Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. An Overview of SIP Security Dr. Samir Chatterjee Network Convergence Lab Claremont Graduate University sip:samir.chatterjee@cgu.edu
  2. 2. Agenda <ul><li>SIP for Video conferencing </li></ul><ul><li>Security Problems </li></ul><ul><li>Authentication in SIP </li></ul><ul><li>End-to-End Security (S/MIME) </li></ul><ul><li>Hop-by-Hop Security (SIPS, TLS) </li></ul><ul><li>Traversing NATs/Firewalls </li></ul>
  3. 3. SIP (The IETF Standard) <ul><li>Session Initiation Protocol is a signaling standard from IETF for real-time multimedia session establishment. </li></ul><ul><li>Sessions can be voice, video or instant messaging and is described by SDP. </li></ul><ul><li>Basic components: </li></ul><ul><ul><li>User Agent (UA): works on behalf of users to set up calls </li></ul></ul><ul><ul><li>Proxy Servers (PS): keeps track of location of end-points </li></ul></ul><ul><ul><li>Registrar: Each UA registers to inform current location and preferred reachability information </li></ul></ul><ul><li>SIP messages are ASCII text messages that are human readable. </li></ul>
  4. 4. SIP Operation Sip:samir@cgu.edu Cgu.edu Proxy/registrar Unc.edu Proxy/registrar Sip:alice@unc.edu LS LS REGISTER sip:registrar.cgu.edu SIP/2.0 Via: SIP/2.0/UDP samirspc.cgu.edu:5060;branch=z9hG4bKnashds7 Max-Forwards: 70 To: Samir <sip:samir@cgu.edu> From: Samir <sip:samir@cgu.edu>;tag=456248 Call-ID: 843817637684230@998sdasdh09 CSeq: 1826 REGISTER Contact: <sip:samir@> Expires: 7200 Content-Length: 0 INVITE sip:Samir@cgu.edu SIP/2.0 Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 Max-Forwards: 70 To: Samir <sip:samir@cgu.edu> From: Alice <sip:alice@unc.edu>;tag=1928301774 Call-ID: a84b4c76e66710 CSeq: 314159 INVITE Contact: <sip:alice@pc33.unc.edu> Content-Type: application/sdp Content-Length: 142
  5. 5. Security on the Internet <ul><li>Internet is open </li></ul><ul><ul><li>Anyone with Internet access may attack anyone else </li></ul></ul><ul><ul><li>Increasing complexity and programmability leads to lots of bugs that can be exploited </li></ul></ul><ul><ul><li>Packets can be dumped (or snooped) anywhere in the middle of the packet path </li></ul></ul><ul><li>What are you trying to secure? </li></ul><ul><ul><li>Authenticate – make sure you are connected to the correct person </li></ul></ul><ul><ul><li>Privacy – no one else should hear/see media </li></ul></ul><ul><ul><li>Integrity – No one should be able to change or manipulate packets that are legitimate </li></ul></ul><ul><ul><li>Availability – subject to Denial of Service attacks </li></ul></ul>
  6. 6. SIP Security Mechanisms <ul><li>End-to-end mechanisms </li></ul><ul><ul><li>Basic authentication </li></ul></ul><ul><ul><li>Digest authentication (similar to HTTP digest) </li></ul></ul><ul><ul><li>Message body encryption using S/MIME </li></ul></ul><ul><li>Hop-by-hop mechanisms </li></ul><ul><ul><li>Transport Layer Security (TLS) </li></ul></ul><ul><ul><li>IP Security (IPSec) </li></ul></ul><ul><ul><li>The SIPS URI schema </li></ul></ul>
  7. 7. SIP Authentication SIP Client SIP Server REQUEST CHALLENGE Generate the Nonce value Nonce, realm Compute response = F(nonce, Username, password, realm) REQUEST Nonce, realm, Username, response Authenticate: compute F(nonce, username, password, realm) And compare with response F= MD5
