ITU H.235.5:2005
ITU H.235.5:2005 H.323 Security: Framework For Secure Authentication In Ras Using Weak Shared Secrets Provides the framework for mutual party authentication during H.225.0 RAS exchanges.
Table of Contents
1Scope2References
2.1Normativereferences
2.2Informativereferences
3Definitions
4Abbreviations
5Conventions
6Basicframework
6.1ImprovednegotiationcapabilitiesinH.235.0
6.2Usebetweenendpointandgatekeeper
6.3Useofprofilebetweengatekeepers
6.4Signallingchannelencryptionandauthentication
7Aspecificsecurityprofile(SP1)
8Animprovedsecurityprofile(SP2)
8.1CallSignallingsequencenumber
8.2GenerationofWeakEncryptionKeyfrompassword
8.3Noncesize
8.4Initializationvectorsalting
8.5ClearTokenencoding
9Extensionstotheframework(Informative)
9.1Usingthemasterkeytosecurethecallsignalling
channelviaTLS
9.2Useofcertificatestoauthenticatethegatekeeper
9.3Useofalternativesignallingsecuritymechanisms
10Threats(Informative)
10.1Passiveattack
10.2Denial-of-Serviceattacks
10.3Man-in-the-Middleattacks
10.4Guessingattacks
10.5Unencryptedgatekeeperhalf-key