The real-time transport protocol

Abstract

This paper describes the Real-time Transport Protocol (RTP) with the emphasis on the securities, confidentiality and authenticity. This system takes a media file as input, encrypt it and create a message digest on the encrypted data then transmit it to the user. On the other side the receiver again calculate digest and compare it with the received one, if match occurs then decrypt and play it in the real time player. In current specification of RFC1889, only the confidentiality is described and authenticity is left for lower layer protocols. This work made experiment both on authenticity and confidentiality. For authenticity MD5, SHA-1 and SHA-2 hash algorithms can be used and for confidentiality AES-128 and Triple DES cryptographic algorithms can be used. In fact, SHA-2 is better than other hash algorithms in terms of security but SHA-1 is better than SHA-2 in terms of time efficiency. On the other hand, AES-128 is better than Triple DES in terms of time efficiency and security. So SHA-1and AES-128 is chosen for authenticity and confidentiality respectively for the security of RTP. The experiment is performed on J2SDK1.5.

Keywords: Real-time transport protocol; Transport control protocol; Cryptographic algorithm; Hash algorithm.

1. Introduction:

In recent days Computer and Internet has become essential part of human life and people demanding more and more access and use data over the Internet in Real-time with efficient secure manner. A new protocol Real-time Transport Protocol (RTP) and its associated

Protocols helping people to use data over the Internet in their real-time applications. In this paper, the analyses of

the securities of RTP, an approach to modify RTP for authenticity are presented. Also the position of RTP in Computer Network Layers, its usage scenario and the importance of time consideration to transmit streams using RTP are discussed and shown their analytical results. RTP is intended to be malleable to provide the information required by a particular application and will often be integrated into the application processing rather than being implemented as a separate layer. RTP is a modular protocol. The usage of RTP for a specific purpose requires an application area specific RTP profile. RTP profiles are used for refining the basic RTP protocol to suit for a particular application area. RTP profiles define how and by which formats data is encapsulated to RTP packets. RFC 1889 defines basic fields for the transportation of real time data. It also defines Real-time Transport Control Protocol (RTCP), whose purpose is to provide feedback on transmission quality, information about participants of RTP session, and enable minimal session control services. RTP is an application level protocol that is intended for delivery of delay sensitive content, such as audio and video, through different networks. The purpose of RTP is to facilitate delivery, monitoring, reconstruction, mixing and synchronization of data streams. RTP provides end-to-end network transport functions suitable for applications transmitting real-time data. RTP is a protocol framework that is deliberately not complete. RTP dose not provide quality of service means that it has no flow control, no error control, no acknowledgement and no mechanism to request retransmission. It does not do so because if a missing packet is retransmitted then it might happen that the retransmitted packet reach to the user too late to use which may hamper real-time use of streams. If some packets are lost during transmission (it is very common for Real-time protocols) then the lost packets are generated by interpolation rather than retransmission. However to improve performance of RTP another protocol; Real-time Transport Control Protocol is used with RTP. It handles feedback on delay, jitter, bandwidth, congestion, and other network properties. RTCP also handles inter stream synchronization. The problem is that different streams may use different clocks, with different granularities and different drift rates. RTCP can be used to keep them in synchronization. RTCP is also supports the use of RTP level translators and mixers.

The paper is organized as follows. In section 2, RTP use scenarios are discussed. In section 3, position of RTP in computer network is discussed. In section 4, time consideration in RTP is discussed. In section 5, RTP packet format, its data transfer protocol and Real-time Transport control Protocol (RTCP) is discussed. Section 6 details the hash and cryptographic algorithms for RTP security while section 7 shows the result and performance analysis. Lastly, section 8 points out the conclusion inferred from the work.

2. RTP use scenarios:

The following sections describe some aspects of the use of RTP. The examples are chosen to illustrate the basic operation of applications using RTP. In these examples, RTP is carried on top of IP and UDP and follows the conventions established by the profile for audio and video specified in the companion Internet-Draft draft-ietf-avt-profile.

