This is an extension of the RTP protocol with an enhanced security mechanism. It provides encryption, authentication and integrity verification of data and messages passed through the RTP-based communication protocol. SRTP enforces an AES (Advanced Encryption Standard) algorithm to encrypt and decrypt all incoming and outgoing messages. The authentication mechanism provides a hash-based message authentication code (HMAC) algorithm, which implements a cryptographic hash function and secret key to validate a message’s authenticity and integrity.
Because TLS is used for signalling, the SRTP key information in the SIP packets is also encrypted. Therefore, an attacker cannot access the key information as a pathway to accessing the voice data.
