[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: On the Security of Short Authentication Strings
On Mar 18, 2007, at 9:44 AM, Werner Dittmann wrote:
Two basic mechanisms have been proposed for providing
authentication for media-plane key management for RTPSEC:
1. Cryptographically bind the MPKM to the signalling.
With the current protocol (SIP) and the usage of this protocol
this is very hard, if at all, to achive are cryptographically
strong (or even good) binding. While RFC4474 may be ok for
identity, it fails for cryptographically strong binding of
Could you elaborate on what the problem is here or what you mean by a
cryptographically strong binding?