Secure Voice Data Examples - Dialogic DMG1000 User Manual

Dialogic 1000 and 2000 media gateway series

Hide thumbs Also See for DMG1000:

User manual (122 pages)

Getting started manual (40 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

page of 247

/ 247
Contents
Table of Contents
Bookmarks

Table of Contents

request secure audio and will reject all requests for non-secure audio. If SRTP_Preferred is

specified, the gateway will request both secure audio and non-secure audio, with a preference

for secure audio, and the gateway will accept requests for both secure and non-secure audio. If

RTP_Only is specified, the gateway will only request non-secure audio and will only accept

requests for non-secure audio.

Note: SRTP_Preferred is not supported in Version 5.1 SU2 Software.

•

Master Key Index (MKI) on Transmit Stream - With SRTP, audio data for a conversation is

encrypted using a key that is called the session key. Each session key is derived from a master

key communicated through SIP SDP. Multiple master keys may be used to add security. When

multiple master keys are used, the master key index is used to identify a master key. When an

audio data packet arrives, the master key index is specified in the packet so the packet receiver

knows which key to use to decrypt the packet. Not all the devices support this feature.

Key Derivation Enable - Key derivation refers to the process used to generate a session key

•

from a master key. If the session key is generated once for each conversation, Key Derivation

Enabled is set to false. Otherwise, if a session key is generated more than once from a master

key, Key Derivation Enabled is set to true. Enabling Key Derivation provides more security,

but not all devices support this feature.

•

Key Derivation Rate (KDR) - This parameter is only usable if Key Derivation Enabled is set to

Yes. KDR takes values of 16 to 24. When 0 is specified, the session key is only derived once,

which is the same as when Key derivation Enabled set to No. However, if key derivation rate is

to a value greater than 0, a new session key from the same master key is derived whenever the

audio data packet index reaches the multiple of 2

The session key will be derived whenever a packet index reaches 65536, 2*65536, 3*65536,

etc...

Cipher Mode - Cipher is the algorithm used to encrypt/decrypt a packet. The Media Gateway

•

supports plain text or AES counter mode. When plain text is specified, no

encryption/decryption is performed on the audio data and Authentication is skipped. By

default, the Media Gateway supports the AES counter mode.

Note: Plain_Text is not supported in Version 5.1 SU2 Software.

•

Authentication Type - The Media Gateway supports no authentication or SHA1. It is

recommended that you use authentication whenever the cipher is non-null as it provides more

security.

•

Authentication tag length. When SHA1 is used, the tag can be 32 bits or 80 bits. By default,

the Media Gateway supports SHA1 80 bits.

7.4.2