2.1 Simple multicast audio conference:

A working group of the IETF meets to discuss the latest protocol draft, using the IP multicast services of the Internet for voice communications. Through some allocation mechanism the working group chair obtains a multicast group address and pair of ports. One port is used for audio data, and the other is used for control (RTCP) packets. This address and port information is distributed to the intended participants. If privacy is desired, the data and control packets may be encrypted, in which case an encryption key must also be generated and distributed. The exact details of these allocation and distribution mechanisms are beyond the scope of RTP. The audio conferencing application used by each conference participant sends audio data in small chunks of, say, 20 ms duration. Each chunk of audio data is preceded by an RTP header; RTP header and data jointly form a UDP packet. The RTP header indicates what type of audio encoding (such as PCM, ADPCM or LPC) is contained in each packet so that senders can change the encoding during a conference, for example, to accommodate a new participant that is connected through a low-bandwidth link or react to indications of network congestion. The Internet, like other packet networks, occasionally loses and reorders packets and delays them by variable amounts of time. To cope with these impairments, the RTP header contains timing information and a sequence number that allow the receivers to reconstruct the timing produced by the source, so that in this example, chunks of audio are contiguously played out the speaker every 20 ms. This timing reconstruction is performed separately for each source of RTP packets in the conference. The sequence number can also be used by the receiver to estimate how many packets are being lost. Since members of the working group join and leave during the conference, it is useful to know who is participating at any moment and how well they are receiving the audio data. For that purpose, each instances of the audio application in the conference periodically multicasts a reception report plus the name of its user on the RTCP (control) port. The reception report indicates how well the current speaker is being received and may be used to control adaptive encoding. In addition to the user name, other identifying information may also be included subject to control bandwidth limits. A site sends the RTCP BYE packet when it leaves the conference.

2.2 Audio and Video Conference:

If both audio and video media are used in a conference, they are transmitted as separate RTP sessions RTCP packets are transmitted for each medium using two different UDP port pairs and/or multicast addresses. There is no direct coupling at the RTP level between the audio and video sessions, except that a user participating in both sessions should use the same distinguished (canonical) name in the RTCP packets for both so that the sessions can be associated. One motivation for this separation is to allow some participants in the conference to receive only one medium if they choose. Despite the separation, synchronized playback of a source’s audio and video can be achieved using timing information carried in RTCP packets for both sessions

2.3 Mixers and translators:

So far, it is assumed that all sites want to receive media data in the same format. However, this may not always be appropriate. Consider the case where participants in one area are connected through a low-speed link to the majority of the conference participants who enjoy high-speed network access. Instead of forcing everyone to use a lower-bandwidth, reduced-quality audio encoding, an RTP-level relay called a mixer may be placed near the low-bandwidth area. This mixer resynchronizes incoming audio packets to reconstruct the constant 20 ms spacing generated by the sender, mixes these reconstructed audio streams into a single stream, translates the audio encoding to a lower-bandwidth one and forwards the lower-bandwidth packet stream across the low-speed link. These packets might be unicast to a single recipient or multicast on a different address to multiple recipients. The RTP header includes a means for mixers to identify the sources that contributed to a mixed packet so that correct talker indication can be provided at the receivers. Some of the intended participants in the audio conference may be connected with high bandwidth links but might not be directly reachable via IP multicast. For example, they might be behind an application-level firewall that will not let any IP packets pass. For these sites, mixing may not be necessary; in which case another type of RTP-level relay called a translator may be used. Two translators are installed, one on either side of the firewall, with the outside one funneling all multicast packets received through a secure connection to the translator inside the firewall. The translator inside the firewall sends them again as multicast packets to a multicast group restricted to the site’s internal network. Mixers and translators may be designed for a variety of purposes. An example is a video mixer that scales the images of individual people in separate video streams and composites them into one video stream to simulate a group scene. Other examples of translation include the connection of a group of hosts speaking only IP/UDP to a group of hosts that understand only ST-II, or the packet-by-packet encoding translation of video streams from individual sources without resynchronization or mixing.

