A secure and lightweight scheme for media keying in the session initiation protocol (SIP)

Vijay K. Gurbani, Vladimir Kolesnikov
2010 Principles, Systems and Applications of IP Telecommunications on - IPTComm '10  
Exchanging keys to encrypt media streams in the Session Initiation Protocol (SIP) has proved challenging. The challenge has been to devise a key transmission protocol that preserves the features of SIP while minimizing key exposure to unintended parties and eliminating voice clipping. We first briefly survey the two IETF SIP media keying protocols -SDES and DTLS-SRTP -and evaluate them against a core feature set. We then introduce a novel simple and lightweight scheme to significantly increase
more » ... he security of SDES SIP keying with minimal overhead costs. Our proposed key exchange involves only one symmetric key operation by sender and receiver and is secure against the Manin-the-middle attack unless the attacker is able to intercept both the SIP signaling and media plane traffic. Our key exchange scheme is much simpler than DTLS-SRTP; in fact, compared to SDES, it includes only one additional simple step. At the same time, it provides significantly better security than SDES and is only slightly weaker than the non-PKI version of DTLS-SRTP.
doi:10.1145/1941530.1941535 dblp:conf/iptcomm/GurbaniK10 fatcat:wndq6y5pavez5c42dwmgxll7ou