SRTP

Secure Real-time Transport Protocol

Security →
Introduced in Rel-8 Also in: Security

SRTP is the Secure Real-time Transport Protocol profile that provides confidentiality, authentication, and replay protection for real-time media like voice and video in 3GPP networks such as IMS and 5G.

Category
Security
Introduced
Rel-8
Where
Services › Codecs
Also touches
1 segments
Specifications
26 specs
SRTP Description Purpose Related Classification Detected Changes Specifications

Description

The Secure Real-time Transport Protocol (SRTP) is a 3GPP-standardized protocol that provides security services for Real-time Transport Protocol (RTP) traffic and its control counterpart, RTCP (secured via SRTCP). SRTP is defined as a cryptographic profile of RTP, meaning it adds security features to the standard RTP packet format without altering the underlying RTP header structure. It operates on a packet-by-packet basis, providing end-to-end security between the media endpoints, such as a UE and a Media Resource Function Processor (MRFP) or another UE in a direct communication.

SRTP works by applying cryptographic transforms to the RTP payload. For confidentiality, it encrypts the payload using a symmetric cipher, typically the Advanced Encryption Standard (AES) in Counter Mode (AES-CM). This mode is chosen because it generates a keystream that can be applied via bitwise XOR, making it efficient and error-tolerant—a single bit error in ciphertext only corrupts the corresponding bit in plaintext. For authentication and integrity, SRTP appends a Message Authentication Code (MAC), computed using a keyed hash function like HMAC-SHA1, to each packet. This MAC covers the RTP header, payload, and a packet index. A crucial mechanism is the use of a rolling packet index (derived from the RTP sequence number) and a master key to generate unique session keys for encryption and authentication for each packet, preventing key reuse.

Architecturally, SRTP relies on an external key management protocol (e.g., MIKEY, DTLS-SRTP, or 3GPP-specific key delivery from the core network) to establish a shared security context between endpoints. This context includes the master key, master salt, cryptographic suite, and the SRTP/SRTCP index rollover counters. The SRTP processing layer is typically implemented within the media stack. When sending media, the RTP payload is encrypted, the authentication tag is calculated and appended, and the resulting SRTP packet is sent over UDP/IP. The receiver performs the inverse operations: it validates the authentication tag using the replay list for replay protection, then decrypts the payload. In 3GPP networks, SRTP is mandatory for protecting media streams in IMS-based services like VoLTE, ViLTE, and Rich Communication Services (RCS), ensuring privacy and integrity for millions of real-time communications.

Purpose & Motivation

SRTP was developed to address the severe security shortcomings of the standard RTP protocol, which transmits media in the clear. As telecommunications migrated to all-IP networks with 3GPP's IMS, voice and video became vulnerable to eavesdropping, tampering, and replay attacks over untrusted IP networks like the public internet. The purpose of SRTP is to provide a standardized, efficient, and mandatory security layer specifically designed for the unique constraints of real-time media: low latency, tolerance to packet loss, and high packet rates.

The creation of SRTP within the 3GPP ecosystem was motivated by the need for a solution that could be deployed ubiquitously across devices and networks without breaking existing RTP-based applications. Previous network-level security (e.g., IPsec) was often too heavy, complex to manage end-to-end, and could introduce unacceptable latency or incompatibility with Network Address Translation (NAT). SRTP solves these problems by operating at the application layer, adding minimal overhead (typically 4-10 bytes for the auth tag and 4 bytes for the index), and using ciphers suitable for streaming media. It enables secure commercial VoIP and video services, protects user privacy, and allows operators to meet regulatory requirements for communication security, forming the bedrock for trusted multimedia delivery in 4G and 5G.

Classification

Part ofRTP
Specific typesSRTCPSAVPSRTP-MKISRTP-MKSRTP-MS
Related approachesMIKEYDTLS-SRTPIMS

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (78 CRs across 5 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Studied in Rel-8, normative work from Rel-15.

Rel-15 19 changes

In Release 15, the SRTP function was enhanced to support the establishment of a secure exchange of NAS messages during inter-system change between N1 mode and S1 mode. This involved updates to the correct secured packet procedures and the clarification of MIKEY-SAKKE values for key management. Furthermore, the release introduced the addition of a test vector for MIKEY-SAKKE to aid in implementation and validation.

  • Access attempt barred for the UE-initiated NAS transport procedure TS 24.501CR0194
  • DL and UL NAS Transport procedure updates for SOR TS 24.501CR0357
  • Revision on AMF transport behaviour of 5GSM message TS 24.501CR0209
  • Exchange of extended protocol configuration options TS 24.501CR0023
  • DL NAS Transport message TS 24.501CR0046
  • Resolution of editor's note on handling of unknown, unforeseen, and erroneous protocol data TS 24.501CR0151

+ 13 more changes

Rel-16 17 changes

In Release 16, the SRTP function itself was not directly updated; instead, enhancements were made to the underlying NAS transport procedures that carry authentication and security parameters. These included new congestion control for the UL NAS TRANSPORT message, the provision of MA PDU session information during UE-initiated NAS transport procedure initiation, and refined abnormal case handling for these transport procedures. These changes improved the reliability and management of the signaling that supports the establishment of secure media flows like SRTP.

