Recent Changes - Search:

Resources


IP PBX Systems


Telephony Switch


Phones


Access Gateway
Signaling Converter


Lawful Interception Recorder


Others


Discontinued Products


Main Domains


In Social Media


About Us
Contact Details





.

Diffie-Hellman_Key_Exchange

Telesis systems exchange Diffie - Hellman half keys using authentication based on H.235 Baseline Security Profile with or Baseline Security Profile without integrity check. This prevents Man-in-the-Middle (MIM) attacks and communicating systems can be sure with whom they share the Diffie-Hellman half keys.

Key exchange occurs during H323 call signaling (H.225) messaging between two systems for end-to-end communication. First call signaling message in both direction are used in key exchange. Setup message is used in forward direction. Setup Acknowledge, Call proceeding, Alerting or Connect message can be used in reverse direction. Since, the authentication keyed by the password, which is a secret in two systems, it may be open to MIM attacks if simple passwords are chosen. Telesis systems allow Diffie-Hellman half key exchange provided that a sufficiently long password is selected. In the following cases, the call fails before connect.

  • Authentication failure
  • Authentication but missing half key in Setup message
  • Authentication but missing half key in one of Setup Acknowledge, Call proceeding, Alerting or Connect messages
Print - Recent Changes - Search
Page last modified on January 10, 2012, at 03:35 AM EST
Subject to change without any notice. All rights reserved 2010 - Telesis A.S.
Iskitler Cad. No.68 Ankara, TURKEY. Tel: +90 312 3840540 Fax: +90 312 3840549 http://www.telesis-pbx.com