The IP phones and Cisco Call Manager exchange certificates.

The IP phones and Cisco CallManager authenticate each other by requesting some random data to be signed. When this process is finished, Cisco CallManager and the IP phones know that the other devices are authentic.

Each IP phone creates TLS session keys. One key will be used for TLS SHA-1 authentication; the other key will be used for TLS AES encryption.

Each IP phone encrypts the generated keys with the public key of the Cisco CallManager and sends the encrypted keys to Cisco CallManager

Now each IP phone shares its session keys with Cisco CallManager. At this stage, each phone can exchange signaling messages with CIsco CallManager over an authenticated and encrypted TLS session.

When the call is established between the two IP phones, CIsco CallManager creates SRTP session keys. One key is used for SRTP SHA-1 authentication; the other key is used for SRTP AES encryption.

Cisco CallManager sends the generated SRTP session keys to both IP phones over the secured TLS session.

The IP phones now share the session keys for authenticating and encrypting their RTP packets. At this stage, the two IP phones cna start secure media exchange.