|Informative Information for the Uninformed
The encryption method chosen for use in the SteganRTP reference implementation is not really encryption at all. In favor of light-weight and speed, a simple bitwise exclusive-or (XOR) obfuscation method was chosen as a symmetric cipher. The choice of encryption method here does not indicate that another, more robust type of encryption could not be used; rather, the modular design of the reference implementation promotes drop-in replacement of the current encryption system entirely, assuming that the replacement encryption method does not have a noticeable impact upon the latency of the overt RTP stream being used as cover-medium.
The author does not claim that the obfuscation method used by the SteganRTP reference implementation to be cryptographically secure. Rather, it is well documented in the literature that XOR against a repeating keystream is insecure[28,29,30]. The obfuscation of message data is merely meant to provide some rudimentary protections against statistical steganalysis which focuses upon perceptible properties of language within the stego-medium.
The XOR obfuscation method employed by the SteganRTP reference implementation consists of the following steps: