Short Paper: Schemes for Enhancing the Denial-of-Service Tolerance of SRTP
暂无分享,去创建一个
Secure Real-time Transport Protocol (SRTP) provides confidentiality, authentication, integrity and replay protection for secure media transport in VoIP. However, the overhead of HMAC-SHA1 incurred per packet makes SRTP susceptible to flooding based Denial-of-Service attack. In this paper, we present a class of schemes to increase the DoS tolerance in SRTP. The central idea is to add a light-weight authentication mechanism on top of SRTP. This mechanism is used to efficiently discard illegitimate packets early on in the face of a DoS attack. Analysis shows that substantially larger traffic flood can be handled with the proposed enhancements.
[1] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.
[2] Baugher,et al. The Secure Real-Time Transport Protocol , 2003 .
[3] Henning Schulzrinne,et al. RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.