IETF Logo Mail Archive

[Sip-security] RE: SIP authentication problem when using RES in Digest-AKA

Greg Rose <ggr@qualcomm.com> Mon, 18 March 2002 01:27 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA14537 for <sip-security-archive@odin.ietf.org>; Sun, 17 Mar 2002 20:27:12 -0500 (EST)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id UAA19594 for sip-security-archive@odin.ietf.org; Sun, 17 Mar 2002 20:27:14 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id UAA19092; Sun, 17 Mar 2002 20:12:42 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id UAA19057 for <sip-security@optimus.ietf.org>; Sun, 17 Mar 2002 20:12:39 -0500 (EST)
Received: from warlock.qualcomm.com (warlock.qualcomm.com [129.46.64.204]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA14336 for <sip-security@ietf.org>; Sun, 17 Mar 2002 20:12:36 -0500 (EST)
Received: from avalon.qualcomm.com (avalon.qualcomm.com [203.30.171.11]) by warlock.qualcomm.com (8.12.1/8.9.3/8.9) with ESMTP id g2I1BuJL018149; Sun, 17 Mar 2002 17:11:57 -0800 (PST)
Received: from NAVAJO.qualcomm.com by avalon.qualcomm.com (8.8.8+Sun/SMI-SVR4) id MAA03905; Mon, 18 Mar 2002 12:11:24 +1100 (EST)
Message-Id: <4.3.1.2.20020318120008.01ac4fb8@127.0.0.1>
X-Sender: ggr2@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Version 4.3.1
Date: Mon, 18 Mar 2002 12:10:14 +1100
To: James Undery <jundery@ubiquity.net>
From: Greg Rose <ggr@qualcomm.com>
Cc: John W Noerenberg II <jwn2@qualcomm.com>, sip-security@ietf.org, Greg Rose <ggr@qualcomm.com>, aki.niemi@nokia.com, jari.arkko@ericsson.com, vesa.torvinen@ericsson.fi, Sanjoy Sen <sanjoy@nortelnetworks.com>
In-Reply-To: <45730E094814E44488F789C1CDED27AEC552CF@GBNEWP0758M.eu.ubiq uity.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Subject: [Sip-security] RE: SIP authentication problem when using RES in Digest-AKA
Sender: sip-security-admin@ietf.org
Errors-To: sip-security-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Security Issues for the SIP protocol <sip-security.ietf.org>
X-BeenThere: sip-security@ietf.org

[As requested, I've taken "sipping" out of the Cc: line.]

At 10:08 AM 3/15/2002 +0000, James Undery wrote:
>The RES 'secret' is surely going to be recalculated each time the
>session entropy (i.e. nonce) changes. Thus I'd modify step 4 and add
>pre7

This is definitely not in line with the intent of AKA, or the existing 
architecture.

Greg.

Greg Rose                                       INTERNET: ggr@qualcomm.com
Qualcomm Australia          VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,                http://people.qualcomm.com/ggr/
Gladesville NSW 2111    232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C


_______________________________________________
Sip-security mailing list
Sip-security@ietf.org
https://www1.ietf.org/mailman/listinfo/sip-security

v2.23.0 | Report a Bug | By Email