a technical review of roc, cryptographic context, indices, and sliding windows
TRANSCRIPT
![Page 1: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/1.jpg)
SRTP Replay ProtectionA Technical Review
of ROC, Cryptographic
Context, Indices, and Sliding
Windows
![Page 2: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/2.jpg)
Security Measure for SIPSIPS (or SIP over TLS) Per Hop Encryption of Transport SRTPSRTP End-to-End Protection of Media
Content Provides Confidentiality, Message
Authentication, and Replay Protection Encryption for Confidentiality Keyed Hash Function for Message
Authentication Counters for Replay Protection
![Page 3: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/3.jpg)
What is a Replay Attack? Packet stored by an adversary,
and then injected back into the network.
Example - storing video of a surveillance camera and injecting it to the monitoring station to avoid surveillance
Message authentication provides integrity but is not enough
![Page 4: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/4.jpg)
Replay Protection Definitions
Sequence Number ROC (Rollover Counter) Cryptographic Context Implicit Index Replay List Sliding Window Algorithm
![Page 5: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/5.jpg)
Sequence Number Sequence Number (SEQNUM) =
16-bits Incremented up to 65,535 (64-
bits) Defined in the SRTP header
![Page 6: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/6.jpg)
SEQNUM in the SRTP Header
![Page 7: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/7.jpg)
ROC (Rollover Counter) 32-Bit Unsigned Counter Number of Times Sequence
Number Reset to Zero (After Passing Through 65,535)
Incremented By “1” When Wrapped
Maintained By SRTP (Not in the Header)
![Page 8: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/8.jpg)
Cryptographic Context SRTP Creates Implicit Index from
Values in the Cryptographic Context
Includes State Information to Define Proper Security Measures
16-bit Sequence Number Also the Highest Received SRTP
Sequence Number
![Page 9: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/9.jpg)
Implicit Index Implicit (Not Carried in the
Packet) ROC + Sequence Number 48-bit (SEQNUM 16 + ROC 32) Per Packet Basis Also Used to Create Session Key
for Encryption and Authentication Index = 2^16 * ROC + SEQNUM
![Page 10: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/10.jpg)
Implicit Index (cont.) Receiver Calculates Implicit Index Determines if Unique Before
Accepting the Packet Only Accepts if Within Sliding
Window Compares Index and Last Index
(contained in Cryptographic Context)
![Page 11: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/11.jpg)
Replay List Maintained Only by Receiver SRTP Has to Provide
Authentication and Replay Protection
Contains Indices of Recently Received and Authenticated SRTP Packets
![Page 12: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/12.jpg)
Sliding WindowDefault Window Size is 64 - If the attacker chooses a sequence number at random, and the window size is 64, there is a 99.9-percent likelihood (1–64/216) that the packet will be discarded
![Page 13: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/13.jpg)
Sliding Window Only packets with index ahead of the
window, or, inside the window but not already received, SHALL be accepted.
Packets with sequence numbers < 64 packets behind the highest-numbered packet will be discarded
Packets > 64 packets ahead of the window are discarded
Discarded if “RECEIVED?” Bit = Set Packets Within the Window Accepted Packets Higher Than the Window Causes It
to Advanced
![Page 14: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/14.jpg)
Sliding Window
![Page 15: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/15.jpg)
Challenges for the Receiver
Receiver’s Window Size (RWS) Packets Arrive Out of Order Sequence Number May Have
Wrapped 32,768 (half of 16 bit) Also Packet Loss and Bit Errors
![Page 16: A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows](https://reader030.vdocuments.mx/reader030/viewer/2022032723/56649f515503460f94c75388/html5/thumbnails/16.jpg)
,
Karen LugoApril 8, 2013CSCI e 139