1. Authentication and encryption
The role of certification (Authorization) is to show who you are, to prove to others who you are. The associated concept is MD5, which is used for authentication security. Note that MD5 is just a hash function and is not used for encryption. Because the hash function after processing the data can not reverse recovery, this way others can not steal your authentication identity password.
Encryption (encryption) is the role of the data to be transferred to the processing, even if stolen in the network is difficult to crack. Encrypted information can be cracked, which requires a key-"key". With the key, we can encrypt and decrypt the data. The most famous private key encryption system is the data Encryption Standard (DES), which is now administered by the U.S. National Security Service and the National Bureau of Standards and Technology. Another system is the International Data Encryption Algorithm (IDEA), which is better than the encryption of DES, and the need for computer function is not strong.
2. SIP authentication Method
SIP authentication is the authentication method that inherits HTTP. According to Rfc2617,http's certification scheme, there are two kinds of Basic authentication scheme and digest Access authentication scheme. The basic method used by the password to verify the original way, easy to be stolen, so SIP has abandoned this way.
Digest authentication scheme can MD5 the password to be packaged. In general, there are two ways to get a password: 1. Dictionary attacks, that is, the use of polling for password guessing method, if the password is simple and dangerous, the other way is to attack the server to obtain the password, if the server stored the password so that it could be stolen. So the method is the server side no longer store the original password, but use MD5 packaging up, so that when the MD5 packaging certification information came over, compare the stored MD5 data can know the identity of the user.
3.Response Value algorithm
1) hash1=md5 (Username:realm:password)
2) hash2=md5 (Method:uri)
3) response=md5 (HA1:nonce:HA2)
As an example:
Username= ' 3502 '
Realm= ' Officeten '
Password= ' Admin111 '
Method= ' REGISTER '
Uri= ' sip:192.168.28.152 '
Response= ' ae850ee2184aa88e3b79200f08284095 '
Reference article: http://blog.sina.com.cn/s/blog_4b839a1b01000bqq.html
http://blog.csdn.net/mrshelly/article/details/7535102
Http://blog.sina.com.cn/s/blog_737adf5301013f1i.html
Attached: MD5 encryption Python implementation
Import Hashlib
#md5加密32位
def MD5 (str):
m = Hashlib.md5 ()
M.update (str)
Return M.hexdigest ()
HASH1=MD5 ("20007:element:20007")
print '%s '%hash1
HASH2=MD5 ("register:sip:192.168.10.222")
print '%s '%hash2
RESPONSE=MD5 (hash1+ ": 449caead:" +hash2)
Print response
A detailed description of SIP authentication algorithm and Python encryption