Thanks for publishing that attack. It has similarities with the attack described by Hadriel in http://tools.ietf.org/html/draft-kaplan-sip-baiting-attack.
-d > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Raphael Coeffic > Sent: Wednesday, March 04, 2009 2:35 AM > To: [email protected] > Subject: [Sip] draft-state-sip-relay-attack-00 > > Hello, > > a new internet draft has been published concerning the relay > attack on > digest authentication and SIP. The attack itself has been first > disclosed 2 years ago by the maydnes team from the french > INRIA. Until > now, no document has been pushlished that documents the attack and > provides guidance to SIP operators or handset manufacturers. > > http://tools.ietf.org/html/draft-state-sip-relay-attack-00 > > The appropriate mitigations of problem resolutions are still not 100% > clear. We hope that this draft can help start a discussion on how to > best resolve this problem. > > > Regards, > > Raphael Coeffic. > (on behalf of all the authors of this draft) > > -------------------------------------------------------------- > ------------------------------------- > > Filename: draft-state-sip-relay-attack > Version: 00 > Staging URL: > http://www3.ietf.org/proceedings/staging/draft-state-sip-relay > -attack-00.txt > Title: SIP digest authentication relay attack > Creation_date: 2009-03-02 > WG ID: Indvidual Submission > Number_of_pages: 18 > Abstract: > The Session Initiation Protocol (SIP [RFC3261]) provides a mechanism > for creating, modifying, and terminating sessions with one or more > participants. This document describes a vulnerability of SIP > combined with HTTP Digest Access Authentication [RFC2617] through > which an attacker can leverage the victim's credentials to send > authenticated requests on his behalf. This attack is different from > the man-in-the-middle (MITM) attack and does not require any > eavesdropping, DNS or IP spoofing. > > > > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [email protected] for questions on current sip > Use [email protected] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
