
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>Hello,</p>

    <p>latest kamailio versions support also SHA256 algorithm:</p>

    <p>  -

<a class="moz-txt-link-freetext" href="https://www.kamailio.org/docs/modules/stable/modules/auth.html#idp36720604">https://www.kamailio.org/docs/modules/stable/modules/auth.html#idp36720604</a></p>

    <p>However, the main blocker in suing a different hashing algorithm

      are the sip client devices (mainly hardphones), which implement

      only MD5. If you implement your own client app, then you can

      extend kamailio to support whatever hashing you do in the client.</p>

    <p>Then, of course you can use client side tls certificates for

      authentication, which should be better than any hashing algorithm.<br>

    </p>

    <p>Cheers,<br>

      Daniel<br>

    </p>

    <br>

    <div class="moz-cite-prefix">On 11.11.17 01:11, Walter Martín

      Villalba wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CA+V_MsJJKyWYzV1Nei6u+iB=2fWmOU2vHVU8sK5t111wKmVXXw@mail.gmail.com">

      <div dir="ltr">Hello,

        <div><br>

        </div>

        <div>I did some searches online and talked to some colleagues

          and it seems Kamailio only supports the traditional HTTP

          digest authentication, which uses MD5. I would like to know if

          any of you has been successful in using

          bcrypt/scrypt/pbkdf2 passwd hashing, instead of MD5, which has

          been deemed as obsolete and insecure a long time ago. Perhaps

          you've written your own auth module, or just modified the

          config script to call some other credential checking routine

          using a custom python/perl script (I'm thinking of doing the

          latter, of nothing better is available).</div>

        <div><br>

        </div>

        <div>If any of you have done something like this, using bcrypt

          or any other current and secure hashing algorithm, I would

          appreciate some guidance.  If you haven't, aren't you

          concerned about storing MD5 password hashes in your database?</div>

        <div><br>

        </div>

        <div>Note: if I can't find a good answer using this list, I will

          try the developer's list next.</div>

        <div><br>

        </div>

        <div>Thanks in advance,</div>

        <div><br>

        </div>

        <div>Martín.</div>

        <div><br>

        </div>

        <div><br>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

Kamailio (SER) - Users Mailing List

<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a>

<a class="moz-txt-link-freetext" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>

</pre>

    </blockquote>

    <br>

    <pre class="moz-signature" cols="72">-- 

Daniel-Constantin Mierla

<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda">www.linkedin.com/in/miconda</a>

Kamailio Advanced Training, Nov 13-15, 2017, in Berlin - <a class="moz-txt-link-abbreviated" href="http://www.asipto.com">www.asipto.com</a>

Kamailio World Conference - <a class="moz-txt-link-abbreviated" href="http://www.kamailioworld.com">www.kamailioworld.com</a></pre>

  </body>

</html>