3. Position of RTP in computer network:

As a consequence it is decided to put RTP in user space but should run over User Datagram Protocol (UDP, it is connectionless transport protocol). RTP operates as follows. The multimedia (streams) application consists of multiple audio, video, text and possibly other streams. These are fed into the RTP library, which is in user space along with the application. This library then multiplexes the streams and encodes those RTP packers, which it then stuffs into a socket. At the other end of socket (in the operating system kernel), UDP packets are generated and embedded in IP packets. If computer is on an Ethernet, the IP packets are then put in Ethernet frames for transmission. The protocol stack for this situation is shown in Figure 1.

Since RTP runs in user space not in OS kernel and in the Ethernet it packed by UDP, then IP and then Ethernet, so it is difficult which layer RTP is in. But it is linked to application program and it is generic, application independent protocol that just provides transport facilities, so it is a transport protocol that is implemented in the application layer. The packet nesting is shown in Figure 2.

The main goal of RTP is to make the transmitting streams real-time applicable. On the other hand if security is provided to the transmitting streams, then some extra time is needed to encrypt the streams or to make signature such as making digest from entire movie or audio files. So in concern of time, security is added with some overheads to the RTP. The goal of this paper is to choose algorithms and procedures that make RTP reliable in term of time and security.

4. Time consideration in RTP:

Let a video or audio file over the Internet in real-time is intended to access, then here the most important parameter is bandwidth of the Network. And the next important parameters are minimum clip size and its duration as well as processors speed of both server and client. At first let it be assumed that files are accessing without security consideration. Then let review the following mathematical calculations for audio or video clip to access in real-time.

• One second file clip size = oneSecFileSize bits,
• Time duration of each clip = cSec seconds,
• Upload Transmission rate = uRate bits per second,
• Download Transmission rate = dRate bits per second,
• Time to upload, tUpload = oneSecFileSize *cSec/uRate,
• Time to download, tDownload = oneSecFileSize

If the time to upload or download a clip is more than the time to play a clip, the player will wait and the receiver will see a break, i.e. max (tUpload, tDownload) >cSec. For the continuous playing of clips, the following condition must be true:

• Max (1/uRate, 1/dRate) > 1/ oneSecFileSize
• Min (uRate, dRate) > oneSecFileSize

According to the equation, the waiting time between clips at the receiver does not depend on clip size. The only variable that matters for a continuous playback is the size of a one-second file and that the provided upload and download rates meet the above condition. Lag time between playing and capturing is:

cSec + tupload + tdownload

From the above equation, the maximum lag with no break in the feed is 3*cSec and the minimum lag is cSec. To get the clip as close to real time as possible, cSec should be reduced. Next, apply the above analysis to the following cases:

4.1 Both sender and receiver have a low bandwidth modem connection:

Let’s assume the uRate = dRate = 20K bits/sec. In this case, the one-second file size should be less than 20Kbits. If the clip size is 10 seconds, the maximum playback lag will be 30 seconds. It is observed that the minimum file size for transmitting a one-second video (with no audio) is 8Kbits using H263 encoding and 128×96 pixels video size. It is also observed a minimum file size with the video and an 8-bit mono audio with an 8000Hz-sampling rate to be 80Kbits.

4.2 Either the sender or the receiver has a low bandwidth connection:

Let’s assume that the lower rate is 20Kbits/sec and the other rate is much higher. In this case the one-second file size should be less than 20Kbits, but the maximum playback lag is about 20 seconds if the clip size is 10 seconds.

4.3 Both sender and receiver have high bandwidth:

It is noted here that the one-second-clip size may vary from the format to format of the file, that is, how the file is encoded. For example the one-second-clip size of MP3 is less than in WAV file. But the important point here is that when cryptographic algorithms are applied in the clip then an extra time is added to the processing of clip with each side. So if applied strong encryption algorithms to the clip then extra more time is needed to both sides and upload or download time will be affected and time lag between them will also be changed. So real time access of data is also affected. Therefore, providing security in RTP the considered parameters are bandwidth of the network, file format of clips, upload and download of the clip, processor and memory speed and applying cryptographic and hash algorithms.

