Required/recommended ciphers in H.235?
Paul Long
plong at PACKETIZER.COM
Mon Sep 9 12:16:23 EDT 2002
Can anyone harmonize the various requirements/recommendations in H.235
regarding which ciphers and modes to support? I've tried to summarize
the various relevant passages from H.235, below. This text is from the
H.235v3 draft but v2 is similarly unclear. Regardless of what H.235
says, is there any concensus about which to actually support, e.g.,
DES/CBC as the base-level encryption scheme plus AES/EOFB on a forward-
looking basis?
The baseline security profile (D.6.1) says, "H.323 entities when
deploying the voice encryption security profile shall implement 56-bit
DES as the default encryption algorithm; they may implement 128-bit AES
or 168-bit Triple-DES while they may implement exportable encryption
using 56-bit RC2-compatible." This passage does not say whether to use
CBC or EOFB mode. It either means CBC because it is carried forward
from H.235v2 or it is not mode-specific.
Shall DES
May AES
May 3DES
May RC2
Text specific to Fast Connect (8.6.1) says, 'According to Annex D,
these capabilities should indicate support for 128-bit AES-CBC (OID
"Z3"), 56-bit RC2-compatible-CBC (OID "X"), should indicate support
for 56-bit DES-CBC (OID "Y") and may indicate support for 168-bit
Triple-DES-CBC (OID "Z"), 56-bit DES-EOFB (OID "Y1"), or 168-bit
Triple-DES-EOFB (OID "Z1"), RC2-compatible-EOFB (OID "X1"), DES-
EOFB (OID "Y1") or AES-EOFB (OID "Z2").'
Should AES CBC
Should RC2 CBC
Should DES CBC
May 3DES CBC
May DES EOFB
May 3DES EOFB
May RC2 EOFB
May DES EOFB (duplicate!?)
May AES EOFB
The voice encryption security profile (D.6.1.2) says, "In addition to
the CBC-encryption mode, H.323 entities may implement the EOFB
encryption mode." Does this mean that H.323 entities _should_ support
CBC but may support EOFB?
Should CBC
May EOFB
The voice encryption security profile (D.7) also says, "The audio
payload is encrypted using the negotiated encryption algorithm
("X", "Y", "Z3" or "Z") operating in CBC mode according to the
procedures described in section 11 and annex B of H.235 and the
ciphertext padding methods of Appendix I.1/H.235. The audio payload may
be encrypted using the negotiated encryption algorithm
("X1", "Y1", "Z1" or "Z2") operating in a stream cipher mode (EOFB)."
However, I dont know what "is" means, as in, "The audio payload is
encrypted using..." IOW, does it mean "shall," "should" or is it not
prescriptive at all?
Is RC2 CBC
Is DES CBC
Is AES CBC
Is 3DES CBC
May RC2 EOFB
May DES EOFB
May 3DES EOFB
May AES EOFB
Paul
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at lists.intel.com
More information about the sg16-avd
mailing list