Key length the length of the encryption key depends

Info icon This preview shows pages 35–36. Sign up to view the full content.

View Full Document Right Arrow Icon
- Key length: the length of the encryption key depends on the encryption algorithm, c.f. Annex I. Selectors: The security associations (SA) have to be bound to specific parameters (selectors) of the SIP flows between UE and P-CSCF, i.e. source and destination IP addresses, transport protocols that share the SA, and source and destination ports. - IP addresses are bound to two pairs of SAs, as in clause 6.3, as follows: - inbound SA at the P-CSCF: The source and destination IP addresses associated with the SA are identical to those in the header of the IP packet in which the initial SIP REGISTER message was received by the P-CSCF. - outbound SA at the P-CSCF: the source IP address bound to the outbound SA equals the destination IP address bound to the inbound SA; the destination IP address bound to the outbound SA equals the source IP address bound to the inbound SA. NOTE 5: This implies that the source and destination IP addresses in the header of the IP packet in which the protected SIP REGISTER message was received by the P-CSCF need to be the same as those in the header of the IP packet in which the initial SIP REGISTER message was received by the P-CSCF. - The transport protocol selector shall allow UDP and TCP. - Ports: 1. The P-CSCF associates two ports, called port_ps and port_pc , with each pair of security associations established in an authenticated registration. The ports port_ps and port_pc are different from the standard SIP ports 5060 and 5061. No unprotected messages shall be sent from or received on the ports port_ps and port_pc . From a security point of view, unprotected messages may be received on any port which is different from the ports port_ps and port_pc . The number of the ports port_ps and port_pc are communicated to the UE during the security mode set-up procedure, cf. clause 7.2. These ports are used with both, UDP and TCP. The use of these ports may differ for TCP and UDP, as follows: UDP case: the P-CSCF receives requests and responses protected with ESP from any UE on the port port_ps (the"protected server port"). The P-CSCF sends requests and responses protected with ESP to a UE on the port port_pc (the "protected client port"). TCP case: the P-CSCF, if it does not have a TCP connection towards the UE yet, shall set up a TCP connection from its port_pc to the port port_us of the UE before sending a request to it.. NOTE 6: Both the UE and the P-CSCF may set up a TCP connection from their client port to the other end's server port on demand. An already existing TCP connection may be reused by both the P-CSCF or the UE; but it is not mandatory. NOTE 7: The protected server port port_ps stays fixed for a UE until all IMPUs from this UE are de-registered. It may be fixed for a particular P-CSCF over all UEs, but there is no need to fix the same protected server port for different P-CSCFs.
Image of page 35

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 36
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern