Thursday, July 07, 2005

A Rather Incomplete 'Summary' of the Cisco-Ericsson SRTP Paper

Secure Real-time Transport Protocol
- high throughput, low packet expansion
- encryption (cryptographic transforms)
- authentication (key-based)
- a profile of RTP (extension of the RTp Audio/Video Profile)


RTP <----> SRTP <----------> SRTP <----> RTP

<----> denotes "intercept" (different from <---------->)


If AUTHENTICATION FAILURE occurs:
- packet is discarded
- log the event


REPLAY protection:
- packet is replayed when it is stored by an adversary, and then reinjected into the network
- implement a Replay List


Replay List:
- continuously updated with each authenticated packet
- implement using a bitmap
- if a packet is checked to be already in the replay list, discard the packet and log the event


REMINDERS:

*No meeting on Saturday (Wednesday na lang ulit).

*Task 1 -- Create lightweight versions of Encryption (highest priority), Authentication, and Replay Protection for the Java RTP (if possible, use existing security classes); Encryption can be shared key (symmetric), public key based (asymmetric), or hybrid (BEST CHOICE)

*Task 2 -- UIs for Admin (server side) and WAP client

0 Comments:

Post a Comment

<< Home