  • Congestion control for CP data transport in 5GS TS 24.501CR0990
  • MA PDU request in UL NAS TRANSPORT message TS 24.501CR1020
  • Service Gap control in 5GS, reject of UL NAS Transport message TS 24.501CR1222
  • NAS transport of supplementary services messages for a deferred 5GC-MT-LR TS 24.501CR1365
  • Port management information container: Delivery via the NAS protocol and coding TS 24.501CR1470
  • CIoT user data container in UL NAS transport message not routable TS 24.501CR1742

+ 11 more changes

Rel-17 13 changes

In Release 17, the key SRTP-related update was the introduction of support for end-to-end application encryption (e2ae) using DTLS-SRTP specifically for non-WebRTC sessions. This extended the established framework for establishing SRTP security contexts using Datagram Transport Layer Security (DTLS) beyond its original WebRTC scope. Additionally, the release included clarifications and updates for security algorithms and protocols within the IMS media plane security specification (TS 33.328).

  • Support of e2ae security using DTLS-SRTP for non WebRTC sessions TS 23.334CR0178
  • Authentication of the MIKEY-SAKKE I_Message validation in pre-established session TS 24.380CR0230
  • SOR-CMCI transport and usage TS 24.501CR3207
  • 5GSM protocol update for redundant PDU sessions TS 24.501CR3671
  • Security updates for algorithms and protocols for 33.328 TS 33.328CR0068
  • Correction to NAS transport procedure TS 24.501CR2707

+ 7 more changes

Rel-18 24 changes

In Release 18, the primary update for the SRTP function was a correction to the RTP header extension within the Protocol description Information Element, as detailed in a specific Change Request. This correction ensures the proper technical description and handling of RTP header extensions, which are fundamental to the SRTP media plane security framework. No other new SRTP-specific features or capabilities were introduced in this release based on the provided set of changes.

  • Protocol error handling enhancements for Type 6 IE container IEs TS 24.501CR5031
  • UL/DL NAS transport updates for user plane positioning TS 24.501CR5215
  • Time validity information and location assistance information in SOR transport container TS 24.501CR5682
  • SLPP transport TS 24.501CR5919
  • UPP-CMI container transport TS 24.501CR5921
  • Add Additional information IE for UPP-CMI container in UE inititated NAS transport procedure TS 24.501CR6019

+ 18 more changes

Rel-19 5 changes

In Release 19, the SRTP function was enhanced to support multiple LCS secured user plane connections, as indicated by UE capability. This allows for more flexible and concurrent secure media sessions. The release also introduced clarifications for network behavior when handling NAS transport messages for PDU sessions in an inactive state, ensuring proper SRTP session continuity and management.

  • UE indication support of multiple LCS secured user plane connections TS 24.501CR6886
  • Conditions to include Additional information IE in UL NAS TRANSPORT message TS 24.501CR6977
  • PDU session inactive handling for DL TRANSPORT TS 24.501CR7047
  • Clarfication to network behavior when UL NAS TRANSPORT message is received with a PDU session in inactive state TS 24.501CR7045
  • PDU session ID in DL NAS TRANSPORT TS 24.501CR7107

Explore further

Broader topics and technologies where SRTP plays a role.

Topics
Authentication (5G-AKA, EAP)IMS & Voice (VoLTE, VoNR)Encryption & IntegrityMEC (Edge Computing)Privacy (SUPI, SUCI)LTE / LTE-Advanced
Technologies
LTE5G

Defining Specifications

3GPP specifications that define or reference SRTP, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 23.334 vj00 IMS-ALG to IMS-AGW Interface (Iq) Stage 2 Rel-19
TS 23.701 vc00 WebRTC Access to IMS Architecture Study Rel-12
TS 24.380 vj10 MCPTT Media Plane Control Protocol Rel-19
TS 24.501 vj50 5G NAS Protocols Specification Rel-19
TS 24.581 vj00 MCVideo Media Plane Control Protocol Specification Rel-19
TS 26.179 vj00 Codecs and Media Handling for MCPTT Rel-19
TS 26.234 vj00 3GPP PSS Protocols and Codecs Specification Rel-19
TS 26.244 vj00 3GPP File Format (3GP) Specification Rel-19
TS 26.281 vj00 MCVideo Codecs and Media Handling Rel-19
TS 26.522 vj30 RTP for XR in 5G Systems Rel-19
TR 26.806 vi00 Technical Report on Smartly Tethering AR Glasses Rel-18
TR 26.812 vi10 Technical Report Rel-18
TS 26.822 vj20 5G RTP Configurations Study Phase 2 Rel-19
TS 26.880 ve00 MBMS Enhancements for Mission Critical Video Rel-14
TR 26.998 vj00 5G AR/MR Glasses Integration Study Rel-19
TS 29.380 vj00 MCPTT-LMR Interworking Media Plane Control Rel-19
TS 29.582 vj00 MCData Interworking with LMR Systems Rel-19
TS 33.179 vdc0 MCPTT Security Architecture and Procedures Rel-13
TS 33.180 vk00 Security of Mission Critical (MC) Service Rel-20
TS 33.246 vj00 MBMS Security Specification Rel-19
TS 33.303 vj00 ProSe Security Specification for EPS Rel-19
TS 33.328 vj10 IMS Media Plane Security Specification Rel-19
TS 33.871 vc00 Security for WebRTC IMS Client Access Rel-12
TS 33.879 vd10 MCPTT Security Study Rel-13
TS 33.880 vf10 Security Study for Enhanced Mission Critical Services Rel-15
TS 37.579 vi40 Mission Critical services conformance testing Rel-18