[asterisk-dev] AES-GCM mode SRTP
richard.seguin at marisec.ca
richard.seguin at marisec.ca
Thu Nov 7 12:11:35 CST 2013
Interesting! I was wondering if there were variations in what encryption was used for SRTP. It would be nice at some point to increase the key size from 128 to 256, hopefully that will be coming down the pipe soon.
-----Original Message-----
From: "Kristian Kielhofner" <kris at kriskinc.com>
Sent: Thursday, November 7, 2013 12:23pm
To: asterisk-dev at lists.digium.com
Subject: [asterisk-dev] AES-GCM mode SRTP
Hello,
I'm working on getting AES-GCM mode supported with SRTP. Long story
short it offers significant performance advantages, especially on
systems that support AES-NI.
There is a branch of libsrtp that supports AES-NI and AES-GCM via openssl:
https://github.com/cisco/libsrtp/tree/feature-openssl
IETF draft:
http://tools.ietf.org/html/draft-ietf-avtcore-srtp-aes-gcm-10
I'm currently testing support for AES_GCM_128_8 with pjsip and
FreeSWITCH (it works). I'd love to add Asterisk to this list. I'm
working on a patch (I just can't seem to get chan_sip to prefer
AES_GCM_128_8) but in the meantime I thought I'd check with the list
to see if there's any interest or work done on this already.
Thanks!
--
Kristian Kielhofner
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20131107/aef6c5fb/attachment.html>
More information about the asterisk-dev
mailing list