IMG 1010 - SIP SRTP CryptoSuite

Owned by Kelli Higdon
Last updated: Mar 05, 2024
2 min read

Description:

The SIP SRTP Crypto-Suite defines the parameters being used to encrypt an RTP stream. The SIP Crypto-Suite object is configured under the SIP SGP Profile object and includes the Advanced Encryption Standard, the Window Size Hint, and whether STRCP will be enabled.

Accessing this Pane

Dialogic IMG EMS -> Profiles -> SIP SGP -> SIP SRTP CryptoSuite

Maximum Objects:

3 SIP SRTP CryptoSuite Objects per SIP SGP object.

Related Topics

IMG 1010 - SIP Profile - 10.5.3

IMG 1010 - TLS - Configuration

IMG 1010 - IP Bearer Profile

ClientView Pane:

Field Descriptions:

Crypto-Suite:

The crypto-suite identifies the encryption to be utilized in the SRTP media stream. Select from drop down menu the Advanced Encryption Standard.

AES_CM_128_HMAC_SHA1_80 (Default)- This is the default Advanced Encryption Standard. It offers a 128 bit master key along with an 80 bit authentication tag. This crypto-suite has a default lifetime of 2^48 SRTP Packets or 2^31 SRTCP Packets. See RFC 4568 for more information on each crypto-suite

AES_CM_128_HMAC_SHA1_32 - This crypto-suite is similar to the AES_CM_128_HMAC_SHA1_80 crypto-suite except it offers a 32 bit authentication tag

F8_128_HMAC_SHA1_80 - This crypto-suite is identical to AES_CM_128_HMAC_SHA1_80 except the cipher is used in F8 mode. Universal Mobile Telecommunications System 3G Mobile Networks uses AES-F8 mode.

See RFC 4568 for more information on each crypto-suite

Window Size Hint:

Replay protection stores a list of packets and their indexes that have been received during a SRTP session. The receiver checks the index value of each new packet with the index of the packet stored within this window. Only packets with index values ahead of the window are accepted. The size of the replay protection window is determined by the Window Size Hint. The Default value is 64 and can be as high as 99. Click in the Window Size Hint and enter new value

SRTCP Encryption:

RTCP Packets are used to determine Quality of Service of a specific VoIP connection. The SRTP Encryption field allows the IMG to either send these packets encrypted or not.

Disabled(default)- Encryption on RTCP packets is disabled. Any RTCP packets sent are not encrypted or secure

Enabled  - Encrypts any RTCP packets so that any RTCP packets being sent are encrypted and secure.

 

Return to Documentation Home I Return to Sangoma Support