Low Latency and Computational overhead Consider Diffie-Hellman key size Recommendation is 4096 bits to equal 128 bits for AES key This will be too expensive for many SIP phones Use ECC Diffie-Hellman? Use optional smaller Diffie-Hellman key size 512 bits SIP phone could have mechanism to get new key periodically from PC or PDA Or compute one overnight Remember Diffie-Hellman key is used in an HMAC to produce session key. |