SIP Security Mechanisms Through a secure Software Engineering approach Prajwalan Karanjit

Slides:



Advertisements
Similar presentations
Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Advertisements

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Internet Protocol Security (IP Sec)
Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation
Information-Centric Networks09c-1 Week 9 / Paper 3 VoCCN: Voice Over Content-Centric Networks –V. Jacobson, D. K. Smetters, N. H. Briggs, M. F. Plass,
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
An Overview of SIP Security Dr. Samir Chatterjee Network Convergence Lab Claremont Graduate University
1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)
September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
© 2006 Solegy LLC Internal Use Only Getting Connected with SIP Encryption _______________________________ By Eric Hernaez Solegy LLC May 16, 2007.
1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
SIP Security Matt Hsu.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
1 Wireless LAN Security Presented by Vikrant Karan.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
SIP Greg Nelson Duc Pham. SIP Introduction Application-layer (signaling) control protocol for initiating a session among users Application-layer (signaling)
SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Session Initiation Protocol (SIP). Features of SIP SIP is a lightweight, transport-independent, text-based protocol. SIP has the following features: SIP.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
UC Security with Microsoft Office Communication Server R1/R2 FRHACK Sept 8, 2009 Abhijeet Hatekar Vulnerability Research Engineer.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.
Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
SIP Security BY, Vivek Nemarugommula. vulnerabilities Registration Hijacking.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Chapter 21 Distributed System Security Copyright © 2008.
Presented By Team Netgeeks SIP Session Initiation Protocol.
Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.
Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
MWIF Confidential MWIF-Arch Security Task Force Task 5: Security for Signaling July 11, 2001 Baba, Shinichi Ready for MWIF Kansas.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Ingredients of Security
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
SIP Security Issues : The SIP Authentication Procedure and its Processing Load Speaker: Lin-Yi Wu Advisor : Prof. Yi-Bing Lin Date : 2003/04/09.
2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.
The Session Initiation Protocol - SIP
1 End-to-middle Security in SIP Kumiko Ono NTT Corporation March 1, 2004 draft-ietf-sipping-e2m-sec-reqs-01.txt draft-ono-sipping-end2middle-security-01.txt.
Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )
K. Salah1 Security Protocols in the Internet IPSec.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Securing Access to Data Using IPsec Josh Jones Cosc352.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Cryptography CSS 329 Lecture 13:SSL.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
End-to-middle Security in SIP
Cryptography and Network Security
Cryptography and Network Security
Cryptography and Network Security
Presentation transcript:

SIP Security Mechanisms Through a secure Software Engineering approach Prajwalan Karanjit

Agenda Introduction Security Issues during phases of SDLC – Requirements Engineering – System Design – Implementation – Testing Open Issues

Introduction SIP  Session Management Protocol, Signalling/Call Control Protocol Many Applications: – VoIP, Distributed Classroom, Virtual Meeting, Shared Whiteboard, Publish/Subscribe based applications etc... Vulnerable to several attacks – Attacks on confidentiality/secrecy (sniffing, traffic analysis) – Attacks on integrity (message tampering, hijack REGISTER) – Attacks on authenticity (spoofing) – Attacks on availability (message fabrication, replay, false proxy ) Countermeasures – TLS/SSL, S/MIME, Digest Authentication, IPSec, and many others...

Introduction But, is just considering countermeasures enough ? – No, Not at all – A systematic and disciplined approach of development – Security aspects need to considered in all phases of Software Development Life Cycle (SDLC) SQUARE (Security Quality Requirements Engineering) UMLSec – Safety critical systems require Spiral Model R. Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, – What about other models ? Waterfall, Agile Development Methods, eXtreme Programming  Software Engineering

Boehm Spiral Model Requirements Engineering System Design Implementation (Coding) System Testing and Customer Review

Requirements Engineering What could an end user expect ? – Call should be established with right callee – Media will remain confidential throughout the path – Third party should not be able to see who is calling whom – Caller is charged correctly – It is possible to make calls when caller wants Security goals – Maintain confidentiality (Encryption) – Integrity protection ( MAC ) – DoS protection ( Deal with replay,... ) – Entities involved are authenticated ( Both caller and callee )

Requirements Engineering Attacks and their impact  Risk ThreatImpact Sniffing the signal messagesLoss of privacy Sniffing the mediaLoss of privacy Message tampering (Impersonating, Hijack REGISTER ) DoS, Loss of Integrity, Incorrect Billing, Unauthorized Access ReplayDoS, Incorrect Billing Spam REGISTER and INVITEDoS Fabricated MessagesDoS, Incorrect Billing, Unauthorized Access Tearing down session (e.g. BYE attack, CANCEL attack) DoS, Incorrect Billing

Requirements Engineering Prioritize the Requirements RequirementPriority Level Connection to correct calleeHigh Proper billingHigh Connection availabilityHigh Signal ProctectionHigh Caller and callee identity protectionHigh / Medium ??? Call QualityMedium Media ProtectionMedium

