9
IETF71, Philadelphia, March draft-wing-avt-dtls-srtp-key- 1 draft-wing-avt-dtls-srtp-key- transport-01 Dan Wing, [email protected] MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, [email protected] MSEC Working Group DTLS-SRTP Key Transport

Embed Size (px)

Citation preview

Page 1: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 1

draft-wing-avt-dtls-srtp-key-transport-01

Dan Wing, [email protected]

MSEC Working Group

DTLS-SRTP Key Transport

Page 2: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 2

Overview

• IETF68 (Prague), RTPSEC BoF selected DTLS-SRTP as the preferred SRTP keying mechanism

• Only unicast, point-to-point was in scope

• DTLS-SRTP Key Transport allows efficient SRTP operation for– Several unicast conferencing scenarios– Multicast

Page 3: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 3

Why Consider DTLS-SRTP for Multicast?

• DTLS-SRTP works for group of 2

• GDOI-SRTP is overkill for a group of 3– Useful for a larger group

• DTLS-SRTP-Key-Transport allows optimizing SRTP keying for ‘small groups’

Page 4: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 4

Operation of DTLS-SRTP Key Transport

for Multicast

Page 5: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 5

DTLS-SRTP-Key-Transport

• DTLS-SRTP-Key-Transport is negotiated during TLS handshake

• DTLS-SRTP session stays up for duration of call

• SRTP key is sent within the DTLS session itself– As a new TLS content-type

Page 6: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 6

DTLS session with each listener

1. Each listener establishes unicast DTLS-SRTP session with speaker

2. Speaker uses DTLS-SRTP Key Transport to tell every listener the same SRTP key

speaker

Listener 1

Listener 2

Listener 3

DTLS-SRTP, transport speaker’s SRTP key “A”

Page 7: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 7

SRTP multicasting

• SRTP packets are then multicasted to listeners

speaker

Listener 1

Listener 2

Listener 3

SRTP packet, key “A”

Page 8: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 8

DTLS-SRTP-Key-Transport

• DTLS-SRTP-Key-Transport is negotiated during TLS handshake

• DTLS-SRTP session stays up for duration of call

• SRTP key is sent within the DTLS session itself– As a new TLS content-type

Page 9: IETF71, Philadelphia, March 2008draft-wing-avt-dtls-srtp-key-transport-011 Dan Wing, dwing@cisco.com MSEC Working Group DTLS-SRTP Key Transport

IETF71, Philadelphia, March 2008 draft-wing-avt-dtls-srtp-key-transport-01 9

Questions

draft-wing-avt-dtls-srtp-key-transport-01

Dan Wing, [email protected]


USING CISCO SIP TLS/SRTP XIC - Genesys€¦ · USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis, IN 46278 Telephone/Fax: (317) 872-3000

USING CISCO SIP TLS/SRTP XIC - Genesys€¦ · USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis, IN 46278 Telephone/Fax: (317) 872-3000

Documents
Walkthrough · bit more complex. Encrypting Real Time Media WebRTC uses DTLS-SRTP for encryption. In a nutshell that means there is a (D)TLS handshake and then the encryption keys

Walkthrough · bit more complex. Encrypting Real Time Media WebRTC uses DTLS-SRTP for encryption. In a nutshell that means there is a (D)TLS handshake and then the encryption keys

Documents
Scottish Radiology Transformation Programme (SRTP) Phase 2 · 2020. 7. 3. · Programme (SRTP). The SRTP was approved as a ten year change programme, with Phase 1 prioritising work

Scottish Radiology Transformation Programme (SRTP) Phase 2 · 2020. 7. 3. · Programme (SRTP). The SRTP was approved as a ten year change programme, with Phase 1 prioritising work

Documents
CITY OF DAVIS SHORT RANGE TRANSIT PLAN FISCAL YEARS · 2019. 4. 22. · SRTP Objectives and Focus Areas The primary objective of this SRTP is to provide a current SRTP for the City

CITY OF DAVIS SHORT RANGE TRANSIT PLAN FISCAL YEARS · 2019. 4. 22. · SRTP Objectives and Focus Areas The primary objective of this SRTP is to provide a current SRTP for the City

Documents
A Axiom - DTLS-based secure IoT group communication · Axiom - DTLS-based secure IoT group communication A:3 tion to experimentally evaluate Axiom and compare it with two alternative

A Axiom - DTLS-based secure IoT group communication · Axiom - DTLS-based secure IoT group communication A:3 tion to experimentally evaluate Axiom and compare it with two alternative

Documents
Lucky Thirteen: Breaking the TLS and DTLS Record …isg.rhul.ac.uk/tls/TLStiming.pdfLucky Thirteen: Breaking the TLS and DTLS Record Protocols Nadhem J. AlFardan and Kenneth G. Paterson

Lucky Thirteen: Breaking the TLS and DTLS Record …isg.rhul.ac.uk/tls/TLStiming.pdfLucky Thirteen: Breaking the TLS and DTLS Record Protocols Nadhem J. AlFardan and Kenneth G. Paterson

Documents
SRTP – 2019

SRTP – 2019

Documents
Thiru Sivakumaran - SRTP 2011

Thiru Sivakumaran - SRTP 2011

Education
Santa Rosa CityBus SRTP Highlights

Santa Rosa CityBus SRTP Highlights

Documents
RFC 8870: Encrypted Key Transport for DTLS and Secure RTP

RFC 8870: Encrypted Key Transport for DTLS and Secure RTP

Documents
DHS/ALL/PIA-064 Preventing and Combating Serious Crime ......Greece uses the Secure Real-Time Platform (SRTP) to share biometrics and biographic data. Italy will use the SRTP when

