[cisco-voip] Srtp Key Management Over Voip?
Patrick Diener
patrick.diener at gmail.com
Thu Dec 13 11:55:56 EST 2007
wow big font...
maybe this doc can be of some assistance:
http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008068b526.html
As I understand this you can not change the encryption and HMAC
algorithms the IOS Router will use/negotiate for SRTP, but you should
be fine with AES and SHA1.
key exchange is done over H323 in "clear text" (ASN.1 is a bitch to
read but no were near secure...) so to secure the signaling you will
have to use IPSec...
Regards
Patrick
On Dec 13, 2007 3:45 PM, Ramiz Sardar <ramizchaudhary at gmail.com> wrote:
> Friends,
> I am using srtp in voip setup from router to router for voice security. If i
> just enter command "srtp" in voice service voip mode, srtp start
>
> encrypting/decrypting voice packets that i can see using debug command. But
> my question is how i can define shared key, encryption technique like i can
> do it in ipsec???
> I tried to find it on cisco website but couldn't. Even i posted my question
>
> on cisco Netpro/Sadikhov etc but same no response. My voip setup consist of
> MD110 pbx with cisco 3800 routers. Topology you can see below:
>
> Phone---------PBX------------------------Router---------------------------------------Router-------------------PBX----------Phone
>
>
> Between PBX and Router = E1 PRI (QSig)
> Between Router to Router = E1 Link
> Session Protocol Between Routers = H.323
>
> Note: IPsec can also be used for voice security but problem is, i cannot use
> CRTP with IPSec but can use with SRTP.
>
>
> Your immediate response will be highly appreciated.
>
> Best Regards
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
More information about the cisco-voip
mailing list