Description
The Secure Real-time Transport Control Protocol (SRTCP) is defined by 3GPP as the mandatory security mechanism for protecting RTCP packets within an IP Multimedia Subsystem (IMS) and other 3GPP packet-switched services. SRTCP is not a separate protocol but a cryptographic transform applied to standard RTCP packets. It operates in conjunction with the Secure Real-time Transport Protocol (SRTP) to provide a complete security solution for RTP media streams and their associated control traffic. The protection is applied end-to-end between the communicating endpoints, such as User Equipment (UE) and application servers.
SRTCP works by adding a cryptographic trailer to each RTCP packet. This trailer contains a Message Authentication Code (MAC), which is computed over the entire RTCP packet (header and payload) using an authentication key. This ensures the integrity and source authentication of the control data, preventing tampering and spoofing. Optionally, SRTCP can also provide confidentiality by encrypting the RTCP payload, though this is less common as RTCP packets typically contain non-sensitive statistical information. A crucial feature is the use of a packet index and a replay list to protect against replay attacks, where an attacker re-sends previously captured packets.
Architecturally, SRTCP relies on a security context established through key management protocols like Multimedia Internet KEYing (MIKEY) or DTLS-SRTP. This context includes the cryptographic keys (encryption key, authentication key, salt key) and parameters like the cryptographic suite (e.g., AES-CM, HMAC-SHA1). The SRTCP processing layer sits between the RTCP application and the network transport layer. When sending, it takes an RTCP packet, generates the authentication tag, and appends the SRTCP index and the tag. When receiving, it validates the tag and checks the index against the replay list before passing the packet to the RTCP application. Its role is critical in 3GPP networks to secure service quality reports, participant identification, and session control messages, thereby protecting the overall multimedia session management.
Purpose & Motivation
SRTCP was created to address the security vulnerabilities inherent in the original, unprotected RTCP protocol. RTCP is a companion to RTP that carries control information for multimedia sessions, including participant reports, synchronization source (SSRC) identifiers, and packet loss statistics. In its plain form, RTCP is susceptible to attacks such as message forgery, replay attacks, and denial-of-service through false reporting. As 3GPP networks adopted IMS for delivering voice, video, and messaging over IP, securing these control channels became paramount for service integrity, billing accuracy, and user privacy.
The motivation for SRTCP stems from the need for a standardized, lightweight security mechanism that could be applied to the often small and frequent RTCP packets without introducing excessive overhead or latency. Previous approaches might have relied on network-level security like IPsec, but this is often terminated at network borders and does not provide true end-to-end security between application endpoints. SRTCP, as part of the SRTP framework, provides a session-layer security solution specifically tailored for real-time traffic. It solves the problem of authenticating control traffic in a way that is cryptographically bound to the media stream's security context, ensuring a unified security posture for the entire RTP session within 3GPP's all-IP architecture.
Key Features
- Provides message authentication and integrity protection for RTCP packets using a keyed Message Authentication Code (MAC)
- Optional payload encryption for confidentiality of RTCP control data
- Built-in replay protection using a packet index and replay list
- Low overhead, adding only a cryptographic trailer to each packet
- Uses the same master key and cryptographic context as the associated SRTP stream for simplified key management
- Mandatory for securing RTCP in 3GPP IMS and other packet-switched multimedia services
Evolution Across Releases
Initial adoption and specification of SRTCP as the standard for securing RTCP within the 3GPP IMS and Packet-Switched Streaming service. Defined its use with specific cryptographic transforms (AES-CM, HMAC-SHA1) and mandated its support for protecting RTCP traffic end-to-end.
Enhanced key management procedures for SRTP/SRTCP, including better integration with IMS authentication and key agreement. Clarified usage in various IMS communication service scenarios like voice and video call continuity.
Introduced support for new media codecs and services, ensuring SRTCP compatibility. Strengthened the security requirements for IMS-based services, reinforcing the mandatory nature of SRTCP for control traffic protection.
Aligned 3GPP specifications with updated IETF standards for SRTP/SRTCP, potentially incorporating newer cryptographic algorithms. Supported the evolution of VoLTE and ViLTE services with robust security for their RTCP reporting.
Integrated SRTCP into the 5G system architecture for native IMS voice and multimedia services. Ensured SRTCP works seamlessly with network slicing and edge computing scenarios for low-latency real-time communications.
Defining Specifications
| Specification | Title |
|---|---|
| TS 24.380 | 3GPP TS 24.380 |
| TS 24.581 | 3GPP TS 24.581 |
| TS 26.281 | 3GPP TS 26.281 |
| TS 26.880 | 3GPP TS 26.880 |
| TS 26.998 | 3GPP TS 26.998 |
| TS 29.380 | 3GPP TS 29.380 |
| TS 29.582 | 3GPP TS 29.582 |
| TS 33.179 | 3GPP TR 33.179 |
| TS 33.180 | 3GPP TR 33.180 |
| TS 33.246 | 3GPP TR 33.246 |
| TS 33.879 | 3GPP TR 33.879 |
| TS 33.880 | 3GPP TR 33.880 |
| TS 37.579 | 3GPP TR 37.579 |