Presentation is loading. Please wait.

Presentation is loading. Please wait.

SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne August 2013 draft-peterson-secure-origin-ps-01 + mailing list discussion.

Published byHector Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne August 2013 draft-peterson-secure-origin-ps-01 + mailing list discussion."— Presentation transcript:

1 SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne August 2013 draft-peterson-secure-origin-ps-01 + mailing list discussion

2 Overview Phone numbers will be with us for 10++ years Their lack of validation is the main cause of phone-related criminality and nuisance Related to domain name validation, but significant differences each country code has one (regulatory) root Validate that originator of call is authorized to use From number Earlier attempts have failed The problem is well-scoped competing ideas are generally compatible Known unknowns 2

3 Two modes of caller ID spoofing Impersonation spoof target number personal or 800 number Helpful for vishing stolen credit card validation retrieving voicemail messages SWATting disconnect utilities unwanted pizza deliveries retrieving display name (CNAM) Anonymization pick more-or-less random number including unassigned numbers Helpful for robocalling intercarrier compensation fraud TDOS 3

4 Robocalling 4

5 Easily available on (SIP) trunks US Caller ID Act of 2009: Prohibit any person or entity from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm, or wrongfully obtain anything of value. Also: FCC phantom traffic rules 5 Caller ID spoofing

6 Legitimate caller ID spoofing Doctor’s office call from personal physician cell phone should show doctor’s office number Call center airline outbound contract call center should show airline main number, not call center Multiple devices, one number provide single call-back number (e.g., Google Voice) from all devices 6 anonymity is distinct problem (caller ID suppression)

7 Requirements E.164 number source authenticity E.164 taken loosely (N11, P-ANI, non-reachable numbers, …) assume that numbers can be canonicalized for signing seems to work for VM, CDRs, SS7 translation, … Complete solution (but not necessarily one mechanism) number assignment to validation validate caller ID later?: extended caller information Functionality must work without human intervention at caller or callee minimal changes to SIP must survive SBCs must allow partial authorized & revocable delegation doctor’s office third-party call center for airline must allow number portability among carriers (that sign) 7

8 Requirements Privacy e.g., third parties cannot discover what numbers the callee has dialed recently Efficiency will need a mode that causes minimal expansion of SIP headers (= suitable for UDP) e.g., caching of certs or public keys Simplicity minimize overall complexity incremental deployment 8

9 Not in scope Validate other identifiers (e.g., sip:alice@example.com) might or might not translate (assignment hierarchy) Validate textual caller ID (“CNAM”) anybody can call themselves “CARD HOLDER SVC” Cross-national calls from +234 codes are not a major problem (right now) Content (media) protection or integrity  SRTP Most man-in-the-middle signaling attacks e.g., evil proxy retargets call to grandma into selling Medicare supplements content (media) protection or integrity 9

10 P-Asserted-Identity (RFC 3325) RFC 3325 assumptions: originating end systems cannot alter SIP headers (or intermediate entities can be trusted to remove PAI headers) trusted chain of providers 10 P-Asserted-Identity: "Cullen Jennings" P-Asserted-Identity: tel:+14085264000

11 RFC 4474 (SIP Identity) 11 INVITE sip:bob@biloxi.example.org SIP/2.0 Via: SIP/2.0/TLS pc33.atlanta.example.com;branch=z9hG4bKnashds8 To: Bob From: Alice ;tag=1928 Call-ID: a84b4c76e66710 CSeq: 314159 INVITE Max-Forwards: 70 Date: Thu, 21 Feb 2002 13:02:03 GMT Contact: Identity: “KVhPKbfU/pryhVn9Yc6U=“ Identity-Info: ;alg=rsa-sha1 Content-Type: application/sdp Content-Length: 147 v=0 o=UserA 2890844526 2890844526 IN IP4 pc33.atlanta.example.com s=Session SDP … changed by SBC SBC may change domains

12 Problems with RFC 4474 see rosenberg-sip-rfc4474-concerns Cannot identify assignee of telephone number Intermediate entity re-signs request B2BUAs re-originate call request replace everything except method, From & To (if lucky) 12

13 VIPR concerns Uses PSTN for reachability validation “own” number  proof of previous PSTN call (start/stop time, …) First call via PSTN doesn’t deal with robocalls “A domain can only call a specific number over SIP, if it had previously called that exact same number over the PSTN.” Single, worldwide P2P network deployment challenging Allows impersonator to find out who called specific number 13 draft-jennings-vipr-overview

14 Changes in environment 14 Old (pre-2000)new Small number of carriers serving customers with fixed number pools (residential, inbound) carriers that provide services to non- carriers (e.g., Google Voice, VRS) voice service providers (via APIs) Carriers either larger or rural  trusted“Pink” carriers (robocalls = lots of minutes) Carriers with deep engineering skillsTelecom engineers fired or retired Call routing determined by physical transport (MF or SS7) logical routing via SIP proxies Domestic calls stay within the countrycall from NJ to NY may visit Berlin #’s only for certificated carriers (~ 1000)interconnected VoIP providers (trial) 1000 block assignmentindividual numbers? Geographic assignment (LATA, area code) no direct relationship to geography (800#, mobile, VoIP, M2M, …)

