1
Scope
2 References
3 Terms and definitions
4 Symbols and abbreviations
5 Conventions
6 System introduction
6.1 Summary
6.2 Authentication
6.3 Call establishment security
6.4 Call control (H.245) security
6.5 Media stream privacy
6.6 Trusted elements
6.7 Non-repudiation
6.8 Mobility security
6.9 Security profiles
7 Connection establishment procedures
7.1 Introduction
8 H.245 signalling and procedures
8.1 Secure H.245 channel operation
8.2 Unsecured H.245 channel operation
8.3 Capability exchange
8.4 Master role
8.5 Logical channel signalling
8.6 Fast connect security
8.7 Encrypted H.245 DTMF
8.8 Diffie-Hellman operation
9 Multipoint procedures
9.1 Authentication
9.2 Privacy
10 Authentication signalling and procedures
10.1 Introduction
10.2 Diffie-Hellman with optional
authentication
10.3 Subscription-based authentication
11 Media stream encryption procedures
11.1 Media session keys
11.2 Media anti-spamming
12 Security error recovery
13 Asymmetric authentication and key exchange using elliptic curve crypto
systems
13.1 Key management
13.2 Digital signature
Annex A – H.235
ASN.1
Annex B – H.323
specific topics
B.1 Background
B.2 Signalling and procedures
B.3 RTP/RTCP issues
B.4 RAS signalling/procedures for
authentication
B.5 Non-terminal interactions
B.6 Key management on the RAS channel
B.7 Pseudo-Random Function (PRF)
Annex C – H.324
specific topics
Annex D – Baseline
security profile
D.1 Introduction
D.2 Specification conventions
D.3 Scope
D.4 Abbreviations
D.5 Normative references
D.6 Baseline security profile
D.7 Voice encryption security profile
D.8 Lawful interception
D.9 List of secured signalling
messages
D.10 Usage of
sendersID and generalID
D.11 List of object identifiers
D.12 Bibliography
Annex E – Signature
security profile
E.1 Overview
E.2 Specification conventions
E.3 H.323 requirements
E.4 Security services
E.5 Digital signatures with
public/private key pairs details (Procedure II)
E.6 Multipoint conferencing procedures
E.7 End-to-end authentication
(Procedure III)
E.8 Authentication-only
E.9 Authentication and integrity
E.10 Computation of the digital
signature
E.11 Verification of the digital
signature
E.12 Handling of certificates
E.13 Usage illustration for Procedure
II
E.14 H.235 version 1 compatibility
E.15 Multicast behaviour
E.16 List of secure signalling messages
E.17 Usage of sendersID and generalID
E.18 List of object identifiers
Annex F – Hybrid security
profile
F.1 Overview
F.2 Normative references
F.3 Acronyms
F.4 Specification conventions
F.5 H.323 requirements
F.6 Authentication and integrity
F.7 Procedure IV
F.8 Security association for
concurrent calls
F.9 Key update
F.10 Illustration examples
F.11 Multicast behaviour
F.12 List of secure signalling messages
F.13 List of object identifiers
Annex G – Usage of the Secure
Real-Time Transport Protocol (SRTP) in conjunction with the MIKEY key
management protocol within H.235
Annex H – RAS key
management
Annex I – Support of
direct-routed calls
I.1 Scope
I.2 Introduction
I.3 Specification
conventions
I.4 Terms and definitions
I.5 Symbols and
abbreviations
I.6 Normative references
I.7 Overview
I.8 Limitations
I.9 Procedure DRC
I.10 PRF-based key derivation procedure
I.11 FIPS-140-based key derivation procedure
I.12 List of object identifiers
Appendix I – H.323
implementation details
I.1 Ciphertext padding methods
I.2 New keys
I.3 H.323 trusted elements
I.4 Implementation
examples
Appendix II – H.324
implementation details
Appendix III – Other
H-series implementation details
Appendix IV –
Bibliography