5. RTP packet format and data transfer protocol:

RTP packet formats and its Data Transfer Protocol is as follows:

5.1 RTP fixed header files:

Whenever data are transferred with RTP, it always add a fixed header with the payload. The RTP header has the following format shown in figure 4:

The first twelve octets are present in every RTP packet, while the list of CSRC identifiers is present only when inserted by a mixer. Version (V) is 2 bits wide. This field identifies the version of RTP. The version defined by this specification is two (2). Padding (P) is 1 bit wide. If the padding bit is set, the packet contains one or more additional padding octets at the end which are not part of the payload. The last octet of the padding contains a count of how many padding octets should be ignored. Padding may be needed by some encryption algorithms with fixed block sizes or for carrying several RTP packets in a lower-layer protocol data unit. Extension (X) is 1 bit wide. If the extension bit is set, the fixed header is followed by exactly one header extension. CSRC Count (CC) is 4 bits wide. The CSRC count contains the number of CSRC identifiers that follow the fixed header. Marker (M) is 1 bit wide. The interpretation of the marker is defined by a profile. It is intended to allow significant events such as frame boundaries to be marked in the packet stream. A profile may define additional marker bits or specify that there is no marker bit by changing the number of bits in the payload type field. Payload type (PT) is 7 bits wide. This field identifies the format of the RTP payload and determines its interpretation by the application. A profile specifies a default static mapping of payload type codes to payload formats. Additional payload type codes may be defined dynamically through non-RTP means. An initial set of default mappings for audio and video is specified in the companion profile Internet-Draft draft-ietf-avt-profile, and may be extended in future editions of the Assigned Numbers RFC [9]. An RTP sender emits a single RTP payload type at any given time; this field is not intended for multiplexing separate media streams. Sequence number is 16 bits wide. The sequence number increments by one for each RTP data packet sent, and may be used by the receiver to detect packet loss and to restore packet sequence. The initial value of the sequence number is random (unpredictable) to make known-plaintext attacks on encryption more difficult, even if the source itself does not encrypt, because the packets may flow through a translator that does. Time stamp is 32 bits wide. The timestamp reflects the sampling instant of the first octet in the RTP data packet. The sampling instant must be derived from a clock that increments monotonically and linearly in time to allow synchronization and jitter calculations. The resolution of the clock must be sufficient for the desired synchronization accuracy and for measuring packet arrival jitter (one tick per video frame is typically not sufficient). The clock frequency is dependent on the format of data carried as payload and is specified statically in the profile or payload format specification that defines the format, or may be specified dynamically for payload formats defined through non-RTP means. If RTP packets are generated periodically, the nominal sampling instant as determined from the sampling clock is to be used, not a reading of the system clock. As an example, for fixed-rate audio the timestamp clock would likely increment by one for each sampling period. If an audio application reads the blocks covering 160 sampling periods from the input device, the timestamp would be increased by 160 for each such block, regardless of whether the block is transmitted in a packet or dropped as silent. The initial value of the timestamp is random, as for the sequence number. Several consecutive RTP packets may have equal timestamps if they are (logically) generated at once, e.g., belong to the same video frame. Consecutive RTP packets may contain timestamps that are not monotonic if the data is not transmitted in the order it was sampled, as in the case of MPEG interpolated video frames. SSRC is 32 bits wide. The SSRC field identifies the synchronization source. This identifier is chosen randomly, with the intent that no two synchronization sources within the same RTP session will have the same SSRC identifier although the probability of multiple sources choosing the same identifier is low, all RTP implementations must be prepared to detect and resolve collisions. If a source changes its source transport address, it must also choose a new SSRC identifier to avoid being interpreted as a looped source. The CSRC list contains 0 to15 items, 32 bits each. The CSRC list identifies the contributing sources for the payload contained in this packet. The number of identifiers is given by the CC field. If there are more than 15 contributing sources, only 15 may be identified. CSRC identifiers are inserted by mixers, using the SSRC identifiers of contributing sources. For example, for audio packets the SSRC identifiers of all sources that were mixed together to create a packet is listed, allowing correct talker indication at the receiver.

