Presentation is loading. Please wait.

Presentation is loading. Please wait.

www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Jonathan Rosenberg Chief Scientist.

Published byDiana Garcia Modified over 10 years ago

Similar presentations

Presentation on theme: "www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Jonathan Rosenberg Chief Scientist."— Presentation transcript:

1

2 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Jonathan Rosenberg Chief Scientist

3 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Presentation Overview Current SIP Security Mechanisms and Issues Authentication Reflection attack Multi-proxy authentication Forking Encryption Forwarding Role of Hop-by-Hop Security Firewall and NAT Traversal Media Stream Encryption

4 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security SIP Authentication Two Relationships UA to UA UA to proxy Authentication Mechanisms Basic Digest PGP All are Challenge-Response SIP Can Also Authenticate Responses Not widely used Request Challenge (nonce, realm) ACK Request w/credentials

5 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Reflection Attack When using http digest for both request and response authentication The Same Shared Secret Cannot Be Used in Both directions Attacker can obtain credentials by reflecting a challenge in a response back in request Using different secrets in each direction eliminates attack Not a problem with PGP INV WWW-Auth: challenge1 401 WWW-Auth: challenge2 Auth: challenge1-auth INV WWW-Auth: challenge2 401 WWW-Auth: challenge3 Auth: challenge2-auth INV WWW-Auth: challenge1 Auth: challenge2-auth

6 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Multi-Proxy Authentication Multiple Proxies On the Path May Challenge the User Useful for outsourced services If UAC Only Inserts Credentials for Last Challenge, Ping-Ponging Results UAC Must Accumulate Credentials for All Challenges to a Request Grammar Problem Authorization parameters are comma separated, as are values Multiple headers must be used INV 401 Challenge 1 INV Credentials 1 401 Challenge 2 INV Credentials 2 401 Challenge 1 UACP1P2

7 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Forking Challenge Response Mechanisms and Forking Do Not Work Together Example A calls B Request forks to B1 and B2 Both send 401 Only one 401 is returned to A, that of B1 A resends request with credentials for B1 Request forks to B1 and B2

8 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Forking cont. B2 rejects request with 401 B1 rings 401 not forwarded since response not received from B1 B1 accepts 200 OK sent, call established Problem: B2 never rang Solution Signed requests without challenge response Requires PKI Replay prevention by remembering Call-IDs

9 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security SIP Encryption Capabilities Can Encrypt Bodies and Certain Headers But many headers still need to be in the clear PGP Based Overhead not a big issue since there are few requests per call Request is Signed with Public Key of User in To Field

10 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security SIP Encryption cont. Limitations Requires PKI Does not cover many critical headers (To, From) Does not work with forwarding Assumes advance knowledge of public key

11 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security One Solution: Hop-by-Hop Security Hop by hop Security Can Resolve Many Problems in e2e Authentication and Encryption Advantages No need for end users to have public keys Only service providers Models current web security Major Limitation Requires transitive trust model But proxy is already trusted to forward the request

12 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security One Solution: Hop-by-Hop Security cont. Specific Benefits Complete message encryption, including To, From Long-lived security associations between end users and proxies Eliminates expensive per-message verification Long lived security associations between proxies CANCEL security Proxy-to-proxy authentication

13 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security CANCEL Security CANCEL Has Unusual Characteristics Can be generated by UA or proxy Always refers to some other method Cannot Be Signed by UAC Might not even be generated by UAC DOS Attack Possible Without Authentication of CANCEL Send CANCEL from attacker to target when target gets INVITE Attacker need only eavesdrop INVITEs Result: target can be prevented from receiving calls

14 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security CANCEL Security cont. Solution is Hop-by-Hop CANCEL is only accepted over an established SA CANCEL must come from same peer INVITE came from These rules guarantee that Only the entity on call setup path can send CANCEL No one can see that CANCEL was sent Significant improvement over unauthenticated CANCELs

15 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Hop-by-Hop Operation Spec Makes No Specific Recommendations SIP Security Task Force is Developing Hop-by-hop Guidelines Issues Transport Keying Guiding Principles Do not solve it yourself - you will get it wrong Must use existing mechanisms

16 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security HBH: How is it Done? cont. Recommended Transport ESP in transport mode Keying No clear protocol choice Some support for kerberos Kerberos Benefits Both public keys (new extension) and traditional shared secret Much lighter than IKE Already present in many enterprises

17 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security NAT and Firewall Traversal Need for Secure Traversal of SIP and its Signaled Sessions Through NAT and Firewall SIP is a Session Control Protocol IP address and ports appear in body of protocol Fundamental to SIP operation NAT traversal difficult Challenge: SIP NAT Application Layer Gateway is Needed, But, Embedding ALG in NAT Poses Problems Scaling Separation of function Expertise

18 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Proposed Solution for NAT and Firewall Traversal Separate Application Layer NAT from IP Layer NAT Application-Specific Devices Perform Application Layer NAT Solves expertise problem Separation of functions - enables growth Enhanced scalability Use application-layer load balancing techniques Dedicated IP NAT box can be fast Creates Buffering Zone to Deter DOS Attacks! IP NAT SIP Control RTP Buffering Zone Proxy

