The Session Description Protocol Security Description for Media Streams (SDES) defines a mechanism to negotiate the cryptographic parameters necessary for the Secure Real-time Transport Protocol (SRTP). Specifically, a cryptographic attribute may be added to Session Description Protocol (SDP) unicast media streams. Using the standard SDP offer/answer model, the crypto-suite to be used can be negotiated, as well as other cryptographic parameters (i.e. keys, salts, etc) necessary for SRTP to secure the media stream. The media attribute defined by SDES is "crypto", such that acrypto:<tag> <crypto-suite> inline:<key||salt> Where: \ttag unique numeric identifier used by answerer to indicate which crypto attribute is acceptable \tcrypto-suite the exact encryption and authentication transforms to be used for SRTP media stream \tkey||salt concatenated master key and salt, base64 encoded \tsession-parms optional session parameters (i.e. master key lifetime, master key identifier and length, FEC parameters, etc). At present, there are only three different crypto-suites defined by SDES, using different variations of AES and SHA1 to provide encryption and authentication, respectively. These three crypto-suites are : \tAES_CM_128_HMAC_SHA1_80 \tAES_CM_128_HMAC_SHA1_32 \tF8_128_HMAC_SHA1_32 While the same crypto-suite is used by both the offerer and answerer, the same keys and salts are not to be used by each side. Therefore, each side will generate and pass these parameters using SDP. At this point to avoid exposing these parameters to unauthorized access, another data security protocol (i.e. SSLv3/TLSv1, etc.) should be used in order to provide security for the SDP messages. VOCAL’s SDES implementation is optimized for execution on ANSI C and leading DSP architectures. Our embedded software libraries include a complete range of ETSI / ITU / IEEE compliant algorithms, in addition to many other standard and proprietary algorithms. VOCAL’s SDES library is available standalone or with a VoIP stack for convenient integration with developer applications. Features \tcompliant with the Session Description Protocol Security Description for Media Streams RFC 4568 \tcan be used with SRTP to provide secure voice/video media streams \tstraightforward key exchange method Platforms \tTI TMS320C62x, C64x, C67x, DaVinci \tTI TMS320C54x, TMS320C55x \tTI OMAP \tADI Blackfin, ADSP-21xx Please contact us for details regarding other supported platforms.