5.2 Multiplexing RTP sessions:

For efficient protocol processing, the number of multiplexing points should be minimized. In RTP, multiplexing is provided by the destination transport address (network address and port number), which defines an RTP session. For example, in a teleconference composed of audio and video media encoded separately, each medium should be carried in a separate RTP session with its own destination transport address. It is not intended that the audio and video be carried in a single RTP session and demultiplexed based on the payload type or SSRC fields. Interleaving packets with different payload types but using the same SSRC would introduce several problems:

• If one payload type were switched during a session, there would be no general means to identify which of the old values the new one replaced.
• An SSRC is defined to identify a single timing and sequence number space. Interleaving multiple payload types would require different timing spaces if the media clock rates differ and would require different sequence number spaces to tell which payload type suffered packet loss.
• The RTCP sender and receiver reports can only describe one timing and sequence number space per SSRC and do not carry a payload type field.
• An RTP mixer would not be able to combine interleaved streams of compatible media into one stream.
• Carrying multiple media in one RTP session precludes: the use of different network paths or network resource allocations if appropriate; reception of a subset of the media if desired, for example just audio if video would exceed the available bandwidth; and receiver implementations that use separate processes for the different media, whereas using separate RTP sessions permits either single- or multiple-process implementations.

Using a different SSRC for each medium but sending them in the same RTP session would avoid the first three problems but not the last two.

5.3 Profile-Specific modifications to the RTP header:

The existing RTP data packet header is believed to be complete for the set of functions required in common across all the application classes that RTP might support. However, in keeping with the ALF design principle, the header may be tailored through modifications or additions defined in a profile specification while still allowing profile-independent monitoring and recording tools to function. The marker bit and payload type field carry profile-specific information, but they are allocated in the fixed header since many applications are expected to need them and might otherwise have to add another 32-bit word just to hold them. The octet containing these fields may be redefined by a profile to suit different requirements, for example with a more or fewer marker bits. If there are any marker bits, one should be located in the most significant bit of the octet since profile-independent monitors may be able to observe a correlation between packet loss patterns and the marker bit. Additional information that is required for a particular payload format, such as a video encoding, should be carried in the payload section of the packet. This might be in a header that is always present at the start of the payload section, or might be indicated by a reserved value in the data pattern. If a particular class of applications needs additional functionality independent of payload format, the profile under which those applications operate should define additional fixed fields to follow immediately after the SSRC field of the existing fixed header. Those applications will be able to quickly and directly access the additional fields while profile-independent monitors or recorders can still process the RTP packets by interpreting only the first twelve octets. If it turns out that additional functionality is needed in common across all profiles, then a new version of RTP should be defined to make a permanent change to the fixed header.

5.4 RTP header extension:

An extension mechanism is provided to allow individual implementation to experiment with new payload-format-independent functions that require additional information to be carried in the RTP data packet header. This mechanism is designed so that the header extension may be ignored by other interoperating implementations that have not been extended. Note that this header extension is intended only for limited use. Most potential uses of this mechanism would be done better another way, using the methods described in the previous section. For example, a profile-specific extension to the fixed header is less expensive to process because it is not conditional nor in a variable location. Additional information is required for a particular payload format should not use this header extension but should be carried in the payload section of the packet. If the X bit in the RTP header is one, a variable-length header extension is appended to the RTP header, following the CSRC list if present. The RTP header extension is shown in figure 5:

The header extension contains a 16-bit length field that counts the number of 32-bit words in the extension, excluding the four-octet extension header (therefore zero is a valid length). Only a single extension may be appended to the RTP data header. To allow multiple interoperating implementations to each experiment independently with different header extensions, or to allow a particular implementation to experiment with more than one type of header extension, the first 16 bits of the header extension are left open for distinguishing identifiers or parameters. The format of these 16 bits is to be defined by the profile specification under which the implementations are operating. This RTP specification does not define any header extensions itself.

