[VOIPSEC] H.235, substandard of H.323

Robert R. Gilman rrg at avaya.com
Mon Dec 18 21:46:06 GMT 2006

Briefly, Communications Manager (CM) gatekeeper supports two types of
"security profiles":
1. From the time of our intial release, we've supported a variation of
    H.235 Annex D in which the endpoint answers a challenge presented by
    the gatekeeper in the GCF.  We don't have the endpoint validate the
    gatekeeper.  The encryption algorithm is DES56-ECB and the key is
    constructed from the user's PIN.  In this profile, media encryption
    keys are distributed under the same key and algorithm in the H.235.0
    H235Key element with the sharedSecret CHOICE.
2. We've added support for an H.235.5 profile which uses an encrypted
    Diffie-Hellman key exchange to derive a shared secret that's much
    stronger than the user PIN.  When this profile is in use, media
    encryption keys are distributed under AES-128-CM encryption, and all
    signalling is authenticated via HMAC-SHA1-96.  H235Key is used with
    the secureSharedSecret choice.  The profile is nominally the same as
    SP1 (and we will support SP1), but we identify it with an Avaya OID
    to indicate that our proprietary signalling is also encrypted under
    the profile.
SRTP requires support of H235Key.secureSharedSecret and SRTPKeys from
H.235.8, and it fits right in with the above schemes with the following
change: in SRTP, each transmitter supplies its transmit key; in the other
schemes, the H.245 master supplies all the keys.  Also, since we don't
bulk-encrypt our signalling channels, we encrypt the ASN.1-encoded SRTPKeys
before putting it in the genericKeyMaterial of V3KeySyncMaterial; the
algorithmOID and paramS carry the requisite encryption info.
Does this answer your question?
Bob Gilman       rrg at avaya.com      +1 303 538 3868

ZhaoL wrote:
> Bob,
> Would you please give a brief introduction on the H235 support by 
> Avaya's VoIP products?
> e.g. in their 87xx/85xx/83xx and G series.
> - Richard
> - Lenovo GIS
> On 12/12/06, Robert R. Gilman <rrg at avaya.com <mailto:rrg at avaya.com>> wrote:
>     Michael-
>     As I recall, the change was made in H.235 version 4 which was the first
>     version called H.235.0.  It contains Appendices (non-normative) which
>     detail which Annexes (normative) were mapped to which H.235.x documents.
>     Grab a copy from www.packetizer.com <http://www.packetizer.com>.
>     -Bob
>     ----------------------------------------------------
>     Bob Gilman       rrg at avaya.com <mailto:rrg at avaya.com>       +1 303
>     538 3868
>     Michael Billerbeck wrote:
>      > Hello all members of list,
>      >
>      > version 6 of H.323 was officially approved in June 2006.
>      > H.235 is the substandard for security in H.323 and there are
>     several documents/parts:
>      >
>      > H.235.0 Security framework for H-series
>      > H.235.1-5 cover signaling security
>      > H.235.6-8 cover media stream security
>      > H.235.9 Security Gateway Support for H.323
>      >
>      > There have been annexes D-I for security before.
>      > But when exactly was the change from these annexes D-I to these
>     "parts" H.235.0-9? Was it from H.323 Version 5 to Version 6 or was
>     it already before?
>      >
>      > It's also said that "security-related documents have also been
>     significantly enhanced and the H.235 document was entirely
>     restructured."
>      > Are there more details? I only know that "support has been added
>     for SRTP".
>      >
>      > Thanks in advance,
>      > Michael
>     _______________________________________________
>     Voipsec mailing list
>     Voipsec at voipsa.org <mailto:Voipsec at voipsa.org>
>     http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list