DRAFT
© 2003 - 2005 Linksys, a Division of Cisco Systems Proprietary (See Copyright Notice on Page 2)
23
- SSRC of the encrypted stream (4B)
- Mini-Certificate (252B)
Upon receiving the Caller Hello, the callee responds with a Callee Hello message (base64 encoded and
embedded in the message body of a SIP response to the caller’s INFO request) with similar information, if
the Caller Hello message is valid. The caller then examines the Callee Hello and proceeds to step 2 if the
message is valid. In step 2 the caller sends the “Caller Final” message to the callee with the following
information:
- Message ID (4B)
- Encrypted Master Key (16B or 128b)
- Encrypted Master Salt (16B or 128b)
With the master key and master salt encrypted with the public key from the callee’s mini-certificate. The
master key and master salt are used by both ends for the derivation of session keys for encrypting
subsequent RTP packets. The callee then responds with a Callee Final message (which is an empty
message).
A Mini-Certificate contains the following information:
- User Name (32B)
- User ID or Phone Number (16B)
- Expiration Date (12B)
- Public Key (512b or 64B)
- Signature (1024b or 512B)
The signing agent is implicit and must be the same for all SPA’s that intended to communicate securely
with each other. The public key of the signing agent is pre-configured into the SPA’s by the administrator
and will be used by the SPA to verify the Mini-Certificate of its peer. The Mini-Certificate is valid if a) it has
not expired, and b) its signature checks out.
User Interface
The SPA can be set up such that all outbound calls are secure calls by default, or not secure by default. If
outbound calls are secure by default, user has the option to disable security when making the next call by
dialing *19 before dialing the target number. If outbound calls are not secure by default, user has the
option to make the next outbound call secure by dialing *18 before dialing the target number. On the other
hand, user cannot force inbound calls to be secure or not secure; it is at the mercy of the caller whether
he/she enables security or not for that call.
If the call successfully switches to the secure mode, both parties will hear the “Secure Call Indication
Tone” for a short while and the CID will be updated with the Name and Number extracted from the Mini-
Certificate sent by the other partyThe callee should check the name and number again to ensure the
identity of the caller. The caller should also double check the name and number of the callee to make
sure this is what he/she expects. Note that the SPA will not switch to secure mode if the callee’s CID
Number from its Mini-Certificate does not agree with the user-id used in making the outbound call: the
caller’s SPA will perform this check after receiving the callee’s Mini-Certificate.
To Next Page
Loading...
