IETF Logo Mail Archive

Re: [Sip] draft-state-sip-relay-attack-00

"Scott Lawrence" <scott.lawrence@nortel.com> Tue, 10 March 2009 18:02 UTC

Return-Path: <scott.lawrence@nortel.com>
X-Original-To: sip@core3.amsl.com
Delivered-To: sip@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 90C593A6A56 for <sip@core3.amsl.com>; Tue, 10 Mar 2009 11:02:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hyazohF-xOVa for <sip@core3.amsl.com>; Tue, 10 Mar 2009 11:02:04 -0700 (PDT)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id 16B4B3A6A49 for <sip@ietf.org>; Tue, 10 Mar 2009 11:02:03 -0700 (PDT)
Received: from zrtphxs1.corp.nortel.com (casmtp.ca.nortel.com [47.140.202.46]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id n2AI2aR20351; Tue, 10 Mar 2009 18:02:36 GMT
Received: from [127.0.0.1] ([47.16.91.121]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 10 Mar 2009 14:02:35 -0400
From: Scott Lawrence <scott.lawrence@nortel.com>
To: Hadriel Kaplan <HKaplan@acmepacket.com>
In-Reply-To: <E6C2E8958BA59A4FB960963D475F7AC314C4DE6298@mail>
References: <49AE593F.6080807@iptel.org> <167dfb9b0903050631r383fdb28x75c964a48e31ea3b@mail.gmail.com> <20090307190922.GB4364@x61s.janakj.ryngle.net> <E6C2E8958BA59A4FB960963D475F7AC314C4DE6298@mail>
Content-Type: text/plain
Organization: Nortel Networks
Date: Tue, 10 Mar 2009 14:02:34 -0400
Message-Id: <1236708154.16972.122.camel@scott>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.5 (2.24.5-1.fc10)
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 10 Mar 2009 18:02:35.0415 (UTC) FILETIME=[64300270:01C9A1AA]
Cc: "sip@ietf.org" <sip@ietf.org>
Subject: Re: [Sip] draft-state-sip-relay-attack-00
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2009 18:02:09 -0000

On Sat, 2009-03-07 at 14:51 -0500, Hadriel Kaplan wrote:

> Another question is whether an attacker can create special nonce's for
> one or more challenges it sends, that will help it figure out the
> password.  For example can they help a rainbow-table type of password
> cracking, and how much the cnonce can prevent that.

If the cnonce is well chosen and the nc value incremented, I think that
gets pretty hard, but I'm not by any means an expert on cracking one-way
hash functions.

v2.23.0 | Report a Bug | By Email