Escolar Documentos
Profissional Documentos
Cultura Documentos
Columbia University
VoIP Security
November 5, 2008
Discussion Topics
Overviews
SIP
Authentication
Authentication mechanisms
TLS Overview
HTTP digest, S/MIME
Issues with SIP authentication mechanisms
SIP: Overview
SIP is an application layer protocol
Text-based
Based on a request-response model
End users negotiate stream details using SDP
All clients register with a registrar server for a domain
Main Functions
Invite users to sessions
Find the users current location, match with their capabilities and
preferences
in order to deliver invitation
Carry opaque session descriptions
Modification of sessions
Termination of sessions
SIP: Authentication
How do we define authentication?
Identifying an object
Knowing that the identity of an object is same as what the object claims
REGISTER
INVITE
Re-INVITE
BYE
Mechanisms
HTTP digest authentication (RFC 3261)
Basic authentication (deprecated, will not be discussed)
Transport layer mechanism
Using S/MIME for authentication
Some possible attacks in the absence of SIP
authentication
Replay Attacks
Simple
Registration Hijacking
Request Spoofing
INVITE
BYE
CANCEL
SIP Digest Authentication
Both ends use the same shared secret key.
The key is used to encrypt certain information
such as the users password.
Originated from HTTP, and is often called
HTTP digest.
RFC 3261 describes how digest authentication
is applied to SIP.
Digest Authentication Mechanism
Server receives INVITE request
Server sends a PAR response containing a realm,
algorithm and a nonce value (among other fields)
Realm is the associated domain
Client can vary the input to this hash rather than let the server
choose it
Server must include it in response
Nonce-count: server maintains its own copy of this count
200 OK
SIP INVITE with DIGEST Authentication
UA Proxy Server UA
INVITE <<user1@domain1>> (without credentials)
ACK
100 Trying
public keys
Negotiation of shared private session key
established
Secure SIP using sips
SIPS is a low cost means of encryption.
It specifies TLS (transport layer security) over
TCP
Not subject to tear down attacks
Same technology used for SSL. A SIPS call will fail
rather than complete insecurely.
Example - <sips: alice@atlanta.com>
Using S/MIME for authentication
RFC 3261
Replication of all header fields inside a MIME part.
Problems with this proposal
SIP header fields might get altered by
intermediate SIP entities.
Using S/MIME
Problems with RFC 3261 S/MIME proposal (contd.)
Makes it difficult for recipients to identify the
legal or malicious changes.
SIP messages can be large in size,
causes overhead for processing and
transporting of messages
S/MIME
Public keys difficult to distribute and maintain
Summary
Overview of SIP and Authentication
HTTP digest authentication
Overview of TLS
Secure SIP using sips
Using S/MIME for authentication
Issues with SIP authentication mechanisms
Information Sources
RFC 3261(2002)
Conference, 2001
(www.jdrosen.net/papers/devconfw2001_proxies.ppt)
Stephen Kingham, SIP workshop, Tokyo, 2005
(www.apan.net/meetings/tokyo2006/presentation/sip-DNS-Authentication-
Peering-SRK1.ppt)
Qi Qiu,Study of Digest Authentication for SIP
(www.site.uottawa.ca/~bob/gradstudents/DigestAuthenticationReport.pdf)