> > As the Authorization header clearly states, this value is created using an > MD5 Digest (hash). Since it is a digest function, it is not reversible. It > is impossible to recover the password that was used during the calculation > of the response value (although given enough time and CPU resources, it is > possible go through a massive list of possibilities and try each one until > you find one that matches). > > Thanks. Based on above, I am getting that Asterisk also runs MD5 algorithm on the password and then matches the two hash digests to see if they are good or not. Is that all happens? or is there an encryption involved as well? Chance of collision of 1^128?
Regards,
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
