Encrypted Key Transport

Encrypted Key Transport

Encrypted Key Transport or EKT is an extension to SRTP that fits within the SRTP framework and reduces the amount of signaling control that is needed in an SRTP session. EKT securely distributes the SRTP master key and other information for each SRTP source, using SRTCP to transport that information. With this method, SRTP entities are free to choose SSRC values as they see fit, and to start up new SRTP sources with new SRTP master keys within a session without coordinating with other entities via signaling or other external means. This fact allows to reinstate the RTP collision detection and repair mechanism, which is nullified by the current SRTP specification because of the need to control SSRC values closely. An SRTP endpoint using EKT can generate new keys whenever an existing SRTP master key has been overused, or start up a new SRTP source to replace an old SRTP source that has reached the packet-count limit.

EKT also solves the problem in which the burst loss of the N initial SRTP packets can confuse an SRTP receiver, when the initial RTP sequence number is greater than or equal to 2^16 - N. These features simplify many architectures that implement SRTP.

EKT provides a way for an SRTP session participant, either sender or receiver, to securely transport its SRTP master key and current SRTP rollover counter to the other participants in the session. This data, possibly in conjunction with additional data provided by an external signaling protocol, furnishes the information needed by the receiver to instantiate an SRTP/SRTCP receiver context.

EKT does not control the manner in which the SSRC and master key are generated; it is concerned only with their secure transport. Those values may be generated on demand by the SRTP endpoint, or may be dictated by an external mechanism such as a signaling agent or a secure group controller.

EKT is not intended to replace external key establishment mechanisms such as SDP Security Descriptions SDES or Mikey (RFC3830). Instead, it is used in conjunction with those methods, and it relieves them of the burden of tightly coordinating every SRTP source among every SRTP participant.

Reference: http://tools.ietf.org/html/draft-mcgrew-srtp-ekt-03


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Encrypted Key Transport — Saltar a navegación, búsqueda Encrypted Key Transport o EKT es una extensión a SRTP que cumple el framework de SRTP y reduce la cantidad de señalización de control necesaria en una sesión SRTP. Distribuye de manera segura la clave SRTP maestra y… …   Wikipedia Español

  • Transport Layer Security — (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide secure communications on the Internet for such things as web browsing, e mail, Internet faxing, instant messaging and other data transfers. There are… …   Wikipedia

  • Key Wrap — constructions are a class of symmetric encryption algorithms designed to encapsulate (encrypt) cryptographic key material. The Key Wrap algorithms are intended for applications such as (a) protecting keys while in untrusted storage, or (b)… …   Wikipedia

  • Cryptographic key types — One of the most important aspects of any cryptographic system is key management; it is also the aspect which is most often neglected.[citation needed] A very common mistake is mixing different key types and reusing the same key for different… …   Wikipedia

  • Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key …   Wikipedia

  • Diffie–Hellman key exchange — (D–H)[nb 1] is a specific method of exchanging keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge …   Wikipedia

  • Secure Real-time Transport Protocol — The Secure Real time Transport Protocol (or SRTP) defines a profile of RTP (Real time Transport Protocol), intended to provide encryption, message authentication and integrity, and replay protection to the RTP data in both unicast and multicast… …   Wikipedia

  • S/KEY — is a one time password system developed for authentication to Unix like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long term password. A user s real password is combined in …   Wikipedia

  • Self-Protecting Digital Content — (SPDC), is a copy protection (Digital Rights Management) architecture which allows restriction of access to, and copying of, the next generation of optical discs and streaming/downloadable content. Overview Designed by Cryptography Research, Inc …   Wikipedia

  • Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”