Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Decrypt SRTP with inline encryption

Hi there,

I have a secure SIP session with SRTP audio captured in Wireshark. I am able to decrypt the SIP TLS using the server private key. In the SIP SDP I can see that inline SRTP encryption is used:

a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:L4q/1bF2POBE3S+WDTYFhotluE28Lm0DEIOD51Ew UNENCRYPTED_SRTCP

Based on the RFC 4568, the key after the "inline" part is the 40 byte long Base64 encoded master+salt concatenation, which, when decoded, should become 30 bytes. However when I tried any of the online Base64 decoders, I got very random output, not what I expected. Using Java code to decode the Base64, I even got some negative bytes. I'm not sure how to decode the key, or if I can use it as it is? I tried inputting this whole string to Wireshark as the "Pre-Shared-Key" for the DTLS protocol, however the audio is still encrypted.

Is there a way to decrypt this SRTP stream in Wireshark?