  8. 8. SIP uses what is available today <ul><li>Privacy </li></ul><ul><ul><li>prevents unauthorized people from inspecting both signaling and media </li></ul></ul><ul><ul><li>Can be solved using encryption </li></ul></ul><ul><ul><li>Problems: encryption computationally expensive, need key exchange mechanisms, no PKI in place </li></ul></ul><ul><li>Protocol security is only a piece of the big picture; security of a system can be compromised by naïve implementation or poor administration </li></ul><ul><li>Security of a single protocol does not help; all participating protocols have to be made secured </li></ul>
  9. 9. Hop-by-Hop Mechanisms <ul><li>Requires belief in transitive trust </li></ul><ul><li>Immense computational stress on servers if public key is used </li></ul><ul><li>Can deal with firewalls/NATs </li></ul><ul><li>May cover entire signaling </li></ul><ul><li>Mechanisms: Ipsec, TLS </li></ul><ul><li>SIPS URI invokes hop-by-hop security </li></ul>
  10. 10. S/MIME <ul><li>Secure Multipurpose Internet Mail Extension is a security enhancement to the MIME Internet email format standard, based on technology from RSA Data security. </li></ul><ul><li>RFC 822 defined mail formats: header and body. Header uses From, To, Subject, Date followed by text (body). </li></ul><ul><li>MIME provides new header field that provide information about the body of the message: content formats and transfer encoding </li></ul><ul><li>Five header field are defined in MIME: MIME version, Content-type, Content-Transfer-Encoding, Content-ID, Content Description </li></ul>
  11. 11. S/MIME Capability <ul><li>Enveloped data : This consists of encrypted content of any type and encrypted-content encryption keys for one or more recipients </li></ul><ul><li>Signed data : A digital signature is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer. The content plus signature are then encoded with base64 encoding. </li></ul><ul><li>Clear signed data : similar to above except that only the signed digest is encoded in base64. Content is sent in the clear. </li></ul><ul><li>Signed and enveloped data : signed-only and encrypted-only data may be nested. </li></ul><ul><li>Cryptographic algorithms : supports SHA-1, Digital Signature Standard (DSS), Diffie-Hellman key exchange, RSA encryption. Collectively it is a package pkcs7-mime. </li></ul>
  12. 12. Using S/MIME in SIP <ul><li>SIP messages carry MIME bodies. So one can encrypt them using S/MIME. However certain SIP intermediaries need to view and process certain headers in between. </li></ul><ul><li>S/MIME certificates </li></ul><ul><ul><li>These certs are used to identify end-users rather than servers. </li></ul></ul><ul><ul><li>Certificates asserts that the holder is identified by an end-user address ( [email_address] ) user’s address of record. </li></ul></ul><ul><ul><li>These certificates can be stored within UA on a virtual keyring. </li></ul></ul><ul><li>S/MIME key exchange </li></ul><ul><ul><li>Whenever the CMS SignedData message is used in S/MIME for SIP, it must contain the certificate bearing the public key necessary to verify the signature. </li></ul></ul><ul><ul><li>UAC initiating S/MIME should structure the body as ‘multipart/signed’. </li></ul></ul>
  13. 13. Traversing Firewalls/NATs <ul><li>Voice and Video over IP provides dynamic ports and addresses. Most firewalls use a static port-based rules to admit/deny traffic. </li></ul><ul><li>FW solutions </li></ul><ul><ul><li>Use FW ALGs </li></ul></ul><ul><ul><li>Use Firewall Control Protocol (FCP) developed by Midcom </li></ul></ul><ul><li>NATs – conserve IP address space by allowing transparent private/public addressing and reuse </li></ul><ul><ul><li>Problems:session-address indicated in signaling(SDP, addres-of-record) do not match NATed address. </li></ul></ul><ul><ul><li>Solutions – get rid of NAT (IPV6), run ALGs, or use STUN. </li></ul></ul>