Encryption of Header Extensions in the Secure Real-time Transport Protocol (SRTP)
RFC 6904
Document | Type |
RFC - Proposed Standard
(April 2013; No errata)
Updates RFC 3711
|
|
---|---|---|---|
Author | Jonathan Lennox | ||
Last updated | 2018-12-20 | ||
Replaces | draft-lennox-avtcore-srtp-encrypted-header-ext | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Roni Even | ||
IESG | IESG state | RFC 6904 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Robert Sparks | ||
IESG note | Roni Even (ron.even.tlv@gmail.com) is the Document Shepherd. | ||
Send notices to | (None) |
Internet Engineering Task Force (IETF) J. Lennox Request for Comments: 6904 Vidyo Updates: 3711 April 2013 Category: Standards Track ISSN: 2070-1721 Encryption of Header Extensions in the Secure Real-time Transport Protocol (SRTP) Abstract The Secure Real-time Transport Protocol (SRTP) provides authentication, but not encryption, of the headers of Real-time Transport Protocol (RTP) packets. However, RTP header extensions may carry sensitive information for which participants in multimedia sessions want confidentiality. This document provides a mechanism, extending the mechanisms of SRTP, to selectively encrypt RTP header extensions in SRTP. This document updates RFC 3711, the Secure Real-time Transport Protocol specification, to require that all future SRTP encryption transforms specify how RTP header extensions are to be encrypted. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6904. Lennox Standards Track [Page 1] RFC 6904 Encrypted SRTP Header Extensions April 2013 Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Encryption Mechanism . . . . . . . . . . . . . . . . . . . . 4 3.1. Example Encryption Mask . . . . . . . . . . . . . . . . . 6 3.2. Header Extension Keystream Generation for Existing Encryption Transforms . . . . . . . . . . . . . . . . . . 7 3.3. Header Extension Keystream Generation for Future Encryption Transforms . . . . . . . . . . . . . . . . . . 8 4. Signaling (Setup) Information . . . . . . . . . . . . . . . . 8 4.1. Backward Compatibility . . . . . . . . . . . . . . . . . 9 5. Security Considerations . . . . . . . . . . . . . . . . . . . 10 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 8.1. Normative References . . . . . . . . . . . . . . . . . . 11 8.2. Informative References . . . . . . . . . . . . . . . . . 12 Appendix A. Test Vectors . . . . . . . . . . . . . . . . . . . . 13 A.1. Key Derivation Test Vectors . . . . . . . . . . . . . . . 13 A.2. Header Encryption Test Vectors Using AES-CM . . . . . . . 14 Lennox Standards Track [Page 2] RFC 6904 Encrypted SRTP Header Extensions April 2013 1. Introduction The Secure Real-time Transport Protocol [RFC3711] specification provides confidentiality, message authentication, and replay protection for multimedia payloads sent using the Real-time Protocol (RTP) [RFC3550]. However, in order to preserve RTP header compression efficiency, SRTP provides only authentication and replay protection for the headers of RTP packets, not confidentiality. For the standard portions of an RTP header, providing only authentication and replay protection does not normally present a problem, as the information carried in an RTP header does not provide much information beyond that which an attacker could infer by observing the size and timing of RTP packets. Thus, there is little need for confidentiality of the header information. However, the security requirements can be different for information carried in RTP header extensions. A number of recent proposals for header extensions using the mechanism described in "A GeneralShow full document text