asterisk users - Oct 2015 - Asterisk encrypted authentication for clients

> Thanks Jeff, just to confirm, password are not sent in plain text? I 
> want to safeguard against man in the middle attacks, sniffing traffic of 
> clients.
That's correct.

The way it works is:

-  Both the client, and Asterisk, know what the password is.

-  The client sends a SIP message which would require authorization
   (a register or invite, for example).  It provides the username
   in the message.

-  The server generates a random "nonce" (basically a big random
   number) and sends it back to the client... basically saying
   "Use this nonce, and your password, to prove who you are."

-  The client combines the nonce, and the password, and uses the
   combined data as input into a hashing function (I can't recall
   whether MD-5, SHA-1, or something more modern is used).  I
   *think* some of the other details of the original message are
   also included in the hash but don't recall for certain.

-  The client re-sends the original message, and includes its
   username, the nonce, and the hash.  It does not send the
   password at all.

-  The server makes sure that the nonce is is the most recent
   one it sent, and that this is the first time the client has
   sent back that particular nonce.  Once that's certain, the
   server uses the nonce and its copy of the password to
   compute the hash, and compares this with the hash the client
   sent.

-  If the hashes match, the server "knows" that the client knows
   the correct password (to a very high degree of certainty) and
   it allows the command to proceed.  If they don't match, the
   client doesn't know the password, and the command is rejected.

The hash functions that are used, are ones which would make it
extremely difficult (months or years of computing time) to
figure out what the password is, by breaking the hash algorithm.

Of course, if a "weak" (short, guessable) password is used, it
can be broken by a dictionary attack or brute force - the hash
technique can't defend against this.

Thank you very much Dave,

_Motty

On 10/31/2015 10:47 AM, Dave Platt wrote:
>> Thanks Jeff, just to confirm, password are not sent in plain text? I
>> want to safeguard against man in the middle attacks, sniffing traffic
of
>> clients.
> That's correct.
>
> The way it works is:
>
> -  Both the client, and Asterisk, know what the password is.
>
> -  The client sends a SIP message which would require authorization
>     (a register or invite, for example).  It provides the username
>     in the message.
>
> -  The server generates a random "nonce" (basically a big random
>     number) and sends it back to the client... basically saying
>     "Use this nonce, and your password, to prove who you are."
>
> -  The client combines the nonce, and the password, and uses the
>     combined data as input into a hashing function (I can't recall
>     whether MD-5, SHA-1, or something more modern is used).  I
>     *think* some of the other details of the original message are
>     also included in the hash but don't recall for certain.
>
> -  The client re-sends the original message, and includes its
>     username, the nonce, and the hash.  It does not send the
>     password at all.
>
> -  The server makes sure that the nonce is is the most recent
>     one it sent, and that this is the first time the client has
>     sent back that particular nonce.  Once that's certain, the
>     server uses the nonce and its copy of the password to
>     compute the hash, and compares this with the hash the client
>     sent.
>
> -  If the hashes match, the server "knows" that the client knows
>     the correct password (to a very high degree of certainty) and
>     it allows the command to proceed.  If they don't match, the
>     client doesn't know the password, and the command is rejected.
>
> The hash functions that are used, are ones which would make it
> extremely difficult (months or years of computing time) to
> figure out what the password is, by breaking the hash algorithm.
>
> Of course, if a "weak" (short, guessable) password is used, it
> can be broken by a dictionary attack or brute force - the hash
> technique can't defend against this.
>
>
>