Patent number 8488795 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: "Described below is a method for providing a symmetric key for protecting a key-management protocol.
"The technical field of the method relates to the protection or encryption of media data between user equipment, such as a personal computer, and provider equipment, for example a media server of a service provider.
"Typically no measures are taken to protect the media data in SIP/RIP-based Voice-over-IP systems currently in use (such as the IP Multimedia Subsystem--IMS for example). This might be justifiable in mobile radio networks, which typically provide a Layer-2 data encryption, such as the UMTS or GPRS network for example. Such underlying Layer-2 encryptions are typically not present in fixed network scenarios however, so that own protection mechanisms have to be used here. This is all the more urgent since for example the IMS will also be used to an increasing degree in fixed network scenarios and not just in the mobile network environment, for which it was originally developed.
"A possible approach to protecting the media data is end-to-end encryption between the two communication partners. However a variety of problems are typically encountered here such as key management, lawful interception, transcoding etc. A better variant here appears to be an end-to-middle approach, in which protection is only undertaken between the terminal and provider equipment (e.g. a media proxy).
"In an end-to-end protection scenario the signaling end points and the media protection end points are the same, in an end-to-middle scenario they are different. RFC 3711 defines a profile for RTP, namely Secure RTP (SRTP), to protect the RTP stream. SRTP can be used to protect the media traffic in an end-to-end connection, i.e. the complete path between two communicating partners. RTP is also able to be used for an end-to-middle connection."
In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventors' summary information for this patent: "One aspect is to protect media data between user equipment and provider equipment in respect of integrity and confidentiality using a suitable security protocol such as SRTP.
"However such a security protocol must be equipped with a suitable main key for derivation of session keys and cryptographic context. One example for a cryptographic context is described in section 3.2 of RFC 3711. Before the start of a communication between the user equipment and the provider equipment, such as a media proxy for example, the main key and the cryptographic context are not available in the user equipment and the provider equipment. It is thus necessary to provide the main key and the cryptographic context. A key-management protocol can be used for this purpose. An example of a key-management protocol for SRTP is MIKEY. MIKEY is described in RRC 3830. The key-management protocol is executed between the user equipment and the suitable server of the network. The suitable server does not have to be the media proxy. Alternately this can also coincide with the SIP proxy. However the key-management protocol itself must be protected.
Most Popular Stories
- NSA Defends Global Cellphone Tracking Legality
- Top Websites for U.S. Hispanics
- Ad Counts Rise in 2013 for Hispanic Magazines
- Networks Vie for U.S. Hispanic TV Viewers
- Saab Gets Back into the Game; U.S. Auto Sales Soar
- Apple Activates Customer-Tracking iBeacon
- Dell Offers Undisclosed Number of Employee Buyouts
- 2013 Tech Gift Guide: iPad Mini Still Hot; Chromecast a Great Low-Cost Option
- A Biography of Jonathan Ive, Apple's Creative Chief
- Authorities Close to Deal with JPMorgan Chase over Madoff Response