5.5 Real-time Transport Control Protocol (RTCP):

RTCP is a coordination protocol of RTP. It provides some tasks to increase the performance of RTP. The RTP control protocol (RTCP) is based on the periodic transmission of control packets to all participants in the session, using the same distribution mechanism as the data packets. The underlying protocol must provide multiplexing of the data and control packets, for example using separate port numbers with UDP. RTCP performs four functions:

• The primary function is to provide feedback on the quality of the data distribution. This is an integral part of the RTP’s role as a transport protocol and is related to the flow and congestion control functions of other transport protocols. The feedback may be directly useful for control of adaptive encodings, but experiments with IP multicasting have shown that it is also critical to get feedback from the receivers to diagnose faults in the distribution. Sending reception feedback reports to all participants allows one who is observing problems to evaluate whether those problems are local or global. With a distribution mechanism like IP multicast, it is also possible for an entity such as a network service provider who is not otherwise involved in the session to receive the feedback information and act as a third-party monitor to diagnose network problems. This feedback function is performed by the RTCP sender and receiver reports.
• RTCP carries a persistent transport-level identifier for an RTP source called the canonical name or CNAME. Since the SSRC identifier may change if a conflict is discovered or a program is restarted, receivers require the CNAME to keep track of each participant. Receivers also require the CNAME to associate multiple data streams from a given participant in a set of related RTP sessions, for example to synchronize audio and video.
• The first two functions require that all participants send RTCP packets; therefore the rate must be controlled in order for RTP to scale up to a large number of participants. By having each participant send its control packets to all the others, each can independently observe the number of participants. This number is used to calculate the rate at which the packets are sent.
• A fourth, optional function is to convey minimal session control information, for example participant identification to be displayed in the user interface. This is most likely to be useful in “loosely controlled” sessions where participants enter and leave without membership control or parameter negotiation. RTCP serves as a convenient channel to reach all the participants, but it is not necessarily expected to support all the control communication requirements of an application. A higher-level session control protocol, which is beyond the scope of this document, may be needed.

Functions (i)-(iii) are mandatory when RTP is used in the IP multicast environment, and are recommended for all environments. RTP application designers are advised to avoid mechanisms that can only work in unicast mode and will not scale to larger numbers.

5.6 RTCP transmission interval:

RTP is designed to allow an application to scale automatically over session sizes ranging from a few participants to thousands. For example, in an audio conference the data traffic is inherently self-limiting because only one or two people will speak at a time, so with multicast distribution the data rate on any given link remains relatively constant independent of the number of participants. However, the control traffic is not self-limiting. If the reception reports from each participant were sent at a constant rate, the control traffic would grow linearly with the number of participants. Therefore, the rate must be scaled down. For each session, it is assumed that the data traffic is subject to an aggregate limit called the “session bandwidth” to be divided among the participants. This bandwidth might be reserved and the limit enforced by the network, or it might just be a reasonable share. The session bandwidth may be chosen based or some cost or a priori knowledge of the available network bandwidth for the session. It is somewhat independent of the media encoding, but the encoding choice may be limited by the session bandwidth. The session bandwidth parameter is expected to be supplied by a session management application when it invokes a media application, but media applications may also set a default based on the single-sender data bandwidth for the encoding selected for the session. The application may also enforce bandwidth limits based on multicast scope rules or other criteria. Bandwidth calculations for control and data traffic include lower- layer transport and network protocols (e.g., UDP and IP) since that are what the resource reservation system would need to know. The application can also be expected to know which of these protocols are in use. Link level headers a