Manage Learn to apply best practices and optimize your operations.

Securing VoIP Networks Chapter 7: Key Management Mechanisms

Key management is a fundamental part of protecting Internet multimedia applications like VoIP, but the protocols can be difficult to design. Securing VoIP Networks explains the current and emerging key management security, amid detailed charts to guide you through the process of securing your network.

In this Chapter Download, brings you Chapter 7, "Key Management Mechanisms" from Securing VoIP Networks. Key management is a fundamental part of protecting Internet multimedia applications such as VoIP. At the same time, key management protocols are difficult to design, especially for multimedia applications that require group participation (for example, videoconferencing, broadcasting or multicast audio, video or file transfer).

Key management is a must to protect Internet multimedia applications such as VoIP, video on demand, conferencing, and others. This chapter covered two methods, MIKEY and SRTP Security Descriptions, currently implemented by vendors to support security requirements to provide authentication, confidentiality, and integrity of media streams. In addition, this chapter discussed ZRTP, which is currently an IETF "draft" but is likely to become a viable solution for peer-to-peer confidentiality.

The MIKEY protocol provides the scalability and flexibility to support unicast and multicast communications, but it can be more complex to implement compared to SRTP Security Descriptions. Nevertheless, both approaches provide the ability to exchange cryptographic material and support the SRTP protocol to adequately protect the media streams between participants. ZRTP provides a level of transparency compared to MIKEY or SDescriptions because it is signaling protocol independent and it requires changes on the peer software but not the core VoIP components such as a SIP proxy or an H.323 gatekeeper.

One limitation that all key-exchange protocols suffer is that they cannot extend their properties to calls that traverse between VoIP networks and PSTN. Forking and media clipping are additional issues that require further research and need to be addressed by any key-exchange mechanism or protocol.14 Currently, the IETF is working on several options, including EKT and redesigning MIKEY (MIKEYv2), to provide additional mechanism for key management.

Download the rest of Chapter 7, "Key Management Mechanisms" from Securing VoIP Networks here.

Reproduced from the book Securing VoIP Networks, Copyright 2007, Cisco Systems, Inc.. Reproduced by permission of Pearson Education, Inc., 800 East 96th Street, Indianapolis, IN 46240. Written permission from Pearson Education, Inc. is required for all other uses.

This was last published in October 2007

Dig Deeper on Unified Communications Resources

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.