See 8.6/H.235.6
The sharedSecret field within the H235Key structure uses the following fields: • algorithmOID: set to "X", "X1" for the 56-bit RC2-compatible, set to "Y", "Y1" for 56-bit DES or set to "Z", "Z1" for 168-bit Triple-DES or set to "Z3" for 128-bit AES. NOTE 1 – The session key encryption algorithm is the same as the negotiated media encryption algorithm.
The shared secret is not used directly to encrypt the key exchange material to generate the cipher for media encryption, but used to enctypt the session key. Session key is then used to encrypt media.
So, I think we can connect PVX or codian using AES through a standard way. However, Need some work to test this thought.
Bian
----- 原始邮件 ---- 发件人: Simon Horne s.horne@packetizer.com 收件人: Bian bianxg@yahoo.cn; H323plus h323plus@lists.packetizer.com 已发送: 2007/12/1(周六), 下午8:16:20 主题: RE: [h323plus] 回复: 回复: Does H323plus support H.235
The shared secret is used to encrypt the key exchange material to generate the cipher for media encryption.
If the shared secret was public knowledge then anyone can intercept the key exchange and generate a key to decrypt the media. So unless Polycom or Codian wish to share that proprietry secret there is no way to connect via AES.
Simon
-----Original Message----- From: h323plus-bounces@lists.packetizer.com [mailto:h323plus-bounces@lists.packetizer.com]On Behalf Of Bian Sent: Saturday, December 01, 2007 11:19 AM To: H323plus Subject: [h323plus] 回复: 回复: Does H323plus support H.235
Simon
I think PVX's key exchange mechanism is in a standard way. PVX and Codian MCU can connect using AES.
But I don't know how the shared secret is used to produce the session key.
Bian
-----Original Message----- Bian
No PacPhone AES uses a different key exchange mechanism to PVX.
Polycom uses
a proprietry method. They should still connect unencrypted.
Simon
-----Original Message----- From: Bian [mailto:bianxg@yahoo.cn] Sent: Wednesday, November 28, 2007 12:35 PM To: Simon Horne Subject: 回复: [h323plus] Does H323plus support H.235
Simon
I test PccPhone with PVX, but the AES is not opened. Does PacPhone can interoperate with PVX using AES?
Bian
___________________________________________________________
进入雅虎游戏嘉年华,赢取液晶显示器! http://cn.mail.yahoo.com/promo/carnival07/
___________________________________________________________ 进入雅虎游戏嘉年华,赢取液晶显示器! http://cn.mail.yahoo.com/promo/carnival07/