DTLS is utilized to establish the keys that are then used for securing the RTP stream. Once the keys are established, they are used to encrypt the RTP stream to make it SRTP(nothing special about the encryption, standard SRTP rfc3711) and then sent over that DTLS channel. If you read rfc5764, you can get more specifics about what a DTLS channel is and demultiplexing the packets, etc.
So, DTLS is key MANAGEMENT for the SRTP exchange. See rfc5764 section 4.1 for a little example.
In summary: if by SRTP over a DTLS connection you mean once keys have been exchanged and encrypting the media with those keys, there is not much difference. The main difference is that with DTLS-SRTP, the DTLS negotiation occurs on the same ports as the media itself and thus packet demultiplexing must be taken into account over those ports.
References:
https://stackoverflow.com/questions/31421909/difference-between-dtls-srtp-and-srtp-packets-send-over-dtls-connections
https://tools.ietf.org/html/rfc5764#section-4.1
No comments:
Post a Comment