DHS/ALL/PIA-064 Preventing and Combating Serious Crime ......Greece uses the Secure Real-Time Platform (SRTP) to share biometrics and biographic data. Italy will use the SRTP when

Documents
System Design Concept for Safe Return to Port (SRtP

System Design Concept for Safe Return to Port (SRtP

Documents
DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar

DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar

Documents
EXL402. 2 3 Microsoft.Speech SIP/SIMPLE (SIP Stack) SRTP/Codecs (Media Stacks) SRTP/Codecs (Media Stacks) Server SAPI (Speech Engines) UCMA Core API

EXL402. 2 3 Microsoft.Speech SIP/SIMPLE (SIP Stack) SRTP/Codecs (Media Stacks) SRTP/Codecs (Media Stacks) Server SAPI (Speech Engines) UCMA Core API

Documents
Datagram Transport Layer Security (DTLS) as a Transport Layer for

Datagram Transport Layer Security (DTLS) as a Transport Layer for

Documents
BART SRTP CIP v13 BART SRTP... · Governance and Organizational Structure ... (AMP) Asset Management Program ... This chapter discusses the key milestones in BART’s history and

BART SRTP CIP v13 BART SRTP... · Governance and Organizational Structure ... (AMP) Asset Management Program ... This chapter discusses the key milestones in BART’s history and

Documents
SRTP Replay Protection

SRTP Replay Protection

Documents
CoAP over DTLS TinyOS Implementation and …tesi.cab.unipd.it/44973/1/Thesis.pdfGiulio Peretti CoAP over DTLS TinyOS Implementation and Performance Analysis Implementazione di CoAP

CoAP over DTLS TinyOS Implementation and …tesi.cab.unipd.it/44973/1/Thesis.pdfGiulio Peretti CoAP over DTLS TinyOS Implementation and Performance Analysis Implementazione di CoAP

Documents
Topic #1 DTLS Related Issues Pat R. Calhoun. Issue 226: Transition to Join State Current CAPWAP state machine requires knowledge of DTLS state machine

Topic #1 DTLS Related Issues Pat R. Calhoun. Issue 226: Transition to Join State Current CAPWAP state machine requires knowledge of DTLS state machine

Documents
DSR DTLS Feature Activation - Oracle · DSR 7.1 by Enabling SCTP AUTH Extensions By Default, Doc ID 2019141.1 for more background on the reason for having DTLS feature activation/deactivation

DSR DTLS Feature Activation - Oracle · DSR 7.1 by Enabling SCTP AUTH Extensions By Default, Doc ID 2019141.1 for more background on the reason for having DTLS feature activation/deactivation

Documents
FY 2020-2024 Short Range Transit Program (SRTP) - Valley … · 2020. 9. 17. · The SRTP analyzes all options for regionally funded service change concepts through a set of guiding

FY 2020-2024 Short Range Transit Program (SRTP) - Valley … · 2020. 9. 17. · The SRTP analyzes all options for regionally funded service change concepts through a set of guiding

Documents
DTLS-HIMMO: Efficiently Securing PQ world with a fully ... · 1 DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald

DTLS-HIMMO: Efficiently Securing PQ world with a fully ... · 1 DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald

Documents
Security analysis of DTLS 1.2 implementations€¦ · To secure UDP tra c, Datagram Transport Layer Security (DTLS) has been published [5] [6] [7]. DTLS is a security protocol based

Security analysis of DTLS 1.2 implementations€¦ · To secure UDP tra c, Datagram Transport Layer Security (DTLS) has been published [5] [6] [7]. DTLS is a security protocol based

Documents
RADIUS Over DTLS

RADIUS Over DTLS

Documents
THE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM · PDF fileTHE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM. 2 ... SMS DTLS DTLS IPv4/IPv6 ... Real-time, performance, load and stress testing

THE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM · PDF fileTHE ECLIPSE OPEN-SOURCE IOT TEST ECOSYSTEM. 2 ... SMS DTLS DTLS IPv4/IPv6 ... Real-time, performance, load and stress testing

Documents
1 SIP Requirements for SRTP Keying Dan Wing dwing@cisco.com IETF 66 v4

1 SIP Requirements for SRTP Keying Dan Wing [email protected] IETF 66 v4

Documents
1 DTLS-HIMMO: Efficiently Securing a Post … DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald Rietman, Sahil

1 DTLS-HIMMO: Efficiently Securing a Post … DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS Oscar Garcia-Morchon, Ronald Rietman, Sahil

Documents
USING CISCO SIP TLS/SRTP XIC - Interactive …testlab.inin.com/compatibilityfiles_external/documents/xICwith...USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis,

USING CISCO SIP TLS/SRTP XIC - Interactive …testlab.inin.com/compatibilityfiles_external/documents/xICwith...USING CISCO SIP TLS/SRTP XIC VERSION 1.1 7601 Interactive Way Indianapolis,

Documents
SRTP Metro Board Letter

SRTP Metro Board Letter

Documents
List of Accredited DTLs - hfsrb.doh.gov.ph

List of Accredited DTLs - hfsrb.doh.gov.ph

Documents