RFC Errata
Found 1 record.
Status: Verified (1)
RFC 4771, "Integrity Transform Carrying Roll-Over Counter for the Secure Real-time Transport Protocol (SRTP)", January 2007
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 3233
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Mats Näslund
Date Reported: 2012-05-28
Verifier Name: Robert Sparks
Date Verified: 2012-06-07
Section 2 says:
When the receiver receives an SRTP packet, it processes the packet according to RFC 3711 except that during authentication processing ROC_local is replaced by ROC_sender (retrieved from the packet).
It should say:
When the receiver receives an SRTP packet, it processes the packet according to RFC 3711 except that during replay check and authentication processing ROC_local is replaced by ROC_sender (retrieved from the packet).
Notes:
While this is typo, it has the unfortunate side effect of creating a possibility for a replay attack where the attacker injects a previous message, possibly causing the receiver to loose synch on the ROC value. This is prevented if the receiver uses ROC_sender in place of ROC_local during both authentication _and_ replay check.
We thank David McGrew for spotting this error.