19 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security NAT and Firewall Traversal: The Missing Piece Control Protocol Between Application Layer NATs and IP NAT Main Requirements Binding request: give a private address, obtain a public address Binding release Open hole (firewall) Close hole (firewall) Group bindings INVITE BIND REQ BINDING INVITE 200 OK OPEN ACK

20 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security NAT and Firewall Traversal cont. Options for Developing Control Protocol Extension to SOCKS All new protocol Key Requirements Simple Fast Supports failover and reliability Ability to query for binding/hole lists Ability to push large numbers of lists Keepalives FOGLAMPS BoF in Adelaide IETF

21 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Media Stream Encryption The Challenge How to establish secure media streams signaled by SIP? Critical for privacy and prevention of DOS attacks Secure means encrypted and authenticated Specific Obstacles Establishing shared session keys for media encryption Performing encryption Performing authentication

22 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Media Stream Encryption cont. Potential Solutions For Establishing Shared Keys Solution I Send session key in SDP k line Must encrypt and authenticate SIP messages Relies on PGP for encryption and authentication Solution II Diffie Helman key exchange in SDP MUST authenticate SIP messages Relies on PGP for authentication only Solution III IKE or Kerberos

23 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Media Stream Encryption cont. General Principles in Building a Solution Security is difficult. Do not try it on your own, since you will get it wrong. Use the protocols developed by experts with a deep understanding of security. Recommended Solution IKE or Kerberos for keying IPSEC or RTP security for encryption Currently under review by SIP Working Group in IETF

24 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Media Authentication Recent DoS Attacks Demonstrate Need for Media Authentication Media Encryption Does Not Imply Authentication Difficult to validate media when decrypted Decryption carries high cost Possible Solutions Add message integrity check computed over just headers Add message integrity check over entire packet How to Add Check to RTP? Extension Padding Extra data at end

25 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Summary Be Careful of Pitfalls in Existing Mechanisms Hop-by-Hop Security Can Help Solve Many Open Issues Firewall and NAT Traversal Remain Critical Issues Establishing Secure Media Streams is Needed For Privacy, DOS Attack Prevention

26 www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Information Resource Jonathan Rosenberg jdrosen@dynamicsoft.com +1 732.741.7244

Download ppt "www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Jonathan Rosenberg Chief Scientist."

Similar presentations

Re-INVITE Handling draft-camarillo-sipping-reinvite-00.txt

Re-INVITE Handling draft-camarillo-sipping-reinvite-00.txt
SIP, Presence and Instant Messaging

SIP, Presence and Instant Messaging
SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Presence and IM as SIP Services Jonathan Rosenberg Chief Scientist.

Presence and IM as SIP Services Jonathan Rosenberg Chief Scientist.
An Application Component Architecture for SIP Jonathan Rosenberg Chief Scientist.

An Application Component Architecture for SIP Jonathan Rosenberg Chief Scientist.
SIP and Instant Messaging. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
IMPP Update: SIP. www.dynamicsoft.com Spring PIM 2001 IMPP Update SIMPLE Group SIMPLE = SIP for Instant Messaging Leveraging Extensions BoF Session Held.

IMPP Update: SIP. Spring PIM 2001 IMPP Update SIMPLE Group SIMPLE = SIP for Instant Messaging Leveraging Extensions BoF Session Held.
Jonathan Rosenberg Chief Scientist

Jonathan Rosenberg Chief Scientist
www.dynamicsoft.com dynamicsoft Inc. Proprietary VON Developers Conference 1/19/00 C O N N E C T I N G T H E W O R L D W I T H A P P L I C A T I O N S.

dynamicsoft Inc. Proprietary VON Developers Conference 1/19/00 C O N N E C T I N G T H E W O R L D W I T H A P P L I C A T I O N S.
www.dynamicsoft.com Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
www.dynamicsoft.com IM 2000 -- May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
www.dynamicsoft.com Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.
www.dynamicsoft.com Internet Telecom Expo 2000 - September 20, 2000 SIP vs. H.323 SIP vs. H.323 Will the Real IP Telephony Please Stand Up? Jonathan Rosenberg.

Internet Telecom Expo September 20, 2000 SIP vs. H.323 SIP vs. H.323 Will the Real IP Telephony Please Stand Up? Jonathan Rosenberg.
www.dynamicsoft.com VON Europe 2000 -- 06/19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.

VON Europe /19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.
www.dynamicsoft.com Insert Tradeshow or Event Name -- Date Insert Presentation Title Realities of Multi-Domain Gateway Network Management Jonathan Rosenberg.

Insert Tradeshow or Event Name -- Date Insert Presentation Title Realities of Multi-Domain Gateway Network Management Jonathan Rosenberg.
www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
www.dynamicsoft.com VON Europe 2000 - 06-19-00 SIP Update Jonathan Rosenberg Chief Scientist co-chair, IETF SIP Working Group.

VON Europe SIP Update Jonathan Rosenberg Chief Scientist co-chair, IETF SIP Working Group.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Early Media Authorization Under what conditions should negotiated media flow prior to 200 OK (INVITE)? Richard Ejzak.

Early Media Authorization Under what conditions should negotiated media flow prior to 200 OK (INVITE)? Richard Ejzak.

Similar presentations

Ads by Google