Re: [AVT] SRTP: question about MKI length
Mark Baugher <mbaugher@cisco.com> Thu, 21 July 2005 14:04 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DvbfM-00009s-SB; Thu, 21 Jul 2005 10:04:48 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DvbfK-00006k-Jb for avt@megatron.ietf.org; Thu, 21 Jul 2005 10:04:46 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA02233 for <avt@ietf.org>; Thu, 21 Jul 2005 10:04:45 -0400 (EDT)
Received: from sj-iport-1-in.cisco.com ([171.71.176.70] helo=sj-iport-1.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Dvc9N-0001sj-0X for avt@ietf.org; Thu, 21 Jul 2005 10:35:50 -0400
Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-1.cisco.com with ESMTP; 21 Jul 2005 07:04:36 -0700
X-IronPort-AV: i="3.93,308,1115017200"; d="scan'208"; a="649881936:sNHT28244726"
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j6LE4Vul011436; Thu, 21 Jul 2005 07:04:31 -0700 (PDT)
Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 21 Jul 2005 07:04:37 -0700
Received: from [192.168.0.12] ([10.21.98.54]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 21 Jul 2005 07:04:21 -0700
In-Reply-To: <E5CB8BF27E39374ABE7C56E1FF20497C49030A@fmt-ex01.net.com>
References: <E5CB8BF27E39374ABE7C56E1FF20497C49030A@fmt-ex01.net.com>
Mime-Version: 1.0 (Apple Message framework v622)
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Message-Id: <b916c5d197f279bd7f51b53c935b4ac4@cisco.com>
Content-Transfer-Encoding: 7bit
From: Mark Baugher <mbaugher@cisco.com>
Subject: Re: [AVT] SRTP: question about MKI length
Date: Thu, 21 Jul 2005 07:04:34 -0700
To: Usha Sharma <Usha_Sharma@net.com>
X-Mailer: Apple Mail (2.622)
X-OriginalArrivalTime: 21 Jul 2005 14:04:21.0126 (UTC) FILETIME=[178C9A60:01C58DFD]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Content-Transfer-Encoding: 7bit
Cc: avt@ietf.org
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Sender: avt-bounces@ietf.org
Errors-To: avt-bounces@ietf.org
hi RFC 3711 assumes that the key management system will set the maximum length for the MKI. The use of an MKI function is common in video broadcasting where a key gets rotated at rates that may be less than one second. TV conditional access vendors operate proprietary systems that rotate the key according to application needs (there is really no cryptographic need to rotate a 128-bit AES counter-mode key until 2^64 packets have been encrypted using it - a very long time). The MKI was added for this application - and vendors in this industry use various sizes for the key index, particularly to convey a variety of key management information over a broadcast channel. In general, there is no need to use an MKI. If there is, I would expect that a small, one-byte MKI would suffice to handle cases where key rotation might be useful. Mark On Jul 20, 2005, at 11:18 PM, Usha Sharma wrote: > There is no description in RFC 3711 for upper limit of MKI length and > range of MKI value. SDP (draft-ietf-mmusic-sdescriptions-11.txt) > defines that MKI value is a positive integer and MKI length could be > up to 128 byte. Is it worthwhile to use such big MKI value for voice > applications, considering the bandwidth overhead introduced by it. > What would be the optimal value of MKI length for most applications? > _______________________________________________ > Audio/Video Transport Working Group > avt@ietf.org > https://www1.ietf.org/mailman/listinfo/avt _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www1.ietf.org/mailman/listinfo/avt
- [AVT] SRTP: question about MKI length Usha Sharma
- Re: [AVT] SRTP: question about MKI length Mark Baugher
- RE: [AVT] SRTP: question about MKI length Dondeti, Lakshminath
- Re: [AVT] SRTP: question about MKI length Mark Baugher