[VOIPSEC] mikey for group calls

Kasturi Narayanan knarayan at sipera.com
Mon May 8 16:52:14 CDT 2006 

If you are hosting the 3 way call on the local endpoint the normal approach
is the second one you mentioned below.

Kasturi

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Torsten
Sent: Monday, May 08, 2006 4:41 PM
To: Gupta, Sachin
Cc: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] mikey for group calls

Thanks for response.

But one more question on this topic:
What is the best way to setup a 3-way conference?

Possibility 1:
++++          ++++
|A | -------> |B |
|  | <------- |  |
++++          ++++
 ^ |          | ^
 | |          | |
 | |   ++++   | |
 | --->|C |<--- |
 ------|  |------
       ++++
Each client initiates an unicast stream to the neighbours and spreads
the voice to each one.  In the other direction the device receives all
incoming streams and mixes them for the listener. Public-key encryption,
pre-shared keys an DH are possible, I think.

Possibility 2:
++++          ++++
|A | -------> |B |
|  | <------- |  |
++++          ++++
 ^ |
 | |
 | |   ++++
 | --->|C |
 ------|  |
       ++++
Client A initiates the conference. The voice of C is streamed to A. A
forwards it, maybe mixed with the own voice, to B. I think public-key
encryption, pre-shared keys an DH are also possible, because there are
only unicast streams.

Torsten


Gupta, Sachin schrieb:
> If multicast is to be, used then D-H mode is not feasible. In case of
> Unicast stream I do not see any issues, except that it will put more
> computational load.
> With D-H shared key conferencing can not be done.
> 
> Sachin
> 
> 
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Torsten
> Sent: Monday, May 08, 2006 3:59 PM
> To: Voipsec at voipsa.org
> Subject: [VOIPSEC] mikey for group calls
> 
> Hey,
> 
> i have a question on secure group calls using MIKEY. It is written in
> the RFC, that it is not possible to use Diffie Hellman for group calls,
> only public-key encryption and pre-shared keys. In section 8.2 of the
> RFC, you can see a figure showing a small-size interactive group; I
> think this is the best way to establish a 3-way conference. Each client
> sets up the security for its outgoing streams. Why it is not possible to
> use DH in this scenario?
> Are there other solutions for setting up a secure 3-way conference using
> MIKEY?
> 
> 
> Torsten
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> 
> 

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list