[h323plus] 回复： H.235 AES problem continue

11 Dec 2007

      Simon,
The  diffie-hellman is used to exchange shared secret which is then used to encrypt sessionKey. The sessionKey is used to encrypt media then.
The secret shared (the key)  I have got from standard key exchange procedure is equal to "H.235 encryption check code" displayed by PVX UI.
It's difficult to think polycom using private mechanism. That means polycom cannot interoperate with other endpoints in standard way.
The sharedSecret field within the H235Key structure uses the following fields:
• algorithmOID: set to "X", "X1" for the 56-bit RC2-compatible, set to "Y", "Y1" for 56-bit
DES or set to "Z", "Z1" for 168-bit Triple-DES or set to "Z3" for 128-bit AES.
NOTE 1 – The session key encryption algorithm is the same as the negotiated media encryption
algorithm.  (  here is the answer? )
Each entity shall take appropriate least significant bits from the common shared Diffie-Hellman
secret for the key encryption key (master key); i.e., the 56 least significant bits of the
Diffie-Hellman secret for OID "X", OID "X1", OID "Y1" or OID "Y" and the 168 least significant
bits of the Diffie-Hellman secret for OID "Z", OID "Z1" or OID "Z2" and the 128 least significant
bits of the Diffie-Hellman secret for OID "Z3" or OID "Z2", see also Table 6.   (  here is the answer? )
bian
----- 原始邮件 ----
发件人： Simon Horne s.horne@packetizer.com
收件人： Bian bianxg@yahoo.cn; H323plus h323plus@lists.packetizer.com
已发送： 2007/12/11(周二), 下午8:58:15
主题： RE: [h323plus] H.235 AES problem continue
Bian
Polycom is not using H.235.6 key exchange and most certainly not using diffie-hellman. It is using symmetric key AES encryption which is AFAIK is NOT standard. The key material is encrypted using a  private mechanism.
Let me explain what this is
...
   algorithmOID = 2.16.840.1.101.3.4.1.2                    
 // <"OID_Z3" which means using AES 128 CBC mode
   paramS = {                                                
             // means IV is 0
   }
   encryptedSessionKey =  16 octets {
     c7 36 02 5c b7 ae b0 cc  97 c8 af bb d5 72 0f 19  

AlgorithmOID has nothing to do with the encryptedSessionKey. The AlgorithmOID notifies the remote what cipher to use DES 3DES or AES. This is standard identifier. Basically this tells the remote to use AES.
encryptionSessionKey is encrypted using an non-public known secret method. The only way you are going to decrypt this is if you know how the key is encrypted. AFAIK only polycom can provide you that information. It is not public knowledge.
Simon
___________________________________________________________ 
天生购物狂，狂抢购物券，你还等什么！ 
http://cn.mail.yahoo.com/promo/taobao20/index.php