1 / 16

SRTP Replay Protection

SRTP Replay Protection. A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows. Security Measure for SIP. SIPS (or SIP over TLS) Per Hop Encryption of Transport SRTP SRTP End-to-End Protection of M edia Content

varden
Download Presentation

SRTP Replay Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SRTP Replay Protection A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows

  2. Security Measure for SIP SIPS (or SIP over TLS) Per Hop Encryption of Transport SRTP SRTP End-to-End Protection of Media Content Provides Confidentiality, Message Authentication, and Replay Protection Encryption for Confidentiality Keyed Hash Function for Message Authentication Counters for Replay Protection

  3. What is a Replay Attack? Packet stored by an adversary, and then injected back into the network. Example - storing video of a surveillance camera and injecting it to the monitoring station to avoid surveillance Message authentication provides integrity but is not enough

  4. Replay Protection Definitions Sequence Number ROC (Rollover Counter) Cryptographic Context Implicit Index Replay List Sliding Window Algorithm

  5. Sequence Number Sequence Number (SEQNUM) = 16-bits Incremented up to 65,535 (64-bits) Defined in the SRTP header

  6. SEQNUM in the SRTP Header

  7. ROC (Rollover Counter) • 32-Bit Unsigned Counter • Number of Times Sequence Number Reset to Zero (After Passing Through 65,535) • Incremented By “1” When Wrapped • Maintained By SRTP (Not in the Header)

  8. Cryptographic Context SRTP Creates Implicit Index from Values in the Cryptographic Context Includes State Information to Define Proper Security Measures 16-bit Sequence Number Also the Highest Received SRTP Sequence Number

  9. Implicit Index Implicit (Not Carried in the Packet) ROC + Sequence Number 48-bit (SEQNUM 16 + ROC 32) Per Packet Basis Also Used to Create Session Key for Encryption and Authentication Index = 2^16 * ROC + SEQNUM

  10. Implicit Index (cont.) • Receiver Calculates Implicit Index • Determines if Unique Before Accepting the Packet • Only Accepts if Within Sliding Window • Compares Index and Last Index (contained in Cryptographic Context)

  11. Replay List • Maintained Only by Receiver • SRTP Has to Provide Authentication and Replay Protection • Contains Indices of Recently Received and Authenticated SRTP Packets

  12. Sliding Window Default Window Size is 64 - If the attacker chooses a sequence number at random, and the window size is 64, there is a 99.9-percent likelihood (1–64/216) that the packet will be discarded

  13. Sliding Window Only packets with index ahead of the window, or, inside the window but not already received, SHALL be accepted. Packets with sequence numbers < 64 packets behind the highest-numbered packet will be discarded Packets >64 packets ahead of the window are discarded Discarded if “RECEIVED?” Bit = Set Packets Within the Window Accepted Packets Higher Than the Window Causes It to Advanced

  14. Sliding Window

  15. Challenges for the Receiver • Receiver’s Window Size (RWS) • Packets Arrive Out of Order • Sequence Number May Have Wrapped • 32,768 (half of 16 bit) • Also Packet Loss and Bit Errors

  16. , Karen Lugo April 8, 2013 CSCI e 139

More Related