SRTP-MK

Secure Real-time Transport Protocol Master Key

Security
Introduced in Rel-16
The SRTP Master Key is a cryptographic key used to derive session keys for encrypting and authenticating media streams in 3GPP networks. It ensures the confidentiality and integrity of real-time communication, such as VoLTE and VoNR, protecting against eavesdropping and tampering.

Description

The SRTP-MK (Secure Real-time Transport Protocol Master Key) is a fundamental security parameter within the 3GPP framework for protecting media plane traffic. It is a symmetric cryptographic key, typically 128 or 256 bits in length, that serves as the root secret for a specific media session. This master key is not used directly for packet encryption or authentication. Instead, it is input, along with other parameters like the SRTP Master Salt (SRTP-MS), into a key derivation function (KDF) defined in RFC 3711 and adopted by 3GPP. The KDF generates a set of session-specific keys, including the encryption key, authentication key, and salting key for SRTP and its control protocol, SRTCP. This process ensures that each media session uses unique cryptographic keys, limiting the impact of a potential key compromise.

Architecturally, the SRTP-MK is generated and distributed by the core network's security functions. In the IP Multimedia Subsystem (IMS), the SRTP-MK is typically established during the session setup signaling, such as via the Session Initiation Protocol (SIP) and the Session Description Protocol (SDP). It can be transported securely using mechanisms like the Key Management Extensions for SDP (SDES) or, more commonly in 3GPP, through the integration with the underlying access security. For example, in EPS and 5GS, keys from the Access Stratum security (e.g., Kasme or Kamf) can be used to derive the SRTP-MK, creating a cryptographically bound chain of security from the radio access to the media.

The role of the SRTP-MK is critical for end-to-end media security between user equipment (UE) and the network, or between UEs in a call. It forms the basis for applying the AES (Advanced Encryption Standard) in counter mode for encryption and HMAC-SHA1 for authentication within SRTP. The management of this key—its generation, distribution, and lifetime—is handled by network elements like the Proxy-Call Session Control Function (P-CSCF) and the Media Resource Function (MRF), in coordination with policy control. Its proper implementation is mandatory for compliant VoLTE and VoNR deployments, ensuring that real-time voice and video services meet the stringent security and privacy requirements of modern telecommunications.

Purpose & Motivation

The SRTP-MK was introduced to provide a standardized, robust mechanism for securing real-time media flows in 3GPP's all-IP networks, such as those used for Voice over LTE (VoLTE) and Voice over NR (VoNR). Prior to its formalization in 3GPP, media security was often handled in an ad-hoc manner or not at all, leaving voice and video calls vulnerable to interception and manipulation on the IP transport layer. The shift from circuit-switched voice, which had inherent physical security, to packet-switched IP multimedia services created a clear need for cryptographic protection at the application layer.

Its creation was motivated by the requirement to meet regulatory and consumer demands for communication privacy, aligning with broader industry standards like IETF's SRTP. The SRTP-MK solves the problem of key establishment for media sessions by integrating with the existing 3GPP security architecture. Instead of inventing a wholly separate key management protocol, 3GPP leverages the keys and trust established during network access authentication (e.g., via 5G AKA or EAP-AKA') to derive the SRTP-MK. This approach provides efficiency and a strong security linkage, ensuring that only authenticated users can establish secure media sessions. It addresses the limitations of previous approaches where media might be secured with weak, static keys or where security was terminated at a network node, breaking end-to-end protection.

Key Features

  • Serves as the root cryptographic secret for deriving SRTP and SRTCP session keys
  • Integrated with 3GPP access security for key derivation (e.g., from KDF output)
  • Supports key lengths of 128 and 256 bits for AES encryption
  • Distributed securely via IMS signaling (e.g., within SDP using SDES or via access security context)
  • Enables unique session keys per call to limit key exposure impact
  • Fundamental for enabling confidentiality and integrity of RTP/RTCP packets

Evolution Across Releases

Rel-16 Initial

Introduced as the standardized master key for SRTP media security within 3GPP IMS and 5G media services. The architecture defined its derivation from 5G security anchor keys (e.g., from Kamf) and its provisioning via the P-CSCF for IMS-based calls, establishing the baseline for secure VoNR.

TS 24.380TS 29.380TS 29.582

Defining Specifications

SpecificationTitle
TS 24.380 3GPP TS 24.380
TS 29.380 3GPP TS 29.380
TS 29.582 3GPP TS 29.582