SIP Security
SIP Security
SIP Security
SIP Security
Roadmap
Basics
VoIP Security
24/10/2014
Proliferation of VoIP
Expectations on VoIP
Latency
Jitter
Packet loss
24/10/2014
VoIP signaling
VoIP billing
24/10/2014
Infrastructure Attacks
7 Application
Eavesdropping/Sniffing
Routers and internal switches can look at/export traffic they forward
Disruption
Transport
Network
Data Link
Or send messages that violate the Layer-2 protocols rules, e.g., send messages
> maximum allowed size, sever timing synchronization, ignore fairness rules
Physical
Spoofing
With physical access to a subnetwork, attacker can create their own msg.
SIP Overview
Multimedia conferences
Instant messaging
and so on
24/10/2014
SIP Functionalities
Registration
Call routing
Call redirection
Use SDP (Session Description Protocol) to specify the media parameters (e.g.,
IP address, port number, codec)
SIP Components
Proxy server: relays the signaling messages (and potential voice streams) between
the caller and callee
Registrar server: accept registration from subscribers about their current locations,
and keeps track subscribers whereabouts at location server
10
24/10/2014
SIP Messages
2 Successful 200 OK
12
24/10/2014
SIP Registration
13
14
24/10/2014
Questions ?
15
Authenticity
No one other than the caller(s) and callee(s) should do the following
o
Even know that Alice and Bob have talked over VoIP
Integrity
The call signaling and content have not been tempered with
16
24/10/2014
Availability
17
18
24/10/2014
Integrity
Call tampering
10
24/10/2014
Registration spoofing
Eavesdropping
Obtain names, password and phone numbers (service and information theft)
VoIP fraud
21
Annoyance
Nuisance call
22
11
24/10/2014
23
Assuming the attacker does not know the secret password shared
between the victim SIP phone and the registrar, can attacker still spoof
registration ? YES !
24
12
24/10/2014
The SIP digest does NOT cover the IP address of the SIP phone
The registrar actually uses the source IP address of the packet
containing the REGISTRER message
The attacker could simply replay the legitimate REGISTER message
from different IP address
25
1
5
2
3
4
26
13
24/10/2014
Attacker could terminate any established SIP call by sending fake BYE
message to the SIP phone(s) and/or SIP proxy
SIP proxy requires digest authentication, so it could detect fake
BYE and ignore it
Existing SIP phones however will honor any BYE message with
correct Call-ID
27
There are companies that offer caller ID spoofing service to the public:
http://www.calleridspoofing.info/
28
14
24/10/2014
Certain VoIP calls are charged on a per minute basis: International call,
Service providers rely on accounting and billing for charging their
customers for the serve they provided
Charges for the VoIP services they have chosen and used
NO Charges on the calls they have NOT made
NO Overcharge on the calls they have made
29
It will determine
o (a) how much money the service provider will make;
o (b) how much money the subscriber will pay
Inaccurate or corrupted bill will create disputes between the service
provider and its customers
30
15
24/10/2014
The use public Internet for signaling and billing opens many doors for
attacks
Reference R. Zhang, et al., Billing Attacks on SIP-Based VoIP Systems, in Proceedings of the first USENIX workshop on Offensive Technologies
(WOOT '07).
16
24/10/2014
Callers SIP phone initiates a call by sending an INVITE message to its SIP
server, which tracks the INVITE message for billing and accounting
Attack: an attacker can replay some captured INVITE message and make calls
at others expense
33
When both the caller side and callee side have MITM, the MITMs could control the
hijacked call duration while keeping the caller and callee unaware of the call
This could result in overcharge on calls the VoIP subscriber has actually made
34
17
24/10/2014
The SIP server will think the call is still alive and just count on the time, thereby
prolonging the duration of established calls
This could lead to overcharge on calls the VoIP subscriber has made
Such a delay or drop of the BYE message does not involve any modification of
the BYE message: SIP authentication would not help here
35
18
24/10/2014
INVITE replay
FakeBusy
ByeDelay, ByeDrop
Questions ?
38
19
24/10/2014
Roadmap
Basics
VoIP Security
39
SIP does NOT define its own security mechanism, it reuses existing
security mechanisms for HTTP, SMTP whenever possible
Two building blocks of SIP security mechanisms
Intermediate SIP proxies need to modify and insert SIP message fields:
o Add via field
o Change request URI due to call-redirection
20
24/10/2014
Anti-replay protection
Usually hard-coded in the UAC (SIP phone adaptor)
Uses challenge/response
A valid response contains a Checksum (by default MD5 RFC 2617, extended in
RFC 3310)
Response=F(nonce,
41
42
21
24/10/2014
43
44
22
24/10/2014
45
Suited to securing SIP hosts in a SIP VPN scenario (SIP user agents/proxies) or
between administrative SIP domains
Works for all UDP, TCP and SCTP based SIP signaling
No default cipher suite for IPsec defined in SIP (RFC 3261 does not describe that)
One accepted protocol: Internet Key Exchange (IKE), which provides automated
cryptographic key exchange and management mechanisms and is used to negotiate
security associations (SA) (particularly used in the establishment of VPNs)
23
24/10/2014
RFC 3261 mandates the use of TLS for all SIP compliant servers
PKI includes services and protocols for managing public keys, often through the use of
Certification Authority (CA) and Registration Authority (RA) components (e.g., key
registration, certificate revocation, key selection, trust evaluation)
24
24/10/2014
For authenticating end users and to distribute authenticated identities with an AIB
Defines a generic SIP authentication token by adding an S/MIME body to a SIP message
TLS, HTTP Digest, IPsec with IKE, manually keyed IPSec without IKE, S/MIME
Enables intermediaries to use some of the SIP message header and body when end-to-end
security is applied: logging services for enterprises, firewall traversal, transcoding (tailoring
web pages for varying devices like PDAs, cell phones)
50
25
24/10/2014
What is firewall ?
