Re: [Ccrtp-devel] how to generate keystream segment for SRTP header

ccrtp-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ccrtp-devel] how to generate keystream segment for SRTP header

From:	Werner Dittmann
Subject:	Re: [Ccrtp-devel] how to generate keystream segment for SRTP header
Date:	Wed, 29 Jul 2009 20:46:17 +0200
User-agent:	Thunderbird 2.0.0.19 (X11/20081227)

Where in the source of ccRTP did you find the below diagram?

In your first mail you refer to RFC 3686 - this RFC is in no way
related to RFC 3711, no even referenced in RFC 3711. RFC 3711
describes the AES counter mode encryption that must be used for
SRTP. The below diagram does not make sense for SRTP.

Best Regards,
Werner


Yogesh Devidas Patil schrieb:
> I am implementing it for differant project. I have looked through the source 
> files and
> found working of encryption  algo as
> 
> 16 bits
>  * <----->
>  * +------+------+------+------+------+------+------+------+
>  * |           nonce           |    pakcet index    |  ctr |---+
>  * +------+------+------+------+------+------+------+------+   |
>  *                                                             |
>  * +------+------+------+------+------+------+------+------+   v
>  * |                      salt                      |000000|->(+)
>  * +------+------+------+------+------+------+------+------+   |
>  *                                                             |
>  *                                                        +---------+
>  *                                                        | encrypt |
>  *                                                        +---------+
>  *                                                             |
>  * +------+------+------+------+------+------+------+------+   |
>  * |                    keystream block                    |<--+
>  * +------+------+------+------+------+------+------+------+
> 
> Doesn't this daviates from SRTP RFC specification ?
> And how should i choose nonce value?
> 
> 
> 
> Regards
> Yogesh Patil
> 
> 
> ________________________________________
> From: Werner Dittmann address@hidden
> Sent: Tuesday, July 28, 2009 11:15 PM
> To: Yogesh Devidas Patil
> Cc: address@hidden
> Subject: Re: [Ccrtp-devel] how to generate keystream segment for SRTP header
> 
> Do you implement SRTP for this RTP stack? We already have SRTP
> avaliable since some years. If you like to implement SRTP for some
> other project maybe you can have a look in the source files to
> see how this is implemented.
> 
> Best Regards,
> Werner
> 
> Yogesh Devidas Patil schrieb:
>> Hi
>> I am implementing SRTP and have  little confusion about it.
>>
>> as per my understanding of SRTP RFC3711,
>> Initialization vector(IV) is generated as
>>
>> IV = (salt_key << 16) XOR (SSRC << 64) XOR (packet_index << 16)
>>
>> and  keystream segment (required for AES ICM ) is generated as
>>
>> Keystream_seg = E(k,IV) where k=Session key
>> i.e Keystream_seg = k XOR IV
>>
>> is my understanding correct wrt SRTP standard??
>>
>> Wherein AES ICM RFC3686, keystream segment consists
>> keystream_seg = NONCE || IV || Counter where Counter advances from initial 
>> val=0.
>>
>> I mean how to relate these keystream_seg forming units in AES 
>> ICM(NONCE,IV,Counter) with SRTP header fields & fields computed from them??
>>
>> Second, how should i generate Master Key on sender side??And how to derive 
>> session keys from Master Key??
>>
>> Thanks in advance!!
>>
>>
>> Regards
>> Yogesh Patil
>>
>> A R I C E N T
>>
>> "DISCLAIMER: This message is proprietary to Aricent and is intended solely 
>> for the use of the individual to whom it is addressed. It may contain 
>> privileged or confidential information and should not be circulated or used 
>> for any purpose other than for what it is intended. If you have received 
>> this message in error,please notify the originator immediately. If you are 
>> not the intended recipient, you are notified that you are strictly 
>> prohibited from using, copying, altering, or disclosing the contents of this 
>> message. Aricent accepts no responsibility for loss or damage arising from 
>> the use of the information transmitted by this email including damage from 
>> virus."
>>
>>
>> _______________________________________________
>> Ccrtp-devel mailing list
>> address@hidden
>> http://lists.gnu.org/mailman/listinfo/ccrtp-devel
>>
> 
> 
> "DISCLAIMER: This message is proprietary to Aricent and is intended solely 
> for the use of the individual to whom it is addressed. It may contain 
> privileged or confidential information and should not be circulated or used 
> for any purpose other than for what it is intended. If you have received this 
> message in error,please notify the originator immediately. If you are not the 
> intended recipient, you are notified that you are strictly prohibited from 
> using, copying, altering, or disclosing the contents of this message. Aricent 
> accepts no responsibility for loss or damage arising from the use of the 
> information transmitted by this email including damage from virus."
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Ccrtp-devel] how to generate keystream segment for SRTP header, Yogesh Devidas Patil, 2009/07/28
- [Ccrtp-devel] how to generate keystream segment for SRTP header, Yogesh Devidas Patil, 2009/07/28
  - Re: [Ccrtp-devel] how to generate keystream segment for SRTP header, Werner Dittmann, 2009/07/28
    - RE: [Ccrtp-devel] how to generate keystream segment for SRTP header, Yogesh Devidas Patil, 2009/07/29
    - Re: [Ccrtp-devel] how to generate keystream segment for SRTP header, Werner Dittmann <=

Prev by Date: RE: [Ccrtp-devel] how to generate keystream segment for SRTP header
Previous by thread: RE: [Ccrtp-devel] how to generate keystream segment for SRTP header
Index(es):
- Date
- Thread