Flaws in H.235 media encryption

[OKUBO Sakae]

Dear Mr. Euchner,

This is for your information.

At 17:16 +0200 02/08/23, Euchner Martin ICN M SR 3 wrote:
>[...]
>PL:> You are correct--H.233 does not re-key, but it does have an
>analogous mechanism to update the initialization vector. H.324 added
>the codepoint, h233IVResponseTime, to H.245 to express how long the
>transmitter should wait between transmitting a new IV and transmitting
>frames based on that IV. This is what I was referring to.
>
>MEU: correct. That's what I found as well. Still, I believe that the time
>to wait has to be guessed due to some criteria (e.g. network delay etc). So
>that solution appears to have similar problems as H.235.
>[...]

In the H.320 system, the encryption control signal and the media to be
encrypted are transmitted in the same H.221 framed channel, while in the
H.323 system they are transmitted in separate channels (H.245 and RTP).
H.233 Initialization Vector is transmitted in one or more blocks of H.221
ECS (Encryption Control Signal) having a 160 msperiod (H.221 multiframe =
10 ms x 16 frames), and takes effect from the start of the next multiframe
as described in Section 5.1.3/H.233. The operation is synchronous, thus we
need no guess for the time to wait.

Best regards,

OKUBO Sakae
e-mail: okubo at giti.waseda.ac.jp
*******************************************************************
YRP Office
Global Information and Telecommunication Institute (GITI)
Waseda University
   YRP Ichibankan 312                           Tel: +81 468 47 5406
   3-4 Hikarinooka, Yokosuka-shi, Kanagawa-ken  Fax: +81 468 47 5413
   239-0847 Japan

GITI Headquarter
   29-7 Waseda University Bldg.                 Tel: +81 3 5286 3831
   1-3-10 Nishi-Waseda, Shinjuku-ku, Tokyo     Fax: +81 3 5286 3832
   169-0051 Japan
*******************************************************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at lists.intel.com