On Nov 6, 2008, at 2:58 PM, Suresh Krishnan wrote:
Hi Eric,
Eric Rescorla wrote:
But then the attacker isn't *intercepting* their communications.
Alice calls Bob and ends up talking to someone but she knows
that she doesn't know who. The point is you can't use this to
mount an MITM attack.
Again. I agree with what you said. What I was commenting on is the
following text from the draft
"Bob would know that an attack was happening. The fact that
one side can detect this attack means that in most cases where Alice
and Bob both wish the communications to be encrypted there is not a
problem."
My question was, how would Bob detect this attack?
I think I understand the question. Let's check.
Bob is talking, but nobody hears what he says, since he's encrypted it
for Alice but Alice isn't getting it. Bob may well notice that there's
something strange here.
An attacker in this position could also have affected things such that
the call never reaches Bob. His phone doesn't ring, and Bob isn't
talking to anybody. So how does he know there's an attack? Why would
Eve have even allowed any signaling to get to Bob in the first place
if she had this sort of control?
Bob can't detect the attack, and this is not an issue with DTLS-SRTP;
it's a fundamental aspect of the signaling model.
However, Alice, who is the only party here that's honestly engaged in
a call and saying something that could be intercepted, CAN detect the
attack. That's the important piece.
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
