Re: [Srtp-users] [AVT] RFC 3711 - questions about cryptographic context

["David A. McGrew" <mcgrew at cisco.com>]

Tal,

On May 9, 2004, at 2:03 AM, tal shahar wrote:

> hi
> in 3.2.1.  Transform-independent parameters
> 1. the RFC states that the cryptographic context should hold the the master key(s)
> assuming I wish to have SRTP and SRTCP sharing the same master key, what is the situation where I have more than one key

if I understand right, you are wondering why the "(s)" appears in the quote from the RFC.  This is because there might be multiple master keys, each of which is used for a particular range of the packet index (that is, the 48-bit integer that is the concatenation of the ROC and the sequence number).  libSRTP does not support this facility, and I expect that the vast majority of users won't miss it.


> 2. if I have only one master key, why do I need to hold the MKI

You don't, though you might need to store the fact that you are not using an MKI.  libSRTP does not support MKIs as of yet.  I don't think that it would be hard to add this feature.

David

 
thanks a lot
tal

Do you Yahoo!?

Win a $20,000 Career Makeover at Yahoo! HotJobs