Mail Lists

About Secure RTP

SRTP is a security profile for RTP that adds confidentiality, message authentication, and replay protection to that protocol. It is a Proposed Standard in the IETF Audio-Video Transport Working Group, and is defined in RFC 3711.

SRTP is ideal for protecting Voice over IP traffic because it can be used in conjunction with header compression and has no effect on IP Quality of Service. These facts provide significant advantages, especially for voice traffic using low-bitrate voice codecs such as G.729 and iLBC. Frequently Asked Questions about the protocol are answered in the SRTP FAQ.

This page provides links to Additional Specifications, Uses, and Key Management.

Additional Specifications

This list covers SRTP additions and extensions. It does not include any of the methods to provide keys to SRTP.

The Use of Timed Efficient Stream Loss-Tolerant Authentication (TESLA) in the Secure Real-time Transport Protocol (SRTP) is defined in RFC 4383. It defines the use of TESLA (RFC 4082) transform within the Secure Real-time Transport Protocol (SRTP), to provide data origin authentication for multicast and broadcast data streams. SRTP is a good match for TESLA, since the latter requires buffering that is more easily accomodated at higher layers of the network stack.

Encrypted Key Transport for Secure RTP is defined in draft-mcgrew-srtp-ekt-01.txt. It is an extension to SRTP that provides for the secure transport of SRTP master keys, RolloverCounters, and other information, within SRTCP. This facility enables SRTP to work for decentralized conferences with minimal control, and to handle situations caused by SIP forking and early media.

Integrity Transform Carrying Roll-over Counter is defined in draft-lehtovirta-srtp-rcc-03.txt. This document defines an integrity transform for SRTP, which allows the roll-over counter (ROC) to be transmitted in SRTP packets as part of the authentication tag.

ZRTP: Extensions to RTP for Diffie-Hellman Key Agreement for SRTP is defined in draft-zimmermann-avt-zrtp-01.txt. This This document defines ZRTP, RTP (Real-time Transport Protocol) header extensions for a Diffie-Hellman exchange to agree on a session key and parameters for establishing Secure RTP (SRTP) sessions.

Using SRTP transport format with HIP is defined in draft-tschofenig-hiprg-hip-srtp-01.txt . The Host Identity Protocol (HIP) is a signaling protocol which adds a new layer between the traditional Transport and Network layer. HIP is an end-to-end authentication and key exchange protocol, which supports security and mobility in a commendable manner. The HIP base specification is genralized and purported to support different key exchange mechanisms in order to provide confidentiality protection for the subsequent data traffic. In some cases it might not be desirable to establish IPsec security associations for protection of media traffic. This draft explains how keying material and parameters for usage with the Secure Real Time Protocol (SRTP) can be established using HIP. Note: this draft has expired and has not been resubmitted, and thus is no longer available from the IETF.

The use of AES-192 and AES-256 in Secure RTP is defined in draft-mcgrew-srtp-big-aes-00.txt. This memo describes the use of the Advanced Encryption Standard (AES) with 192 and 256 bit keys within the Secure RTP protocol. It defines Counter Mode encryption for SRTP and SRTCP and a new SRTP Key Derivation Function (KDF) for AES-192 and AES-256.


This list covers uses of SRTP by other standards.

Internet Streaming Media Alliance ISMAcryp Encryption and Authentication version 1.1

ITU H.235.7 Usage of the MIKEY Key Management Protocol for SRTP

ITU H.235.8 Key Exchange for SRTP using secure Signalling Channels

3GPP TS 26.234Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs

Open Mobile Alliance Service and Content Protection for Mobile Broadcast Services (OMA BROADCAST) draft spec for mobile TV

DVB IP Datacast over DVB-H: Service Purchase and Protection (SPP)

3GPP2 X.S0022-0 Broadcast and Multicast Service in cdma2000 Wireless IP network


Key Management

draft-mcgrew-tls-srtp-00.txt. Datagram Transport Layer Security (DTLS) Extension to Establish Keys for Secure Real-time Transport Protocol (SRTP).

RFC 3830 MIKEY: Multimedia Internet KEYing

draft-ietf-msec-mikey-ecc-00.txt ECC Algorithms For MIKEY

draft-ietf-msec-mikey-rsa-r-02.txt An additional mode of key distribution in MIKEY: MIKEY-RSA-R

draft-ietf-msec-newtype-keyid-05.txt The Key ID Information Type for the General Extension Payload in MIKEY

draft-ietf-msec-mikey-dhhmac-11.txt HMAC-authenticated Diffie-Hellman for MIKEY

draft-ietf-mmusic-sdescriptions-12.txt Session Description Protocol Security Descriptions for Media Streams. This keying method works with both the Session Initiation Protocol (SIP) and the Media Gateway Control Protocol (MGCP).

draft-ietf-mmusic-securityprecondition-01.txt Security Preconditions for Session Description Protocol Media Streams

draft-baugher-mmusic-sdp-dh-00.txt Diffie-Hellman Exchanges for Multimedia Sessions

draft-zimmermann-avt-zrtp-00.txt. Extensions to RTP for Diffie-Hellman Key Agreement for SRTP


Last updated June 28, 2006.