Packet filter (header=<IP address, port No.,, protocol type>, 5-tuple), application
layer firewall, stateful firewall (maintains connection records and investigate
application data: NOT for a static port)
RTP makes use of dynamic UDP ports (1024-65534): prevent UDP DoS attack
51
Reference J. Halpern, IP Telephony Security in Depth, White Paper, Cysco Systems, 2002
52
26
24/10/2014
SIP-Aware Firewall
53
27
24/10/2014
Reference E. Yardeni, H. Schulzrinne, and G. Ormazabal, Large Scale SIP-aware Application Layer Firewall, Technical Report.
Columbia Univ.
55
56
28
24/10/2014
57
What is NAT ?
Can hide internal network address and enable several endpoints within a LAN
to share the same global IP address
Reduce the protected points of access and simplifies network management
Full cone NAT, restricted cone NAT, port restricted cone, symmetric NAT
Widely used, the need will not be alleviated by IPv6
58
29
24/10/2014
Tunnels between two endpoints that allow for data to be securely transmitted
between the nodes
IPsec ESP tunnel helps to traverse a public domain (the Internet) in a private manner,
although local VPN tunnel (within an intranet) is more secure and faster
Reduces the threat of MIMA, packet sniffers, various voice traffic analysis, but
Causes encryption/decryption latency (Secure Real Time Protocol, MIKEY via AES)
Better scheduling schemes: e.g., give OoS packets higher priority and prior to the
encryption phase
IPsec and NAT incompatibility (UDP encapsulation, RSIP, IPv6 tunnel broker)
59
The system designed for identifying and responding to intrusive events or incidents
Example Systems
SCIDIVE (Reported at DSN 2004 , by Wu et al.)
Sending fake BYE message to only one end-point will leave an orphan RTP stream from
the other end-point
No orphan RTP stream (Happen naturally if both sides hang up at about the same time)
Interactive protocol state machine based IDS (Reported at DSN 2006, By Sengar et al.)
o
Could detect those attacks that do not follow the SIP state machine
60
30
24/10/2014
Questions ?
61
Roadmap
Basics
VoIP Security
62
31
24/10/2014
Open architecture
Real-time constraints
Multiple protocols
Key management issues
Emergency services
63
The end-points (SIP phone) of VoIP could be anywhere, and they can
freely change their location location-independent
Its likely that we will interact with some end-point that has NO prior
established trust at all
32
24/10/2014
The call setup time should not be too long: caller expect to hear ring
tone or voice within seconds after dialing
All these put an upper bound on the total time that all the security
mechanisms in all the SIP proxies, RTP servers and SIP phones can
use
More generally, QoS-critical
Signaling
o
Voice stream
o
RTP, SRTP
Security
o
66
33
24/10/2014
A SIP server may need to serve tens (or even hundreds) of thousands of
subscribers
67
68
34
24/10/2014
VoIP needs to allow unsolicited incoming calls from unknown and untrusted sources
SIP-aware firewall
69
Any exploits of SIP or RTP could compromise the security of SIPaware firewall
How to support such VoIP calls without compromising the firewall
filtering policy ?
Solutions to call setup (excessive latency is not tolerated !): applies to
NAT too
70
35
24/10/2014
Dynamically maps internal, private IP & port with external public IP &
port
71
SIP phones behind NAT will use its private IP for REGISTER, INVITE,
and 200 OK
SIP hones behind NAT will dynamically choose the port number for
receiving the incoming RTP stream and specify it in SDP part of
INVITE or 200 OK messages
72
36
24/10/2014
UPnP (Universal Plug and Play): queries the NAT device, does not work
with cascading NAT
Works with Full Cone, Restricted Cone, and Port Restricted Cone NAT
Does not support TCP (SIP RFC 3261 mandates TCP support)
Relies on a TURN server in the middle of the signaling and media path
Registration hijacking
Call hijacking
MITM attack
74
37
24/10/2014
75
What if some spammer keeps ringing your phone all day long ?
o
76
38
24/10/2014
Before accepts a call, the callees SIP phone (or proxy) asks the caller
some questions that is easy for human to answer but difficult for machine
The proxies of those VoIP subscribers will send RTP streams to the
victims
77
78
39
24/10/2014
79
Questions
40