Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SDES or MIKEY

Hello Community, we setup a callamanger with a third party application and the vendor would like to know if the cucm works with SDES or MIKEY Encryption. Goog Question. I can´t really nothing in the Cisco Guides.

Anyone knows if the cucm works with SDES or MIKEY?

HTH, please rate all useful posts and right answers.       

HTH, please rate all useful posts and right answers.
4 REPLIES
Cisco Employee

SDES or MIKEY

Hello Armin,

Whats the purpose of this application ? and are we trying to setup a encrypted path between CUCM and 3rd Party application.

If, I look at the Encryption/ESP algorithm in CUCM IPSEC configuation, i dont see SDES or MIKEY listed.

Screen Shot 2014-02-18 at 3.17.53 pm.png

Screen Shot 2014-02-18 at 3.18.05 pm.png

Regards

Amit Singh

New Member

Re: SDES or MIKEY

Hi Amet, really thanks work w/ me on that. Good Question I am not the hero in Encrypten. SDES or Mikey are Ecrypten method for SRTP I believe.

http://en.wikipedia.org/wiki/SDES

http://en.wikipedia.org/wiki/MIKEY

but it seems this are different things.

SRTP relies on an external key management protocol to set up the  initial master key. Two protocols specifically designed to be used with  SRTP are ZRTP and MIKEY.

Bur what kind of external key management is using in CUCM?

How can I adjust SDES or Mikey in CUCM for SRTP?

HTH, please rate all useful posts and right answers.

HTH, please rate all useful posts and right answers.
New Member

Re: SDES or MIKEY

Hi Amet, first time it is only to know for add the third party application, meantime I am also by myself very interesst to know wthat kind of Key management for SRTP Cisco CUCM is using, because nowhere it is describe or documented at Cisco. Also not in Security Guide.

It is a mystery

Your help will be really fine and I think it is also for the Community really helpfull because you don´t find any information on Cisco site concering cisco Products.

HTH, please rate all useful posts and right answers.

HTH, please rate all useful posts and right answers.
Cisco Employee

SDES or MIKEY

Hello Aamir,

•Audio  Only – When CUCM is negotiating an audio–only answer, if the offer is  from the A and B party contain valid Crypto and DTLS, the CUCM will  answer with Crypto (i.e. SDES).
•Audio/Video  – When CUCM is negotiating an audio/video answer, if the offer is from  the A and B party contain valid Crypto and DTLS, the CUCM will answer  with DTLS.

•Currently only CTS supports DTLS.

You may check the following RFC: http://tools.ietf.org/html/rfc5764

Also, it should be worhwhile, checking with 3rd party product what they support.

Regards

Amit Singh

508
Views
0
Helpful
4
Replies
CreatePlease to create content