Manualshelf

System information

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
21222324252627282930
26 Dialogic
®
HMP Software Release 3.0WIN Release Guide — December 2010
Dialogic Corporation
Features
For message authentication and integrity, the pre-defined authentication transform is
HMAC-SHA1 as described in the HMAC: Keyed-Hashing for Message Authentication
IETF publication, RFC 2104.
An important part of any encryption scheme is the generation of the keys used to encrypt
the information. SRTP relies on an external key management system to provide the
master key and master salt. A master key is a random bit string from which session keys
(used directly in the cryptographic transforms) are derived. A master salt is also a random
bit string used to provide even greater security.
SRTP incorporates a “key derivation algorithm” that uses the master key, master salt and
packet index to generate the session keys that are used directly for encryption or
message authentication. The rate at which new session keys are applied, that is, the “key
derivation rate” can also be defined.
Note: The maximum number of SRTP channels in a system is 500.
For additional information, see Section 6.7, “Dialogic® IP Media Library API Library”, on
page 51 and the Dialogic
®
IP Media Library API Programming Guide and Library
Reference.
3.3 SIP Transport Layer Security (TLS)
Transport Layer Security (TLS) provides the ability to authenticate and encrypt TCP-
based call control using a variety of different key exchange, authentication, encryption,
and message authentication code algorithms. TLS provides for its own authentication and
key management, as well as encryption. TLS can provide a secure way for two devices
mutually using SRTP to exchange the necessary setup information, including the SRTP
keys (using SDP Secure Descriptions). This capability is only required when the Dialogic
®
HMP Software call control stack is used. When using a call control stack external to
Dialogic
®
HMP Software, you will need to provide your own call control security.
Note: The maximum number of TLS channels in a system is 500.
For additional information about TLS, see the Dialogic
®
Global Call IP for Host Media
Processing Technology Guide.
3.4 MSML Media Server Software for Remote
Applications
Dialogic
®
HMP Software Release 3.0WIN supports MSML media server software that
uses the common interfaces provided by the Global Call call control software and the
Session Initiated Protocol (SIP) to allow media processing on a Media Server (MS) from a
remote agent such as an Application Server (AS).
For additional information, see the Dialogic
®
MSML Media Server User’s Guide.