SRTP, or Secure Real-Time Transport Protocol, is an extension of RTP that adds security features like encryption, message authentication, and replay protection, primarily for VoIP communications.  It adds further security features, such as message authentication, confidentiality and replay protection mostly intended for VoIP communications.

SRTP uses authentication and encryption in order to minimize the risks of attacks such as denial of service. It was published in 2004 by IETF (Internet Engineering Task Force) as RFC 3711. SRTP, just like DTLS is one of the security protocols used for the WebRTC technology. Because of its efficiency and security, SRTP is widely adopted in VoIP and WebRTC implementations.

If you opt to use Secure RTP, all its features, such as encryption and authentication, are optional and they can be individually enabled or disabled. An exception to this, is the message authentication feature that is mandatory for Secure RTCP (RTP Control Protocol). Secure RTP uses Advanced Encryption Standard (AES) as its default encryption cipher. One of the defined Segmented Integer Counter Mode and f8-mode cipher modes can be further selected to allow the AES block cipher to be used as a stream cipher for the RTP datastream. The NULL Cipher can be used alternatively when no confidentiality for RTP/RTCP data is required.

Secure RTP is flexible by design, as it can easily accommodate new encryption algorithms. Keep in mind though that the official RFC standard requires that new encryption algorithms can only be introduced through the publication of a new companion standard track RFC to clearly define the new algorithm.