1、 International Telecommunication Union ITU-T H.235.6TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2014) SERIES H: AUDIOVISUAL AND MULTIMEDIA SYSTEMSInfrastructure of audiovisual services Systems aspects H.323 security: Encryption profile with native ITU-T H.235/H.245 key management Recommendat
2、ion ITU-T H.235.6 ITU-T H-SERIES RECOMMENDATIONS AUDIOVISUAL AND MULTIMEDIA SYSTEMS CHARACTERISTICS OF VISUAL TELEPHONE SYSTEMS H.100H.199 INFRASTRUCTURE OF AUDIOVISUAL SERVICES General H.200H.219 Transmission multiplexing and synchronization H.220H.229 Systems aspects H.230H.239Communication proced
3、ures H.240H.259 Coding of moving video H.260H.279 Related systems aspects H.280H.299 Systems and terminal equipment for audiovisual services H.300H.349 Directory services architecture for audiovisual and multimedia services H.350H.359 Quality of service architecture for audiovisual and multimedia se
4、rvices H.360H.369 Supplementary services for multimedia H.450H.499 MOBILITY AND COLLABORATION PROCEDURES Overview of Mobility and Collaboration, definitions, protocols and procedures H.500H.509 Mobility for H-Series multimedia systems and services H.510H.519 Mobile multimedia collaboration applicati
5、ons and services H.520H.529 Security for mobile multimedia systems and services H.530H.539 Security for mobile multimedia collaboration applications and services H.540H.549 Mobility interworking procedures H.550H.559 Mobile multimedia collaboration inter-working procedures H.560H.569 BROADBAND, TRIP
6、LE-PLAY AND ADVANCED MULTIMEDIA SERVICES Broadband multimedia services over VDSL H.610H.619 Advanced multimedia services and applications H.620H.629 Ubiquitous sensor network applications and Internet of Things H.640H.649 IPTV MULTIMEDIA SERVICES AND APPLICATIONS FOR IPTV General aspects H.700H.719
7、IPTV terminal devices H.720H.729 IPTV middleware H.730H.739 IPTV application event handling H.740H.749 IPTV metadata H.750H.759 IPTV multimedia application frameworks H.760H.769 IPTV service discovery up to consumption H.770H.779 Digital Signage H.780H.789 E-HEALTH MULTIMEDIA SERVICES AND APPLICATIO
8、NS Interoperability compliance testing of personal health systems (HRN, PAN, LAN and WAN) H.820H.849 Multimedia e-health data exchange services H.860H.869 For further details, please refer to the list of ITU-T Recommendations. Rec. ITU-T H.235.6 (01/2014) i Recommendation ITU-T H.235.6 H.323 securit
9、y: Encryption profile with native ITU-T H.235/H.245 key management Summary Recommendation ITU-T H.235.6 holds the security procedures for the encryption profile (formerly in Annex D of Recommendation ITU-T H.235 version 1) including the accompanying native ITU-T H.235/H.245 key management. This revi
10、sion introduces support for key lengths larger than 2048 bits. In previous versions, bit sizes of 3072 and 4096 were defined. However, the field size defined in Recommendation ITU-T H.235.0 was limited to 2048 bits. Version 4 of Recommendation ITU-T H.235 broke up Recommendation ITU-T H.235 version
11、3 into a suite of ITU-T H.235.x sub-series Recommendations, and it restructured the sub-series. In earlier versions, prior to version 4 of the ITU-T H.235 sub-series, this profile was contained in the main body and Annex D of Recommendation ITU-T H.235 version 1. Appendices IV, V and VI to Recommend
12、ation ITU-T H.235.0 show the complete clause, figure and table mapping between Recommendation ITU-T H.235 versions 3 and 4. History Edition Recommendation Approval Study Group Unique ID*1.0 ITU-T H.235.6 2005-09-13 16 11.1002/1000/8598-en 1.1 ITU-T H.235.6 (2005) Amd. 1 2008-06-13 16 11.1002/1000/94
13、72-en 2.0 ITU-T H.235.6 2009-03-16 16 11.1002/1000/9694-en 3.0 ITU-T H.235.6 2014-01-13 16 11.1002/1000/12059-en_ *To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/1
14、1.1002/1000/11830-en. ii Rec. ITU-T H.235.6 (01/2014) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a
15、 permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, es
