Differences between revisions 5 and 6
Revision 5 as of 2007-09-19 20:19:51
Size: 1887
Editor: JaapKeuter
Comment: Add the UDP and TCP port preferences.
Revision 6 as of 2008-04-12 17:51:24
Size: 1901
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 12: Line 12:
 * ["SDP"]: Typically, MIKEY is transported in a key-mgmt attribute in a ["SDP"] offer or answer.  * [[SDP]]: Typically, MIKEY is transported in a key-mgmt attribute in a [[SDP]] offer or answer.
Line 24: Line 24:
 * MIKEY UDP port: ["UDP"] port to expect MIKEY traffic on (default 2269).
 * MIKEY TCP port: ["TCP"] port to expect MIKEY traffic on (default 2269).
 * MIKEY UDP port: [[UDP]] port to expect MIKEY traffic on (default 2269).
 * MIKEY TCP port: [[TCP]] port to expect MIKEY traffic on (default 2269).
Line 31: Line 31:
 * attachment:SampleCaptures/mikey_psk.pcap  * [[attachment:SampleCaptures/mikey_psk.pcap]]
Line 34: Line 34:
A complete list of MIKEY display filter fields can be found in the [http://www.wireshark.org/docs/dfref/m/mikey.html display filter reference] A complete list of MIKEY display filter fields can be found in the [[http://www.wireshark.org/docs/dfref/m/mikey.html|display filter reference]]
Line 45: Line 45:
 * [http://www.ietf.org/rfc/rfc3830.txt RFC 3830] ''MIKEY: Multimedia Internet KEYing''.
 * [http://www.ietf.org/rfc/rfc4650.txt RFC 4650] ''HMAC-Authenticated Diffie-Hellman
 * [[http://www.ietf.org/rfc/rfc3830.txt|RFC 3830]] ''MIKEY: Multimedia Internet KEYing''.
 * [[http://www.ietf.org/rfc/rfc4650.txt|RFC 4650]] ''HMAC-Authenticated Diffie-Hellman
Line 48: Line 48:
 * [http://www.ietf.org/rfc/rfc4738.txt RFC 4738] ''MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY)''.
 * [http://www.minisip.org/publications.html] Secure VoIP publications from KTH, Stockholm.
 * [[http://www.ietf.org/rfc/rfc4738.txt|RFC 4738]] ''MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY)''.
 * [[http://www.minisip.org/publications.html]] Secure VoIP publications from KTH, Stockholm.

Multimedia Internet KEYing (MIKEY)

MIKEY is a key management scheme used with SIP/SDP and H.323/H.235.

History

MIKEY was made an RFC in August 2004, and was updated with two new modes in September 2006 and November 2006.

Protocol dependencies

  • SDP: Typically, MIKEY is transported in a key-mgmt attribute in a SDP offer or answer.

Example traffic

XXX - Add example decoded traffic for this protocol here (as plain text or Wireshark screenshot).

Wireshark

The MIKEY dissector is partially functional. There are currently no support for CHASH and ERR payloads, and no support for authentication and decryption.

Preference Settings

  • MIKEY UDP port: UDP port to expect MIKEY traffic on (default 2269).

  • MIKEY TCP port: TCP port to expect MIKEY traffic on (default 2269).

Example capture file

Capture file containing two MIKEY messages: Pre-shared and PSK ver msg. Pre-shared key is "secret".

Display Filter

A complete list of MIKEY display filter fields can be found in the display filter reference

  • Show only the MIKEY based traffic:

     mikey 

Capture Filter

You cannot directly filter MIKEY protocols while capturing.

Discussion

MIKEY (last edited 2008-04-12 17:51:24 by localhost)