Lecture 8 SIP Security Asst.Prof. Supakorn Kungpisdan, Ph.D. [email protected]

Lecture 8SIP SecurityAsst.Prof. Supakorn Kungpisdan, Ph.D.

[email protected]

History of SIP

SIP emerged in the mid-1990s from the research of Henning Schulzrinne, Associate Professor of the Department of Computer Science at Columbia University, and his research team.

A co-author of the Real-Time Transport Protocol (RTP) for transmitting real- time data via the Internet, Professor Schulzrinne also co-wrote the Real Time Streaming Protocol (RTSP) -- a proposed standard for controlling streaming audio-visual content over the Web.

NETE4630 Advanced Network Security and Implementation

2

History of SIP (cont.)

Schulzrinne’s intent was to define a standard for Multi- party Multimedia Session Control (MMUSIC).

In 1996, he submitted a draft to the IETF that contained the key elements of SIP.

In 1999, Shulzrinne removed extraneous components regarding media content in a new submission, and the IETF issued the first SIP specification, RFC 2543.

While some vendors expressed concerned that protocols such as H.323 and MGCP could jeopardize their investments in SIP services, the IETF continued its work and issued SIP specification RFC 3261 in 2001.


3

History of SIP (cont.)

Since then, enhancements to security and authentication among other areas have been issued in several additional RFCs.

RFC 3262, for example, governs Reliability of Provisional Responses.

RFC 3263 establishes rules to locate SIP Proxy Servers.

RFC 3264 provides an offer/answer model and RFC 3265 determines specific event notification.


4

VoIP Stack


5

SIP Overview

As an IETF specification, SIP extends the open-standards spirit of the Internet to messaging, enabling disparate computers, phones, televisions and software to communicate.

As noted, a SIP message is very similar to HTTP (RFC 2068). Much of the syntax in message headers and many HTTP codes are re-used.

Using SIP, for example, the error code for an address not found, “404,” is identical to the Web’s.

SIP also re-uses the SMTP for address schemes. A SIP address, such as sip:[email protected], has the exact structure as an email address.

SIP even leverages Web architectures, such as Domain Name System or Service (DNS), making messaging among SIP users even more extensible.


6

SIP Basic Requirements

1. User location services

2. Session establishment

3. Session participant management

4. Limited feature establishment

SIP does not define the type of session that is being established, only how it should be managed. This flexibility means that SIP can be used for an enormous number of applications and services, including interactive gaming, music and video on demand as well as voice, video and Web conferencing.


7

SIP Features

SIP messages are text based and hence are easy to read and debug.

SIP re-uses MIME type description in the same way that email clients do, so applications associated with sessions can be launched automatically.

SIP re-uses several existing and mature internet services and protocols such as DNS, RTP, RSVP etc.

SIP extensions are easily defined, enabling service providers to add them for new applications without damaging their networks.

Older SIP-based equipment in the network will not impede newer SIP-based services. For example, an older SIP implementation that does not support method/ header utilized by a newer SIP application would simply ignore it.


8

SIP Features (cont.)

SIP is transport layer independent. Therefore, the underlying transport could be IP over ATM. SIP uses UDP and TCP protocol, flexibly connecting users independent of the underlying infrastructure.

SIP supports multi-device feature levelling and negotiation. If a service or session initiates video and voice, voice can still be transmitted to non-video enabled devices, or other device features can be used such as one way video streaming.


9

Relationships between SIP and Other Protocols


10

Anatomy of SIP

SIP User Agents (UAs) Create and manage a SIP session. The User Agent Client initiates

the message. The User Agent Server responds to it.

SIP Registrar Servers Databases that contain the location of all User Agents within a

domain. In SIP messaging, these servers retrieve and send participants’ IP addresses and other pertinent information to the SIP Proxy Server.


11

Anatomy of SIP (cont.)

SIP Proxy Servers Accept session requests made by a SIP UA and query the SIP

Registrar Server to obtain the recipient UA’s addressing information. It then forwards the session invitation directly to the recipient UA if it is located in the same domain or to a Proxy Server if the UA resides in another domain.

SIP Redirect Servers allow SIP Proxy Servers to direct SIP session invitations to external

domains. SIP Redirect Servers may reside in the same hardware as SIP Registrar Severs and SIP Proxy Servers.


12

Intra-domain SIP


13

1. Call User B 2. Query “Where is User B?” 3. Response “User B SIP Address” 4. ‘Proxied’ Call 5. Response 6. Response 7. Multimedia Chanel Established

http://www.avaya.com/master-usa/en-us/resource/assets/whitepapers/lb2343.pdf

Inter-domain SIP


14

SIP Call Setup and Tear-down


15

SIP INVITE Message


16

SIP 200 OK Message


17

Message Flow of SIP Authentication


18

Security on the Internet

The Internet is open Anyone with Internet access may attack anyone else Increasing complexity and programmability leads to lots of

bugs that can be exploited Packets can be dumped (or snooped) anywhere in the middle

of the packet path

What are you trying to secure? Authenticate Privacy Integrity Availability


19

SIP Vulnerability

Proxy Impersonation: an attacker can impersonate a proxy server.