16、tablishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary
17、standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the
18、 Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equival
19、ents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a clai
20、med Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had n
21、ot received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/I
22、TU-T/ipr/. ITU 2014 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T H.235.6 (01/2014) iii Table of Contents Page 1 Scope 1 2 References. 1 3 Terms and definitions . 2 4 Abbreviations and acronyms 3 5
23、 Conventions 4 6 System overview . 4 6.1 Encryption security profile . 4 7 ITU-T H.245 signalling and procedures . 6 7.1 Secure ITU-T H.245 channel operation . 6 7.2 Unsecured ITU-T H.245 channel operation . 6 7.3 Capability exchange . 6 7.4 Master role 7 7.5 Logical channel signalling 7 7.6 Fast co
24、nnect security 7 7.7 Encrypted ITU-T H.245 DTMF . 10 7.8 Diffie-Hellman operation . 11 8 Signalling and procedures 15 8.1 Revision 1 compatibility . 16 8.2 Version 3 feature indication . 16 8.3 Key transport 17 8.4 Enhanced OFB mode 18 8.5 Key management 19 8.6 Key update and synchronization 24 8.7
25、Non-terminal interactions . 28 8.8 Multipoint procedures 29 9 Media stream encryption procedures 29 9.1 Media session keys . 30 9.2 Media anti-spamming . 31 9.3 RTP/RTCP issues . 33 9.4 Triple-DES in outer CBC mode . 35 9.5 DES algorithm operating in EOFB mode . 36 9.6 Triple-DES in outer EOFB mode
26、. 36 10 Lawful interception . 36 11 List of object identifiers 36 iv Rec. ITU-T H.235.6 (01/2014) Page Appendix I ITU-T H.323 implementation details . 38 I.1 Ciphertext padding methods . 38 I.2 New keys 40 Bibliography. 41 Rec. ITU-T H.235.6 (01/2014) 1 Recommendation ITU-T H.235.6 H.323 security: E
27、ncryption profile with native ITU-T H.235/H.245 key management 1 Scope This Recommendation specifies a security profile for encryption that uses the native ITU-T H.235/H.245 key management. Procedures for both encryption and for the related native ITU-T H.245 key management are specified within this
28、 Recommendation. 2 References The following ITU-T Recommendations and other references contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are s
29、ubject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a docume
30、nt within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T H.225.0 Recommendation ITU-T H.225.0 v7 (2009), Call signalling protocols and media stream packetization for packet-based multimedia communication systems. ITU-T H.235v1 Recommendation IT
31、U-T H.235 v1 (1998), Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals. ITU-T H.235v2 Recommendation ITU-T H.235 v2 (2000), Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals. ITU-T H.235v3 Recommendation ITU-T H.235 v3 (2003
32、), Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals plus Corrigendum 1 (2005). ITU-T H.235.0 Recommendation ITU-T H.235.0 (2014), H.323 security: Framework for security in ITU-T H-series (ITU-T H.323 and other ITU-T H.245-based) multimedia systems. ITU-T H.235.
33、1 Recommendation ITU-T H.235.1 (2005), H.323 security: Baseline security profile. ITU-T H.235.2 Recommendation ITU-T H.235.2 (2005), H.323 security: Signature security profile. ITU-T H.235.3 Recommendation ITU-T H.235.3 (2005), H.323 security: Hybrid security profile. ITU-T H.245 Recommendation ITU-
34、T H.245 (2005), Control protocol for multimedia communication. ITU-T H.323 Recommendation ITU-T H.323 (2009), Packet-based multimedia communications systems. ITU-T H.530 Recommendation ITU-T H.530 (2002), Symmetric security procedures for H.323 mobility in H.510. 2 Rec. ITU-T H.235.6 (01/2014) ITU-T
35、 X.800 Recommendation ITU-T X.800 (1991) | ISO/IEC 7498-2:1989, Security architecture for Open Systems Interconnection for CCITT applications. ITU-T X.803 Recommendation ITU-T X.803 (1994) | ISO/IEC 10745:1995, Information technology Open Systems Interconnection Upper layers security model. ITU-T X.
