What is Secure Real-Time Transport Protocol?

The Secure Real-Time Transport Protocol (SRTP) is defined as a profile of RTP. SRTP provides confidentiality, message authentication, and replay protection to the RTP traffic. It also protects the traffic of Real-time Transport Control Protocol (RTCP).

SRTP is a layer between the RTP and the networking layer. The SRTP protocol as defined in RFC 3711 provides support for encryption, decryption of RTP payloads, and integrity protection of the entire packet.

SRTP uses a single master key for generating session keys for encryption and authentication. RTP is closely related to RTCP(RTP control protocol) which can be used to control the RTP session. SRTP has a related protocol called Secure RTCP or SRTCP. SRTCP provides the same security related features to RTCP, as SRTP provides to RTP.

SRTP is the security layer that resides between the RTP/RTCP application layer and the transport layer. It generates SRTP packets from the RTP/RTCP stream and forwards the packets to the receiver. It also transforms incoming SRTP packets to RTP/RTCP packets and passes these up the stack.

How SRTP Works?

Symbian Implementation of SRTP

The SRTP implementation follows the mandatory mechanisms defined in RFC 3711:

  • AES-128 Counter mode for encryption of RTP payloads

  • HMAC-SHA1 for authentication/integrity protection of RTP packets

  • AES-Counter Mode for session key derivation

  • NULL mode is supported for encryption/decryption and authentication.

Functional Model of SRTP

The figure below describes the functional model of SRTP.

The SRTP Stack is not an active component and is not network aware. It sits as a processing layer between the RTP stack and the network. The RTP stack calls for SRTP encryption before it sends the RTP Packets to the network. At the receiving side, the RTP stack decrypts the data received prior to normal RTP Processing.

The APIs execute within the process boundary of the RTP Application. The SRTP APIs are generic and can be used by any RTP stack.

The SRTP library implements the following functionalities:

  • Encryption of RTP payloads

  • Message authentication and integrity of the RTP packet

  • Replay Protection.

How to use SRTP?

The SRTP stack is offered as a general purpose DLL.

The capability of the DLL is ALL -TCB.

The application should link to srtp.lib.

Dependency

The SRTP implementation consists of crypto routines using the Symbian cryptographic libraries namely cryptospi.dll (from Symbian^3)