This Recommendation describes enhancements within the framework of the H.3xx-series Recommendations to incorporate security services such as Authentication and Privacy (data encryption). The proposed scheme is applicable to both simple point-to-point and multipoint conferences for any terminals which utilize ITU-T Rec. H.245 as a control protocol.
For example, H.323 systems operate over packet-based networks which do not provide a guaranteed quality of service. For the same technical reasons that the base network does not provide QOS, the network does not provide a secure service. Secure real-time communication over insecure networks generally involves two major areas of concern – authentication and privacy.
This Recommendation describes the security infrastructure and specific privacy techniques to be employed by the H.3xx-series of multimedia terminals. This Recommendation will cover areas of concern for interactive conferencing. These areas include, but are not strictly limited to, authentication and privacy of all real-time media streams that are exchanged in the conference. This Recommendation provides the protocol and algorithms needed between the H.323 entities.
This Recommendation utilizes the general facilities supported in ITU-T Rec. H.245 and as such, any standard which operates in conjunction with this control protocol may use this security framework. It is expected that, wherever possible, other H-series terminals may interoperate and directly utilize the methods described in this Recommendation. This Recommendation will not initially provide for complete implementation in all areas, and will specifically highlight endpoint authentication and media privacy.
This Recommendation includes the ability to negotiate services and functionality in a generic manner, and to be selective concerning cryptographic techniques and capabilities utilized. The specific manner in which they are used relates to systems capabilities, application requirements and specific security policy constraints. This Recommendation supports varied cryptographic algorithms, with varied options appropriate for different purposes; e.g., key lengths. Certain cryptographic algorithms may be allocated to specific security services (e.g., one for fast media stream encryption and another for signalling encryption).
It should also be noted that some of the available cryptographic algorithms or mechanisms may be reserved for export or other national issues (e.g., with restricted key lengths). This Recommendation supports signalling of well-known algorithms in addition to signalling non standardized or proprietary cryptographic algorithms. There are no specifically mandated algorithms; however, it is strongly suggested that endpoints support as many of the applicable algorithms as possible in order to achieve interoperability. This parallels the concept that the support of ITU-T Rec. H.245 does not guarantee the interoperability between two entities' codecs.
Version 2 of ITU-T Rec. H.235 supersedes ITU-T Rec. H.235 version 1 featuring several improvements such as elliptic curve cryptography, security profiles (simple password-based and sophisticated digital signature), new security countermeasures (media anti-spamming), support for the Advanced Encryption Algorithm (AES), support for backend service, object identifiers defined and changes incorporated from the H.323 implementors guide.
Version 3 of ITU-T Rec. H.235 supersedes ITU-T Rec. H.235 version 2 featuring a procedure for encrypted DTMF signals, object identifiers for the AES encryption algorithm for media payload encryption, the enhanced OFB (EOFB) stream-cipher encryption mode for encryption of media streams, an authentication-only option in Annex D for smooth NAT/firewall traversal, a key distribution procedure on the RAS channel, procedures for more secure session key transport and more robust session key distribution and updating, procedures for securing multiple payload streams, better security support for direct routed calls in a new Annex I, signalling means for more flexible error reporting, clarifications and efficiency improvements for fast start security and for Diffie Hellman signalling along with longer Diffie-Hellman parameters and changes incorporated from the H.323 implementors guide.