What is the difference between srtp and zrtp

SRTP

sdp msg:

v=0

o=jdoe 2890844526 2890842807 IN IP4 10.47.16.5

s=SDP Seminar
i=A Seminar on the session description protocol
u=http://www.example.com/seminars/sdp.pdf
e=j.doe@example.com (Jane Doe)
c=IN IP4 161.44.17.12/127
t=2873397496 2873404696
m=video 51372 RTP/SAVP 31
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20
m=audio 49170 RTP/SAVP 0
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20
m=application 32416 udp wb
a=orient:portrait

The crypto line includes the master key and encryption algorithms etc.

From SRTP master key, srtp will derive other keys:

–> SSRC encryptions key

–> SSRC authentication key

So we need securely exchange master key first,  there are several different protocols that may be used to negotiate SRTP session keys, including ZRTP, SDES, or DTLS

Normally we need TLS/SIPS signalling to securely transmit the master key first ( SDES).

ZRTP:

ZRTP is designed to provide a secure method for two VoIP end-point to securely agree encryption keys that are subsequently used to encrypt media streams (voice or video) using SRTP. ZRTP uses the Diffie-Hellman algorithm which enables secure key agreement and avoids the overhead of certificate management or any other prior setup. ZRTP supports two Diffie-Hellman variants, finite field and elliptic curve. The keys agreed by ZRTP are ephemeral which means that they are discarded at the end of a call, avoiding the need for key management.

ZRTP is the protocol that the two parties use to negotiate the SRTP session key.

 

References

http://www.cisco.com/c/en/us/about/security-center/securing-voip.html

http://blog.cryptographyengineering.com/2012/11/lets-talk-about-zrtp.html

http://www.voip-info.org/wiki/view/ZRTP

https://en.wikipedia.org/wiki/SDES

Please rate this


Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>