System Design Several security mechanisms  Which one to go for ? Its important to analyze the tradeoffs associated with each countermeasure – Lets analyze now xyz.com abc.com Trudy

Digest Authentication Authenticating Client – No Encryption  No confidentiality – No guarantee of successful client authenticity  Use Identity Header(RFC 4474) Digest Authentication UA and Proxy Authentication * Source of Picture: Sawda, S., Urien, P.: SIP Security Attacks and Solutions: A state-of-the-art review. IEEE Network, (2006)

Identity Header First Step : Digest Authentication Second Step : From To Call ID Date Cseq Contact SHA - 1 RSA Signature Base 64 Identity Private Key of Proxy INVITE SIP 2.0 From:... To:... Call-ID :... Cseq:... Contact:... Date:... Identity: ”IUSY89KJ%)(HASD=” Identity-Info: ;alg=rsa- sha1 Content-Type:....

TLS/DTLS Provides confidentiality as well as integrity Integrated key management Hop by Hop  Intermediate proxies must be trusted If all the links do not use TLS/DTLS then security may be compromised – ”sips:” URI is used to indicate that TLS must be used. TLS  TCP, DTLS  UDP If signalling is also done over UDP  Only DTLS may be sufficient Using DTLS (without RTP) for media may result into high network overhead PKI Problem

S/MIME Encrypt the MIME body with public key of receiver Provides both confidentiality and integrity Entity authentication Public key of receiver  Obtained through X.509 certificate (signed by trusted CA ) Additional overhead due to PKI All the headers cannot be encrypted  Request URI, Via, Record-Route, To, From, Cseq, Call ID – OR, encrypt all the headers along with body and their hash over header and body + attach unencrypted header End to End

IPSec Network layer security, so protects both TCP and UDP Confidentiality, Integrity, Entity Authentication Integrated Key Management Transparent to application But it is also based on PKI  Deployment challenges – SAD, Administrative Rights, Support by all OS Hop by Hop It seems like application will have to depend on the platform Chang, C., Lu, Y.F., Pang, A.C., Kuo, T.W..: Design and Implementation of SIP Security. LNCS, vol. 3391, pp Springer, Heidelberg (2005)

Secure RTP Basically RTP based media protection Confidentiality  AES in key stream mode Integrity  HMAC-SHA-1 Replay based DoS  Sequence Numbers Low network overhead Key Management Issue – Have to depend on additional SIP signal + TLS or S/MIME – ZRTP  key agreement protocol which performs Diffie-Hellman key exchange for SRTP, No need of PKI, SAS (Short Authentication String) What if media is not RTP ?

So Which one to go with ? Digest + Identity ... S/MIME  PKI problem IPSec  Deployment issues + PKI problem TLS  Trusted Proxies and all intermediate proxis must support it SRTP  Key Distribution issues and supports only RTP DTLS  TLS problems + network overhead if RTP is not used. RequirementSolution Connection to correct calleeTLS/DTLS, S/MIME, IPSec Proper billingDigest, TLS/DTLS, S/MIME, IPSec Connection availability??? Signal ProctectionTLS/DTLS, S/MIME, IPSec Caller and callee identity protectionDigest, TLS/DTLS, S/MIME, IPSec Call Quality??? Media ProtectionDTLS, SRTP, IPSec

Implementation Configuration of different servers such as DNS, Proxies etc... Developing custom proxies, UAs – JAIN SIP + JAIN SDP from Sun Microsystems and NIST – SIP Servlet – SIP API for J2ME from Sun Microsystems and Nokia – As per recent documentation, none provides API support for above security mechanisms  Different API needed – Open SSL  Strictly C based with Unix libraries Java and.NET based API Visual C++ (Win 32 and MFC) – Write Responsible codes

SIP Security Testing Should at least focus on security requirements identified in Requirements Engineering phase Should be performed by sending malformed SIP requests, Sending a lot of authenticated and unauthenticated requests Check of TLS or S/MIME or DTLS or SRTP support Check if deprecated technologies are used RTP or media tampering Buffer overflow and SQL Injection  ???

SIP Security Testing Tools: – SIPp: A free Open Source test tool / traffic generator for the SIP protocol. – PROTOS SIP Fuzzer: - Tool that sends a set of malformed SIP messages. – SiVuS: A SIP Vulnerability Scanner that scans for SIP targets and attacks them – SIPNess: A basic tool to construct, send or receive SIP messages – SIPBomber: A sip-protocol [RFC3261] testing tool – SFTF: A SIP Forum test framework to evaluate and report the security and robustness of a SIP user agent

Open Issues Denial of Service Attacks – Against UA, Proxies – Flooding  Set threshold for each user in the proxy How to know that proxy is authorized for a particular domain – Attribute Certificate – Existing X.509 fields ?? Will the method described in this paper really result into a secure SIP based product ?

Summary SIP is highly vulnerable to several attacks Security Mechanims are there, but each of them have their own tradeoffs – Mainly implementation issues and practical problems Security should be considered through all the phases of SDLC – From Requirements Engineering to Testing