2.1.1 Confidentiality

RTPME uses the default Data Encryption Standard (DES) algorithm in CBC mode as specified in [RFC3550] section 9.1. Other encryption algorithms specified in [RFC3550] are not supported by RTPME. Encryption MAY be negotiated for an RTP session through Session Description Protocol (SDP) Extensions [MS-SDP]. When encrypted, both header and payload MUST be encrypted with the same encryption key for all RTP and RTCP packets.

RTPME MUST pad RTP/RTCP header and payload to a multiple of 8 bytes for DES CBC mode input. Padding for DES CBC mode MUST NOT change the value of the P bit in RTP header.

RTPME MUST NOT support partial RTCP encryption which segregates compound RTCP packets.