[asterisk-users] Is there a way to encrypt passwords stored in the realtime database?
Benny Amorsen
benny+usenet at amorsen.dk
Fri Aug 22 07:03:09 CDT 2008
"Philippe Sultan" <philippe.sultan at gmail.com> writes:
> Well, if someone steals the md5secret (HA1) for a given username and
> realm, he can use it to authenticate to the SIP proxy or B2BUA that
> serves the target user.
This is unavoidable with password-based systems.
Either you transfer the password unencrypted on the network (or
e.g. hashed with MD5, but that just means that the hash is the actual
password), and then you can store the password as a hash on the
server.
Or you use a secure protocol, e.g. a nonce-based one, to prove that
the other end has the same password as you -- but then the server
needs to have the unhashed password available for comparison.
SIP tries to do both, but effectively it picks the second choice:
Trust the server, not the network.
To do better you need public key cryptography. Alas, noone has
invented a way to create a private key from a password, so that means
you don't get to pick your own private key. Still, I think that would
have been a vastly better choice for SIP and for anything else where
humans aren't expected to regularly type their password. Either way,
SIP can't do it.
You can also go the whole way with client certificates and SIP/TLS,
and then you can hire a few people to keep your PKI running and secure
-- and I'm not sure that Asterisk can do it yet.
/Benny
More information about the asterisk-users
mailing list