Required/recommended ciphers in H.235?

Paul Long plong at PACKETIZER.COM
Mon Sep 9 12:16:23 EDT 2002

Can anyone harmonize the various requirements/recommendations in H.235
regarding which ciphers and modes to support? I've tried to summarize
the various relevant passages from H.235, below. This text is from the
H.235v3 draft but v2 is similarly unclear. Regardless of what H.235
says, is there any concensus about which to actually support, e.g.,
DES/CBC as the base-level encryption scheme plus AES/EOFB on a forward-
looking basis?

The baseline security profile (D.6.1) says, "H.323 entities when
deploying the voice encryption security profile shall implement 56-bit
DES as the default encryption algorithm; they may implement 128-bit AES
or 168-bit Triple-DES while they may implement exportable encryption
using 56-bit RC2-compatible." This passage does not say whether to use
CBC or EOFB mode. It either means CBC because it is carried forward
from H.235v2 or it is not mode-specific.
        Shall DES
        May AES
        May 3DES
        May RC2

Text specific to Fast Connect (8.6.1) says, 'According to Annex D,
these capabilities should indicate support for 128-bit AES-CBC (OID –
 "Z3"), 56-bit RC2-compatible-CBC (OID – "X"), should indicate support
for 56-bit DES-CBC (OID – "Y") and may indicate support for 168-bit
Triple-DES-CBC (OID – "Z"), 56-bit DES-EOFB (OID – "Y1"), or 168-bit
Triple-DES-EOFB (OID – "Z1"), RC2-compatible-EOFB (OID – "X1"), DES-
EOFB (OID – "Y1") or AES-EOFB (OID – "Z2").'
        Should AES CBC
        Should RC2 CBC
        Should DES CBC
        May 3DES CBC
        May DES EOFB
        May 3DES EOFB
        May RC2 EOFB
        May DES EOFB (duplicate!?)
        May AES EOFB

The voice encryption security profile (D.6.1.2) says, "In addition to
the CBC-encryption mode, H.323 entities may implement the EOFB
encryption mode." Does this mean that H.323 entities _should_ support
CBC but may support EOFB?
        Should CBC
        May EOFB

The voice encryption security profile (D.7) also says, "The audio
payload is encrypted using the negotiated encryption algorithm
("X", "Y", "Z3" or "Z") operating in CBC mode according to the
procedures described in section 11 and annex B of H.235 and the
ciphertext padding methods of Appendix I.1/H.235. The audio payload may
be encrypted using the negotiated encryption algorithm
("X1", "Y1", "Z1" or "Z2") operating in a stream cipher mode (EOFB)."
However, I don’t know what "is" means, as in, "The audio payload is
encrypted using..." IOW, does it mean "shall," "should" or is it not
prescriptive at all?
        Is RC2 CBC
        Is DES CBC
        Is AES CBC
        Is 3DES CBC
        May RC2 EOFB
        May DES EOFB
        May 3DES EOFB
        May AES EOFB


For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at

More information about the sg16-avd mailing list