An Overview of SIP Security

1
An Overview of SIP Security

• Dr. Samir Chatterjee
• Network Convergence Lab
• Claremont Graduate University
• sipsamir.chatterjee_at_cgu.edu

2
Agenda

• SIP for Video conferencing
• Security Problems
• Authentication in SIP
• End-to-End Security (S/MIME)
• Hop-by-Hop Security (SIPS, TLS)
• Traversing NATs/Firewalls

3
SIP (The IETF Standard)

• Session Initiation Protocol is a signaling
  standard from IETF for real-time multimedia
  session establishment.
• Sessions can be voice, video or instant messaging
  and is described by SDP.
• Basic components
• User Agent (UA) works on behalf of users to set
  up calls
• Proxy Servers (PS) keeps track of location of
  end-points
• Registrar Each UA registers to inform current
  location and preferred reachability information
• SIP messages are ASCII text messages that are
  human readable.

4
SIP Operation
LS
LS
Cgu.edu Proxy/registrar
Unc.edu Proxy/registrar
Sipalice_at_unc.edu
Sipsamir_at_cgu.edu
REGISTER sipregistrar.cgu.edu SIP/2.0
Via SIP/2.0/UDP samirspc.cgu.edu506
0branchz9hG4bKnashds7 Max-Forwards 70
To Samir ltsipsamir_at_cgu.edugt From
Samir ltsipsamir_at_cgu.edugttag456248
Call-ID 843817637684230_at_998sdasdh09 CSeq
1826 REGISTER Contact ltsipsamir_at_192.0.2.4
gt Expires 7200 Content-Length 0
INVITE sipSamir_at_cgu.edu SIP/2.0 Via SIP/2.0/UDP
pc33.atlanta.combranchz9hG4bKnashds8 Max-Forward
s 70 To Samir ltsipsamir_at_cgu.edugt From Alice
ltsipalice_at_unc.edugttag1928301774 Call-ID
a84b4c76e66710 CSeq 314159 INVITE Contact
ltsipalice_at_pc33.unc.edugt Content-Type
application/sdp Content-Length 142
5
Security on the Internet

• Internet is open
• Anyone with Internet access may attack anyone
  else
• Increasing complexity and programmability leads
  to lots of bugs that can be exploited
• Packets can be dumped (or snooped) anywhere in
  the middle of the packet path
• What are you trying to secure?
• Authenticate make sure you are connected to the
  correct person
• Privacy no one else should hear/see media
• Integrity No one should be able to change or
  manipulate packets that are legitimate
• Availability subject to Denial of Service
  attacks

6
SIP Security Mechanisms

• End-to-end mechanisms
• Basic authentication
• Digest authentication (similar to HTTP digest)
• Message body encryption using S/MIME
• Hop-by-hop mechanisms
• Transport Layer Security (TLS)
• IP Security (IPSec)
• The SIPS URI schema

7
SIP Authentication
SIP Server
SIP Client
REQUEST
Generate the Nonce value
CHALLENGE
Nonce, realm
Compute response F(nonce, Username, password,
realm)
F MD5
REQUEST
Nonce, realm, Username, response
Authenticate compute F(nonce, username,
password, realm) And compare with response
8
SIP uses what is available today

• Privacy
• prevents unauthorized people from inspecting both
  signaling and media
• Can be solved using encryption
• Problems encryption computationally expensive,
  need key exchange mechanisms, no PKI in place
• Protocol security is only a piece of the big
  picture security of a system can be compromised
  by naïve implementation or poor administration
• Security of a single protocol does not help all
  participating protocols have to be made secured

9
Hop-by-Hop Mechanisms

• Requires belief in transitive trust
• Immense computational stress on servers if public
  key is used
• Can deal with firewalls/NATs
• May cover entire signaling
• Mechanisms Ipsec, TLS
• SIPS URI invokes hop-by-hop security

10
S/MIME

• Secure Multipurpose Internet Mail Extension is a
  security enhancement to the MIME Internet email
  format standard, based on technology from RSA
  Data security.
• RFC 822 defined mail formats header and body.
  Header uses From, To, Subject, Date followed by
  text (body).
• MIME provides new header field that provide
  information about the body of the message
  content formats and transfer encoding
• Five header field are defined in MIME MIME
  version, Content-type, Content-Transfer-Encoding,
  Content-ID, Content Description

11
S/MIME Capability

• Enveloped data This consists of encrypted
  content of any type and encrypted-content
  encryption keys for one or more recipients
• Signed data A digital signature is formed by
  taking the message digest of the content to be
  signed and then encrypting that with the private
  key of the signer. The content plus signature are
  then encoded with base64 encoding.
• Clear signed data similar to above except that
  only the signed digest is encoded in base64.
  Content is sent in the clear.
• Signed and enveloped data signed-only and
  encrypted-only data may be nested.
• Cryptographic algorithms supports SHA-1, Digital
  Signature Standard (DSS), Diffie-Hellman key
  exchange, RSA encryption. Collectively it is a
  package pkcs7-mime.

12
Using S/MIME in SIP

• SIP messages carry MIME bodies. So one can
  encrypt them using S/MIME. However certain SIP
  intermediaries need to view and process certain
  headers in between.
• S/MIME certificates
• These certs are used to identify end-users rather
  than servers.
• Certificates asserts that the holder is
  identified by an end-user address
  (bob_at_biloxi.com) users address of record.
• These certificates can be stored within UA on a
  virtual keyring.
• S/MIME key exchange
• Whenever the CMS SignedData message is used in
  S/MIME for SIP, it must contain the certificate
  bearing the public key necessary to verify the
  signature.
• UAC initiating S/MIME should structure the body
  as multipart/signed.

13
Traversing Firewalls/NATs

• Voice and Video over IP provides dynamic ports
  and addresses. Most firewalls use a static
  port-based rules to admit/deny traffic.
• FW solutions
• Use FW ALGs
• Use Firewall Control Protocol (FCP) developed by
  Midcom
• NATs conserve IP address space by allowing
  transparent private/public addressing and reuse
• Problemssession-address indicated in
  signaling(SDP, addres-of-record) do not match
  NATed address.
• Solutions get rid of NAT (IPV6), run ALGs, or
  use STUN.