Post on 12-Sep-2021
transcript
RFC 3261 Overview Known Authentication Attacks Unknown Attack
SIP Digest Access AuthenticationRELAY-ATTACK for Toll-Fraud
Humberto J. AbdelnurHumberto.Abdelnur@loria.fr
Radu StateRadu.State@loria.fr
Olivier FestorOlivier.Festor@loria.fr
Madynes teamhttp://madynes.loria.frLORIA-INRIA Lorraine
November 2, 2007
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Outline
1 RFC 3261 OverviewDirect Callre-INVITE RequestAuthenticated Call
2 Known Authentication AttacksMITM AttackReplay Attack
3 Unknown AttackRelay Attack
RFC 3261 Overview Known Authentication Attacks Unknown Attack
RFC 3261 Overview
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Direct Call
Direct Call from user B to A
RFC 3261 Overview Known Authentication Attacks Unknown Attack
re-INVITE Request
re-INVITE overview
“This modification can involve changing addresses or ports, adding a media
stream, deleting a media stream, and so on. This is accomplished by sending a
new INVITE request within the same dialog that established the session. An
INVITE request sent within an existing dialog is known as a re-INVITE.”1
1RFC 3261 Section 14 Modifying an Existing Session
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Authenticated Call
Call from User B to User A via a Proxy using DigestAccess Authentication (RFC 2617)
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Known Authentication AttacksRFC 2617 Section 4.5 ReplayAttacks
RFC 3261 Overview Known Authentication Attacks Unknown Attack
MITM Attack
Man in the Middle Attack
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Replay Attack
Replay Attack
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Unknown Authentication Attack toSIP
RFC 3261 Overview Known Authentication Attacks Unknown Attack
Relay Attack
Trigger a re-INVITE on User B in order to request himto authenticate