[h323plus] 回复: 回复: 回复: Does H323plus support H.235

Bian bianxg at yahoo.cn
Sun Dec 2 20:05:04 EST 2007


See 8.6/H.235.6  

The sharedSecret field within the H235Key structure uses the following fields:
• algorithmOID: set to "X", "X1" for the 56-bit RC2-compatible, set to "Y", "Y1" for 56-bit
DES or set to "Z", "Z1" for 168-bit Triple-DES or set to "Z3" for 128-bit AES.
NOTE 1 – The session key encryption algorithm is the same as the negotiated media encryption
algorithm.

The shared secret is not used directly to encrypt the key exchange material to generate
the cipher for media encryption, but used to enctypt the session key. Session key is then used to encrypt media.

So, I think we can connect PVX or codian using AES through a standard way. However, Need some work to test this thought.


Bian 



----- 原始邮件 ----
发件人: Simon Horne <s.horne at packetizer.com>
收件人: Bian <bianxg at yahoo.cn>; H323plus <h323plus at lists.packetizer.com>
已发送: 2007/12/1(周六), 下午8:16:20
主题: RE: [h323plus] 回复: 回复: Does H323plus support H.235



The shared secret is used to encrypt the key exchange material to generate
the cipher for media encryption.

If the shared secret was public knowledge then anyone can intercept the key
exchange and generate a key to decrypt the media. So unless Polycom or
Codian wish to share that proprietry secret there is no way to connect via
AES.

Simon

> -----Original Message-----
> From: h323plus-bounces at lists.packetizer.com
> [mailto:h323plus-bounces at lists.packetizer.com]On Behalf Of Bian
> Sent: Saturday, December 01, 2007 11:19 AM
> To: H323plus
> Subject: [h323plus] 回复: 回复: Does H323plus support H.235
>
>
> Simon
>
> I think PVX's key exchange mechanism is in a standard way. PVX
> and Codian MCU can connect using AES.
>
> But I don't know how the shared secret is used to produce the session key.
>
>
> Bian
>
> > -----Original Message-----
> >Bian
>
> >No PacPhone AES uses a different key exchange mechanism to PVX.
> Polycom uses
> >a proprietry method. They should still connect unencrypted.
>
> >Simon
>
> > -----Original Message-----
> > From: Bian [mailto:bianxg at yahoo.cn]
> > Sent: Wednesday, November 28, 2007 12:35 PM
> > To: Simon Horne
> > Subject: 回复: [h323plus] Does H323plus support H.235
> >
> >
> > Simon
> >
> > I test PccPhone with PVX, but the AES is not opened. Does
> > PacPhone can interoperate with PVX using AES?
> >
> >
> > Bian
> >
>
>
>      ___________________________________________________________
> 进入雅虎游戏嘉年华,赢取液晶显示器!
> http://cn.mail.yahoo.com/promo/carnival07/


      ___________________________________________________________ 
进入雅虎游戏嘉年华,赢取液晶显示器! 
http://cn.mail.yahoo.com/promo/carnival07/




More information about the h323plus mailing list