Basically using the nonce and the shared secret key (key shared between the Auc and the UE), UE generates the response for the challenge as mentioned in the other mail. Nonce again contains authentiaction token and the random challenge (RAND) (plus some optional server specific data) generated by the AuC.
Thanks, Arnab Biswas On Fri, Jan 9, 2009 at 4:41 AM, Iñaki Baz Castillo <[email protected]> wrote: > El Jueves, 8 de Enero de 2009, Andrew Wood escribió: > > Where does the nonce value fit into digest authentication? I thought > > it was just echoed back in the new invite as an extra security check, > > but apparently its somehow used when MD5ing the password? > > > > How is the plaintext password & the nonce combined to give the hashed > > password sent back to the server? > > ### --- Algorithm for creating the Digest response field --- > > ## HA1 > HA1 = MD5(A1) = MD5(username:realm:password) > > ## HA2 > # If 'qop' == "auth" or not present: > HA2 = MD5(A2) = MD5(method:digestURI) > # If 'qop' == "auth-int": > HA2 = MD5(A2) = MD5(method:digestURI:H(entity-body)) > > ## response > # If 'qop': > response = MD5(HA1:nonce:nonceCount:clientNonce:qop:HA2) > # If no 'qop' present: > response = MD5(HA1:nonce:HA2) > > > All is detailed in RFC 2617. > > > -- > Iñaki Baz Castillo > > _______________________________________________ > Sip-implementors mailing list > [email protected] > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors > _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
