| Current | v9 | v8 | v7 | v6 | v5 | v4 | v3 | v2 | v1 | All | About |
Real-time Transport Protocol
Real-time Transport Protocol[4] (RTP) is described by the protocol authors as ``a transport protocol for real-time applications.'' RTP provides an end-to-end network transport suitable for applications transmitting real-time data such as audio, video or any other type of streamed data. RTP generally utilizes the User Datagram Protocol[5] (UDP) for its transport and can do so in both multicast or unicast network environments. When employed by a VoIP system, RTP generally handles the media channel of a call. The call's media channel is generally handled independent of the VoIP signaling channel. However, per the RTP specification, there are no default network ports defined. As such, the RTP endpoint network ports must be negotiated between the endpoints via the signaling channel. Other events in the signaling channel may also influence the operation of the media channel as handled by RTP such as requests to change audio encoding, add or remove parties from the call, or tear down the call.
One of RTP's current deficiencies is that it is entirely clear-text while traversing the network. An RTP profile has been defined for encrypting parts of the RTP data packet called Secure Real-time Transport Protocol[6] (SRTP). However, the specification defines no mechanism for negotiating or securely exchanging keying information to be used for the encryption and decryption processes. At the time of this writing, a number of keying mechanisms have been defined but no standard has either been agreed upon by the standards bodies or determined by the free market. As such, most implementations of RTP do not currently use the SRTP profile and instead continue to transmit call media data in the clear. As will be detailed in full in Section ![[*]](8/3/images/html/crossref.png)
, this property of the media channel provides ample opportunity for multiple types of operational scenarios where unknown third-parties to the legitimate callers may hijack all or part of the call's media traffic for transmission of covert communications. Making use of this blatantly insecure property of RTP is the primary motivation for this research effort.