Specifications

Configuring Security Features

213

2. Click Browse to select the certificate (*.pem and *.cer) from your local system.

3. Click Upload to upload the certificate.

A dialog box pops up to prompt “Success: The Server Certificate has been loaded!

Rebooting, please wait…”.

Secure Real-Time Transport Protocol

Secure Real-Time Transport Protocol (SRTP) encrypts the RTP streams during VoIP

phone calls to avoid interception and eavesdropping. The parties participating in the

call must enable SRTP feature simultaneously. When this feature is enabled on both

phones, the type of encryption to utilize for the session is negotiated between the IP

phones. This negotiation process is compliant with RFC 4568.

When a user places a call on the enabled SRTP phone, the IP phone sends an INVITE

message with the RTP encryption algorithm to the destination phone.

Example of the RTP encryption algorithm carried in the SDP of the INVITE message:

m=audio 11780 RTP/SAVP 0 8 18 9 101

a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:NzFlNTUwZDk2OGVlOTc3YzNkYTkwZWVkMTM1YWFj

a=crypto:2 AES_CM_128_HMAC_SHA1_32

inline:NzkyM2FjNzQ2ZDgxYjg0MzQwMGVmMGUxMzdmNWFm

a=crypto:3 F8_128_HMAC_SHA1_80 inline:NDliMWIzZGE1ZTAwZjA5ZGFhNjQ5YmEANTMzYzA0

a=rtpmap:0 PCMU/8000

a=rtpmap:8 PCMA/8000

a=rtpmap:18 G729/8000

a=fmtp:18 annexb=no

a=rtpmap:9 G722/8000

a=fmtp:101 0-15

a=rtpmap:101 telephone-event/8000

a=ptime:20

a=sendrecv

The callee receives the INVITE message with the RTP encryption algorithm, and then