ZRTP: Media Path Key Agreement for Unicast Secure RTP
作者: Philip Zimmermann , Alan Johnston , Jon Callas
DOI:
关键词: Public key infrastructure 、 Computer security 、 Signaling protocol 、 ZRTP 、 Computer science 、 Session key 、 Voice over IP 、 Man-in-the-middle attack 、 Session Description Protocol 、 Session (computer science) 、 Computer network
摘要: This document defines ZRTP, a protocol for media path Diffie-Hellman exchange to agree on session key and parameters establishing unicast Secure Real-time Transport Protocol (SRTP) sessions VoIP applications. The ZRTP is keying because it is multiplexed the same port as RTP does not require support in the signaling protocol. assume Public Key Infrastructure (PKI) or complexity of certificates in end devices. For session, provides confidentiality, protection against man-in-the-middle (MiTM) attacks, and, cases where end-to-end integrity protection, authentication. can utilize Session Description (SDP) attribute provide discovery authentication through the signaling channel. To best effort SRTP, utilizes normal RTP/AVP profiles. secures which include voice media stream, also secure do include voice by using an optional digital signature.
ietf.org
fc2.com参考文章(55)
Stefan Lucks, Jon Callas, The Skein Hash Function Family ,(2009)
John M. Kelsey, Elaine B. Barker, Recommendation for Random Number Generation Using Deterministic Random Bit Generators ,(2014)
Darrel Hankerson, Alfred Menezes, NSA Suite B. Encyclopedia of Cryptography and Security (2nd Ed.). pp. 857- ,(2011)
Peter Saint-Andre, Use of ZRTP in Jingle RTP Sessions XMPP Standards Foundation. ,(2011)
Lorrie Faith Cranor, Neha Atri, Joshua Sunshine, Hazim Almuhimedi, Serge Egelman, Crying wolf: an empirical study of SSL warning effectiveness usenix security symposium. pp. 399- 416 ,(2009)
Patrick Juola, Isolated-Word Confusion Metrics and the PGPfone Alphabet arXiv: Computation and Language. ,(1996)
David A. McGrew, Kevin Igoe, Margaret Salter, Fundamental Elliptic Curve Cryptography Algorithms RFC. ,vol. 6090, pp. 1- 34 ,(2011)
T. Kivinen, M. Kojo, More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) RFC. ,vol. 3526, pp. 1- 10 ,(2003)
R. Canetti, H. Krawczyk, M. Bellare, HMAC: Keyed-Hashing for Message Authentication RFC. ,vol. 2104, pp. 1- 11 ,(1997)
Mark Baugher, Dan Wing, Flemming Andreasen, Session Description Protocol (SDP) Security Descriptions for Media Streams RFC. ,vol. 4568, pp. 1- 44 ,(2006)