTLS-HIMMO: Efficiently Securing a Post … DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald Rietman, Sahil

1 DTLS-HIMMO: Efficiently Securing a Post … DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald Rietman, Sahil

Documents
Rapid Transfer Port - ThomasNetRapid Transfer Port Remote Handling | Sterilizable Rapid Transfer Port Introduction Beta Flange SRTP The CRL Sterilizable Rapid Transfer Port (SRTP)

Rapid Transfer Port - ThomasNetRapid Transfer Port Remote Handling | Sterilizable Rapid Transfer Port Introduction Beta Flange SRTP The CRL Sterilizable Rapid Transfer Port (SRTP)

Documents
Short Range Transit Plan 2014-2018 - RTD Adminstrationsanjoaquinrtd.com/srtp/pdf/20130906-SRTP-Admin-Draft.pdfShort Range Transit Plan 2014-2018 ... CHAPTER 5 - Management Systems

Short Range Transit Plan 2014-2018 - RTD Adminstrationsanjoaquinrtd.com/srtp/pdf/20130906-SRTP-Admin-Draft.pdfShort Range Transit Plan 2014-2018 ... CHAPTER 5 - Management Systems

Documents
Support Material for Agenda Item SRTP - gosbcta.com

Support Material for Agenda Item SRTP - gosbcta.com

Documents
Design and Implementation of SCTP-aware DTLS · PDF fileDesign and Implementation of SCTP-aware DTLS R. Seggelmann1, M. Tuxen¨ 2 and E. Rathgeb3 1Munster University of Applied Sciences,

Design and Implementation of SCTP-aware DTLS · PDF fileDesign and Implementation of SCTP-aware DTLS R. Seggelmann1, M. Tuxen¨ 2 and E. Rathgeb3 1Munster University of Applied Sciences,

Documents
THE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM · PDF fileTHE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM. 2 ... SMS DTLS DTLS IPv4/IPv6 ... Real-time, performance, load and stress testing

THE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM · PDF fileTHE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM. 2 ... SMS DTLS DTLS IPv4/IPv6 ... Real-time, performance, load and stress testing

Documents
FY 2020-2024 Short Range Transit Program (SRTP) - Valley … · 2020. 9. 17. · The SRTP analyzes all options for regionally funded service change concepts through a set of guiding

FY 2020-2024 Short Range Transit Program (SRTP) - Valley … · 2020. 9. 17. · The SRTP analyzes all options for regionally funded service change concepts through a set of guiding

Documents
Lync & Juniper - Westcon-Comstormedia.gswi.westcon.com/media/6.1_Westcon_Presentation_Lync_201… · A/V Edge – SRTP:443,3478,[TCP:50,000-59,999] SRTP consists of two unidirectional

Lync & Juniper - Westcon-Comstormedia.gswi.westcon.com/media/6.1_Westcon_Presentation_Lync_201… · A/V Edge – SRTP:443,3478,[TCP:50,000-59,999] SRTP consists of two unidirectional

Documents
CITY OF DAVIS SHORT RANGE TRANSIT PLAN FISCAL YEARS · 2019. 4. 22. · SRTP Objectives and Focus Areas The primary objective of this SRTP is to provide a current SRTP for the City

CITY OF DAVIS SHORT RANGE TRANSIT PLAN FISCAL YEARS · 2019. 4. 22. · SRTP Objectives and Focus Areas The primary objective of this SRTP is to provide a current SRTP for the City

Documents
SIP Requirements for SRTP Keying

SIP Requirements for SRTP Keying

Documents
RADIUS Over DTLS

RADIUS Over DTLS

Documents
EXL402. 2 3 Microsoft.Speech SIP/SIMPLE (SIP Stack) SRTP/Codecs (Media Stacks) SRTP/Codecs (Media Stacks) Server SAPI (Speech Engines) UCMA Core API

EXL402. 2 3 Microsoft.Speech SIP/SIMPLE (SIP Stack) SRTP/Codecs (Media Stacks) SRTP/Codecs (Media Stacks) Server SAPI (Speech Engines) UCMA Core API

Documents
Design and Implementation of SCTP-aware DTLS

Design and Implementation of SCTP-aware DTLS

Documents
System Design Concept for Safe Return to Port (SRtP

System Design Concept for Safe Return to Port (SRtP

Documents
TLS and DTLS: A Tale of Two Protocols Kenny Paterson

TLS and DTLS: A Tale of Two Protocols Kenny Paterson

Documents
DHS/ALL/PIA-064 Preventing and Combating Serious Crime ......Greece uses the Secure Real-Time Platform (SRTP) to share biometrics and biographic data. Italy will use the SRTP when

DHS/ALL/PIA-064 Preventing and Combating Serious Crime ......Greece uses the Secure Real-Time Platform (SRTP) to share biometrics and biographic data. Italy will use the SRTP when

Documents
Movie Img Dtls

Movie Img Dtls

Documents
SRTP – 2019

SRTP – 2019

Documents
USING CISCO SIP TLS/SRTP XIC - Testlab - Interactive Intelligence

USING CISCO SIP TLS/SRTP XIC - Testlab - Interactive Intelligence

Documents
SEPA Request-To-Pay (SRTP) Scheme Rulebook€¦ · The present SEPA Request-to-Pay (SRTP) Scheme Rulebook (the ^Rulebook _) consists of a set of rules, practices and standards that

SEPA Request-To-Pay (SRTP) Scheme Rulebook€¦ · The present SEPA Request-to-Pay (SRTP) Scheme Rulebook (the ^Rulebook _) consists of a set of rules, practices and standards that

Documents
Walkthrough · bit more complex. Encrypting Real Time Media WebRTC uses DTLS-SRTP for encryption. In a nutshell that means there is a (D)TLS handshake and then the encryption keys

Walkthrough · bit more complex. Encrypting Real Time Media WebRTC uses DTLS-SRTP for encryption. In a nutshell that means there is a (D)TLS handshake and then the encryption keys

Documents
1 SIP Requirements for SRTP Keying Dan Wing dwing@cisco.com IETF 66 v4

1 SIP Requirements for SRTP Keying Dan Wing [email protected] IETF 66 v4

Documents
Security analysis of DTLS 1.2 implementations€¦ · To secure UDP tra c, Datagram Transport Layer Security (DTLS) has been published [5] [6] [7]. DTLS is a security protocol based

Security analysis of DTLS 1.2 implementations€¦ · To secure UDP tra c, Datagram Transport Layer Security (DTLS) has been published [5] [6] [7]. DTLS is a security protocol based

Documents
DSR DTLS Feature Activation - Oracle · DSR 7.1 by Enabling SCTP AUTH Extensions By Default, Doc ID 2019141.1 for more background on the reason for having DTLS feature activation/deactivation

DSR DTLS Feature Activation - Oracle · DSR 7.1 by Enabling SCTP AUTH Extensions By Default, Doc ID 2019141.1 for more background on the reason for having DTLS feature activation/deactivation

Documents