15 What makes solutions harder than in 2002? Mostly E.164 numbers, not domain-based SIP URIs Failure of public ENUM  no central database B2BUA deployment  SDP rewritten for most calls Stickiness of infrastructure SS7 will be with us, unchanged, for decade+ Lots of non-SIP interconnection for both technical and non-technical reasons note: regulators typically encourage VoIP interconnection 15

16 Changes: opportunities Mobile, programmable devices IP connectivity allows (some) end system validation IP-enabled PBX & SIP trunking PKI developments, e.g., DANE 16

17 Basic architecture 17 SS7 cert or public key rendezvous mechanism signs number after normalization signs number after normalization validate local carrier LD carrier may tunnel as UUI may tunnel as UUI

18 Options Number validation Public key only (e.g., DNS) publicprivateX.509 cert single certifier (per CC) separate delivery (URL) single “CDN” number-based access (no URL) multiple certifiers per CC single cert store (hierarchy) any cert anywhere almost all of these could interoperate in single system

19 Certificate models Integrated with assignment assignment of number includes certificate: “public key X is authorized to use number N” issued by number assignment authority, possibly with delegation chain allocation entity  carrier  end user separate proof of ownership similar to web domain validation e.g., Google voice validation by automated call back “Enter the number you heard” SIP OPTIONS message response? 19

20 Delegation options 1. Official holder of number block interacts with registry “My customer TheDoctorIsOut can use 212-555-1234 out of my number block” requires database interaction 2. X.509 certificate delegation chain reveals relationship of carriers and customers 20

21 Known unknowns Who will sign first, by choice or mandate? large carriers (“get rid of robocall complaints”) legitimate outbound call centers (“I want my snow day alert to be received”) high-value users (“I want to prevent identity theft”) smartphone end users Who will validate first? carriers concerned about intercarrier compensation fraud carriers sick of customer complaint calls new entrants looking for differentiator (“switch and no more robocalls!”) 21

22 Incremental deployment 22 signed? should be signed? known caller? validates? N N N Y N YY Y N Y

23 Conclusion Number spoofing is root of (almost) all phone evil Number spoofing may accelerate decay of PSTN Centralized number assignment makes problem tractable Solution approaches based on different assumptions who is willing to do what & when? All in for one approach or multiple solutions? reduce risk by multiple approaches? cost to central entities vs. cost to signers & validators or increase confusion, cost and non-adoption? 23

Download ppt "SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne August 2013 draft-peterson-secure-origin-ps-01 + mailing list discussion."

Similar presentations

Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
Information-Centric Networks09c-1 Week 9 / Paper 3 VoCCN: Voice Over Content-Centric Networks –V. Jacobson, D. K. Smetters, N. H. Briggs, M. F. Plass,

Information-Centric Networks09c-1 Week 9 / Paper 3 VoCCN: Voice Over Content-Centric Networks –V. Jacobson, D. K. Smetters, N. H. Briggs, M. F. Plass,
THIS IS THE WAY ENUM Variants Jim McEachern Carrier VoIP Standards Strategy THIS IS.

THIS IS THE WAY ENUM Variants Jim McEachern Carrier VoIP Standards Strategy THIS IS.
Geneva, Switzerland, 2 June 2014 The UK experience and approach to damage mitigation Huw Saunders, Director, Network Infrastructure, Ofcom

Geneva, Switzerland, 2 June 2014 The UK experience and approach to damage mitigation Huw Saunders, Director, Network Infrastructure, Ofcom
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
STIR Secure Telephone Identity. Context and drivers STIR Working Group Charter Problem Statement Threats Status of work Related work and links Introduction.

STIR Secure Telephone Identity. Context and drivers STIR Working Group Charter Problem Statement Threats Status of work Related work and links Introduction.
Session Initiation Protocol Winelfred G. Pasamba.

Session Initiation Protocol Winelfred G. Pasamba.
September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.
VoIP Technology Developments and Trends Henning Schulzrinne Columbia University.

VoIP Technology Developments and Trends Henning Schulzrinne Columbia University.
28 June 2015 Emergency services for SIP Henning Schulzrinne.

28 June 2015 Emergency services for SIP Henning Schulzrinne.
Numbering Update HENNING SCHULZRINNE JUNE 4, 2015.

Numbering Update HENNING SCHULZRINNE JUNE 4, 2015.
SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne May 31, 2013 draft-peterson-secure-origin-ps-00.

SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne May 31, 2013 draft-peterson-secure-origin-ps-00.
PREVENTING CALLERID SPOOFING Henning Schulzrinne FCC draft-peterson-secure-origin-ps-00.

PREVENTING CALLERID SPOOFING Henning Schulzrinne FCC draft-peterson-secure-origin-ps-00.
Membership and Media Management in Centralized Multimedia Conferences based on Internet Engineering Task Force Protocol Building Blocks Author: Ritu Mittal.

Membership and Media Management in Centralized Multimedia Conferences based on Internet Engineering Task Force Protocol Building Blocks Author: Ritu Mittal.
Session Initialization Protocol (SIP)

Session Initialization Protocol (SIP)
Via contains the address at which the originator is expecting to receive responses to this request. Mandatory To contains a display name and a SIP URI.

Via contains the address at which the originator is expecting to receive responses to this request. Mandatory To contains a display name and a SIP URI.
BASIC TELECOMMUNICATIONS

BASIC TELECOMMUNICATIONS
Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.

Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.
IT Expo SECURITY Scott Beer Director, Product Support Ingate +1-613-963-0933.

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Similar presentations

Ads by Google