Message Tampering: a man-in-the-middle can intercept and change messages sent between entities.

Session Teardown: an attacker can send a spoofed BYE message to either party.

Denial of Service: an attacker can disrupt service by making phony requests or by flooding servers or UAs with REGISTER or INVITE messages.

Registration Hijacking: an attacker can register his device in place of another user’s device.


20

SIP Billing AttacksCall Establishment Hijacking


21

SIP Billing AttacksCall Termination Hijacking


22

SIP Billing AttacksCall Forwarding Hijacking


23

AuthenticationAuthentication is means of identifying another entity. There are many ways to is means of identifying another entity. There are many ways to authenticate another entity, but the typical computer based authenticate another entity, but the typical computer based methods involve user ID/password or digitally signing a set of methods involve user ID/password or digitally signing a set of bytes using a keyed hashbytes using a keyed hash

ConfidentialityConfidentiality Cryptographic confidentiality means that only the intended Cryptographic confidentiality means that only the intended recipients will be able to determine the contents of the recipients will be able to determine the contents of the confidential areaconfidential area

IntegrityIntegrity A message integrity check is means of insuring that a message A message integrity check is means of insuring that a message in transit was not alteredin transit was not altered

AuthorizationAuthorization Once identification of a correspondent is achieved, a decision Once identification of a correspondent is achieved, a decision must be made as to whether that identity should be granted must be made as to whether that identity should be granted access for the requested services. This is the act of access for the requested services. This is the act of authorization. This is often done using access control lists authorization. This is often done using access control lists (ACL).(ACL).

PrivacyPrivacy They want to make sure others do not know what they are They want to make sure others do not know what they are doing or transmitting. Some people prefer anonymity. In a doing or transmitting. Some people prefer anonymity. In a higher education environment, faculty and student reserve the higher education environment, faculty and student reserve the right to privacy.right to privacy.

Non-repudiationNon-repudiation Reverse protectionReverse protection

AdministrationAdministration Billing and accounting, maintenance of Call Data Records Billing and accounting, maintenance of Call Data Records (CDRS)(CDRS)

Audit-trailAudit-trail Do not shred documents – Enron!Do not shred documents – Enron!

SIP Security Framework

SIP Security Mechanisms

End-to-end mechanisms Basic authentication Digest authentication Message body encryption using S/MIME

Hop-by-hop mechanisms TLS IPSec The SIPS USI schema


25

Protocol Stacks for SIP Security


26

DTLS = Datagram Transport Layer Security. DTLS protocol is based on the stream-oriented TLS protocol and is intended to provide similar security guarantees

SCTP = Stream Control Transmission ProtocolSCTP is message-oriented like UDP and ensures reliable, in-sequence transport of messages with congestion control like TCP

Performance Analysis


27

Performance Analysis (cont.)


28

Performance Analysis (cont.)


29

SIP’s HTTP Digest Authentication


30

Real-time Transport Protocol RTP is an application level protocol for delivering real-time data

(e.g., audio and video) over the network.

RTP consists of two parts: data and control. Data part is called RTP and used for end-to-end delivery of real-time

data. Control part is called Real-time Transport Control Protocol (RTCP) and its

usage is to monitor the data delivery and to provide minimal control and identification functionality.

Usage of dynamic UDP Ports causes problems with firewalls and NAT

Uses end-to-end connection

No Quality of Service (QoS)


31

Secure RTP (SRTP)

Specification in RFC 3711 (2004)

Secure VoIP communication, e.g. WLAN, public Hotspot

Alternative to IPSec based VPN communication

Designed for Real-Time-Transmission

Symmetric data encryption with AES

All provided features (such as encryption and authentication) are optional and can be separately enabled or disabled


32

Security Functionality of SRTP

Encryption of VoIP to avoid tapping

Authentication of Sender avoids identity- spoofing

Integrity checks to avoid unauthorized changes

Anti-replay functionality to avoid unauthorized access


33

Skype

Skype uses only standard cryptographic primitives:

AES block cipher

RSA public-key cryptosystem

The ISO 9796-2 signature padding scheme

SHA-1 hash function

RC4 stream cipher.


34

Skype Security Policy

Skype usernames unique

Users or applications must present Skype username and authentication credential (e.g., password) before exercise username’s identity or privileges

Each peer correctly provides the other with proof of username and privileges whenever Skype session is established. Each verifies other’s proof before session allowed carry messages (e.g., voice, video, files, or text)

Messages transmitted through Skype session are encrypted from Skype-end to Skype-end. No intermediary node has access to meaning of messages


35

Questions?


Documents

Lecture 8 SIP Security Asst.Prof. Supakorn Kungpisdan, Ph.D. [email protected]