RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4771, "Integrity Transform Carrying Roll-Over Counter for the Secure Real-time Transport Protocol (SRTP)", January 2007

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec
See Also: RFC 4771 w/ inline errata

Errata ID: 3233
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Mats Näslund
Date Reported: 2012-05-28
Verifier Name: Robert Sparks
Date Verified: 2012-06-07

Section 2 says:

When the receiver receives an SRTP packet, it processes the packet
according to RFC 3711 except that during authentication processing
ROC_local is replaced by ROC_sender (retrieved from the packet).

It should say:

When the receiver receives an SRTP packet, it processes the packet
according to RFC 3711 except that during replay check and authentication processing
ROC_local is replaced by ROC_sender (retrieved from the packet).

Notes:

While this is typo, it has the unfortunate side effect of creating a possibility for a replay attack where the attacker injects a previous message, possibly causing the receiver to loose synch on the ROC value. This is prevented if the receiver uses ROC_sender in place of ROC_local during both authentication _and_ replay check.

We thank David McGrew for spotting this error.

Report New Errata



Advanced Search