SIP digest authentication cloning
Posted on 2004-10-13
I'm looking into the possibility of extracting the secret key of a SIP client that does challenge/response authentication with a server. My knowledge of the SIP protocol is somewhat limited, but as I understand it, it does the following:
1: client initiiates connection with REGISTER
2: server says "401 unauthorized" and provides a challenge (8 hex chars). Field is called "nonce"
3: client sends another REGISTER, with some hash value computed on the server's hex value (one field is called "cnonce", there is also a longer field called "response" that is fairly long).
4: hopefully, server says "200 OK"
This is where my problem comes in. I have no control over the server, and neither do I have control over the client (although I can spy on the traffic using e.g. tcpdump or ethereal). I have let tcpdump run for a few days and I now have a lot of these hash pairs.
The question is, simply, can I use these pairs to make a copy of the original secret? I know that breaking hashes can be difficult. On the other hand, the size of the fields suggest only 2^32 possible values. I have, however, no idea how difficult such a thing would be. For starters, I have no idea what kind of info except the "nonce" field that gets thrown into the hash machine.
Just to clarify, I might add that all this is for a legitimate purpose :)