36、810 Recommendation ITU-T X.810 (1995) | ISO/IEC 10181-1:1996, Information technology Open Systems Interconnection Security frameworks for open systems: Overview. ITU-T X.811 Recommendation ITU-T X.811 (1995) | ISO/IEC 10181-2:1996, Information technology Open Systems Interconnection Security framewo
37、rks for open systems: Authentication framework. IETF RFC 2198 IETF RFC 2198 (1997), RTP Payload for Redundant Audio Data. IETF RFC 2246 IETF RFC 2246 (1999), The TLS Protocol Version 1.0. IETF RFC 2401 IETF RFC 2401 (1998), Security Architecture for the Internet Protocol. IETF RFC 2833 IETF RFC 2833
38、 (2000), RTP Payload for DTMF Digits, Telephony Tones and Telephony Signals. IETF RFC 3546 IETF RFC 3546 (2003), Transport Layer Security (TLS) Extensions. ISO/IEC 9797-1 ISO/IEC 9797-1:2011, Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a bl
39、ock cipher. ISO/IEC 9797-2 ISO/IEC 9797-2:2011, Information technology Security techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function. ISO/IEC 10116 ISO/IEC 10116:2006, Information technology Security techniques Modes of operation for an n-bit block cipher
40、. ISO/IEC 10118-3 ISO/IEC 10118-3:2004, Information Technology Security techniques Hash-functions Part 3: Dedicated hash-functions. NIST FIPS 197 NIST FIPS 197 (2001), Advanced Encryption Algorithm (AES). 3 Terms and definitions For the purposes of this Recommendation, the definitions given in claus
41、e 3 of ITU-T H.323, ITU-T H.225.0 and ITU-T H.245 apply. Some of the terms used in this Recommendation are also defined in ITU T X.800, ITU-T X.803, ITU-T X.810 and ITU-T X.811. The session key for encrypting media streams is generated by the master for each RTP session of a call and exchanged via a
42、n OLC. The generated session key is encrypted with a key that is derived from the agreed Diffie-Hellman shared secret that both end points have computed. In this case, the DH-shared secret acts as Master Key for protection of the session key(s). Rec. ITU-T H.235.6 (01/2014) 3 4 Abbreviations and acr
43、onyms This Recommendation uses the following abbreviations and acronyms: 3DES Triple Data Encryption Standard algorithm AES Advanced Encryption Standard algorithm ASN.1 Abstract Syntax Notation One CBC Cipher Block Chaining CFB Cipher Feedback DES Data Encryption Standard DH Diffie-Hellman DTMF Dual
44、 Tone Multi-Frequency ECB Electronic Code Book EOFB Enhanced Output Feedback mode EP End Point FEC Forward Error Correction GK Gatekeeper HMAC Hashed Message Authentication Code IPsec Internet Protocol Security IV Initialization Vector KS Salting Key in EOFB mode MAC Message Authentication Code MC M
45、ultipoint Controller MCU Multipoint Control Unit MPS Multiple Payload Stream OFB Output Feedback Mode OID Object Identifier OLC Open Logical Channel RAS Registration, Admission and Status RC Rivest Cipher ROC Rollover Counter RSA Rivest, Shamir and Adleman RTCP Real-time Transport Control Protocol R
46、TP Real-time Transport Protocol SDU Service Data Unit SEQ Sequence number SHA Secure Hash Algorithm TCP Transmission Control Protocol TLS Transport Layer Security 4 Rec. ITU-T H.235.6 (01/2014) TSAP Transport Service Access Point UDP User Datagram Protocol XOR Exclusive OR 5 Conventions In this Reco
47、mmendation the following conventions are used: “shall“ indicates a mandatory requirement. “should“ indicates a suggested but optional course of action. “may“ indicates an optional course of action rather than a recommendation that something take place. When deploying media encryption in conjunction
48、with payload padding, the text sometimes says “the value of the pad should be determined by the normal convention of the cipher algorithm“, for examples refer to clauses 7.6.1, 8.3 and Figure I.7. This means that some cipher algorithms (e.g., DES) provide further implementation advice as to how the
49、sender may choose the value of the padding byte(s). Examples could be random fill-in values, static values or other generated patterns. Whatever method is deployed does not impact interoperability, though the security quality may well be different. This is considered as an implementation matter and is not specified any further in this Recommendation. 6 System overview 6.1 Encryption security profile The encrypt
