Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP.

Published byOsbaldo Growden Modified over 9 years ago

Similar presentations

Presentation on theme: "Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP."— Presentation transcript:

1 Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP

2 Proprietary information - Lucent Technologies 2 SRTP Keying hierarchy Using BCMCS terms, SRTP keying starts at BAK –SRTP considers Key Management done by external protocols SRTP has two levels of key hierarchy: –Session-level Master key (equivalent to BAK) Delivered somehow by external means –Traffic level keys SK encrypt, SK auth, SK salt Derived locally from BAK and packet index Used to encrypt RTP, encrypt and authenticate RTCP

3 Proprietary information - Lucent Technologies 3 Comparison between BCMCS and SRTP BCMCS 1.Longer Term Session key (BAK) 2. One key (SK) for traffic protection Encryption only Key Derived from BAK 3.SK Manager (server) tells when to change SK 4.SK derivation is defined by 3GPP2 SRTP 1.Longer Term Session Key (Master Key) 2. Three keys for traffic protection SK encrypt, SK auth, SK salt Key Derived from MK 3. SK’s are changed by an internal counter - SRTP session parameter key_derivation_rate 4. SRTP RFC mandates its own key derivation algorithm BAK is equivalent to SRTP Master key both are allowed attributes (lifetime, key_id, etc) both are at most session-long, but can be changed sooner

4 Proprietary information - Lucent Technologies 4 Proposed solution – Preferred Modify proposed BCMCS SK derivation algorithm –Make it compliant with SRTP draft Advantages –Similar Key Hierarchy with current BAK (BAK->SK) –Compatibility with SRTP out-of-box –Need to deliver only BAK and parameters to SRTP and BCMCS BAK_id, BAK lifetime, SK derivation rate –Ability to secure both RTP and RTCP RTCP mandates authentication, so one SK not enough Disadvantages: –Requires change to BCMCS Security Framework document

5 Proprietary information - Lucent Technologies 5 Proposed solution – Alternative Use BCMCS SK as Master key (BAK equiv) in SRTP Advantages: –Avoids changing the current BCMCS Security Framework Disadvantages: –SK has no attributes (new work – add items) –SK is likely to change much more frequently than either BAK or SRTP Master key, so efficiency may suffer –Introduces unnecessary extra key level in the hierarchy Secondary short-term session keys

Download ppt "Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP."

Similar presentations

www.dynamicsoft.com Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
MIKEY Capability Discovery Seokung Yoon (Korea Information Security Agency) draft-seokung-msec-mikey-capability-discovery-00.txt.

MIKEY Capability Discovery Seokung Yoon (Korea Information Security Agency) draft-seokung-msec-mikey-capability-discovery-00.txt.
Time Synchronization Protocols and Security IETF tictoc working group 28 July 2011 Karen ODonoghue

Time Synchronization Protocols and Security IETF tictoc working group 28 July 2011 Karen ODonoghue
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.

EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.
Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.

Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
Page 1 3GPP2 Broadcast and Multicast Service Contact: Jun Wang, Qualcomm Inc.

Page 1 3GPP2 Broadcast and Multicast Service Contact: Jun Wang, Qualcomm Inc.
ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.

ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.
RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.

RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Introduction to Kerberos Kerberos and Domain Authentication.

Introduction to Kerberos Kerberos and Domain Authentication.
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Similar presentations

Ads by Google