[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] Question regarding RFC 3711

Hi Ilan,
 
My recollection from writing the spec is as follows.
 
One reason that ROC is kept when a new key is taken into use is due to the
fact that SRTP has an option to associate key usage with a range of SRTP-indexes, <From, To>,
where the ROC forms the most significant bits of these indexes.
 
Suppose that you pre-distribute 3 keys with validity <0, a>, <a+1, b>, <b+1, c>. Suppose now
that after some time you reach index a+1. You will now take the 2nd key into use. *If* you were
to reset ROC at the same time, the index would "jump back" to a value smaller than a+1 and the
key you just changed to would no longer be valid, you would be supposed to revert back to the first
key again (with possible associated security problems).
 
If you use the MKI mechanism to signal use of a new key, you would not have this problem but
as I recall, it occurred to us that it was easier to always use an index handling that was
independent of the re-key mechanism. Hence, replay lists also are unaffected though notice that
close to time when the key changes, the replay window may cover packets processed both with
the old and the new key so if there is packet reorder you may need to be prepared to revert to
the old key on occasion.
Handling of ROC and other parameters when someone joins a session is described in Sections
3.3.1, 8 and 11.3 of RFC3711.
 
/Mats
From: avt-bounces at ietf.org [mailto:avt-bounces at ietf.org] On Behalf Of Ilan Doron
Sent: den 6 juli 2009 16:23
To: 'avt at ietf.org'
Subject: [AVT] Question regarding RFC 3711

I have a few questions regarding rfc 3711:

 

From the RFC, section 3.3.1:

After a re-keying occurs (changing to a new master key), the rollover

   counter always maintains its sequence of values, i.e., it MUST NOT be

   reset to zero.

 

1.       Does re-keying include reinvite session where new keys are allocated?

2.       If ROC is maintained, can I assume full SRTP session is maintained, i.e. RTP sequence + replay lists + SSRC?

 

Regarding SSRC change during SRTP session:

1.       If a new SSRC arrives should the packet be authenticated with a zero ROC or with the current ROC value?

2.       Assuming authentication succeeds, SRTP session will be reset to zero (Sequence, replay lists ROC etc.)?

 

Ilan Doron
Media application Team Leader

Tel:         +972-3-9764354
Fax:        +972-3-9764223

Mobile:   +972-54-6262-775
Email:     iland at audiocodes.com
Web:        www.audiocodes.com
 

signature1.jpg

Click to Sign Up for our email updates

 


This email and any files transmitted with it are confidential material. They are intended solely for the use of the designated individual or entity to whom they are addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful.

If you have received this email in error please immediately notify the sender and delete or destroy any copy of this message