ebook img

SIP Security PDF

343 Pages·2009·15.274 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview SIP Security

SIP SECURITY SIP Security Dorgham Sisalem ,John Floroiu, Jiri Kuthan, Ulrich Abend and Henning Schulzrinne © 2009 John Wiley & Sons, Ltd. ISBN: 978-0-470-51636-2 SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne A John Wiley and Sons, Ltd., Publication Thiseditionfirstpublished2009 ©2009,JohnWiley&SonsLtd., Registeredoffice JohnWiley&SonsLtd,TheAtrium,SouthernGate,Chichester,WestSussex,PO198SQ,UnitedKingdom For details of our global editorial offices, for customer services and for information about how to apply for permissiontoreusethecopyrightmaterialinthisbookpleaseseeourwebsiteatwww.wiley.com. The right of the author to be identified as the author of this work has been asserted in accordance with the Copyright,DesignsandPatentsAct1988. Allrightsreserved.Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmitted,in anyformorbyanymeans,electronic,mechanical,photocopying,recordingorotherwise,exceptaspermittedby theUKCopyright,DesignsandPatentsAct1988,withoutthepriorpermissionofthepublisher. Wileyalsopublishesitsbooks inavarietyofelectronic formats.Somecontentthatappearsinprintmaynotbe availableinelectronicbooks. Designations usedby companies todistinguish theirproducts are often claimedas trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of theirrespectiveowners.Thepublisherisnotassociatedwithanyproductorvendormentionedinthisbook.This publicationisdesignedtoprovideaccurateandauthoritativeinformationinregardtothesubjectmattercovered. Itissoldontheunderstandingthatthepublisherisnotengagedinrenderingprofessionalservices.Ifprofessional adviceorotherexpertassistanceisrequired,theservicesofacompetentprofessionalshouldbesought. LibraryofCongressCataloging-in-PublicationData: SIPsecurity/DorghamSisalem... [etal.]. p.cm. Includesbibliographicalreferencesandindex. ISBN978-0-470-51636-2(cloth) 1. Computernetworks–Securitymeasures.2. SessionInitiationProtocol(Computernetworkprotocol) I.Sisalem,Dorgham. TK5105.59.S5642009 005.8–dc22 2008053852 AcataloguerecordforthisbookisavailablefromtheBritishLibrary. ISBN 978-0-470-51636-2(H/B) Typesetin10/12ptTimesbyLaserwordsPrivateLimited,Chennai,India. PrintedandboundinGreatBritainbyAntonyRowe,Chippenham,UK. Contents Foreword xi About the Authors xiii Acknowledgment xv 1 Introduction 1 2 Introduction to Cryptographic Mechanisms 5 2.1 Cryptographic Algorithms 6 2.1.1 Symmetric KeyCryptography 6 2.1.2 Public KeyCryptography 11 2.1.3 Key-lessCryptographic Functions 20 2.2 Secure Channel Establishment 21 2.2.1 IP LayerSecurity 22 2.2.2 Application LayerSecurity 28 2.3 Authentication in 3GPP Networks 32 2.3.1 AKA Authentication Vectors 35 2.3.2 AKA Mutual Authentication 37 2.3.3 AKA Resynchronization 37 2.4 Security Mechanisms Threats and Vulnerabilities 38 3 Introduction to SIP 43 3.1 What is SIP, Why Should we Bother About it and What are Competing Technologies? 44 3.2 SIP: the Common Scenarios 46 3.3 Introduction to SIP Operation: the SIP Trapezoid 49 3.4 SIP Components 51 3.4.1 UserAgent 51 3.4.2 Registrar 53 3.4.3 RedirectServer 55 3.4.4 Proxy 55 3.4.5 Real-worldServers 58 3.5 Addressing in SIP 60 vi Contents 3.6 SIP Message Elements 62 3.6.1 Whoare youCalling? 63 3.6.2 Whois Calling You? 63 3.6.3 How toRoute SIP Traffic 66 3.6.4 EvenMore Header-fields 67 3.6.5 SIP Message Body 67 3.6.6 SIP Methods 68 3.7 SIP Dialogs and Transactions 68 3.8 SIP Request Routing 73 3.8.1 UserLocation Routing 74 3.8.2 User-provisionedRouting 74 3.8.3 ENUM:Public Phone NumberDirectory 75 3.8.4 InterdomainRouting: DNS 75 3.8.5 Routing Tables 76 3.9 Authentication, Authorization, Accounting 76 3.9.1 UserAuthentication inSIP 77 3.9.2 Authorization Policies 83 3.9.3 Accounting 86 3.10 SIP and Middleboxes 86 3.11 Other Parts of the SIP Eco-system 89 3.12 SIP Protocol Design and Lessons Learned 89 4 Introduction to IMS 93 4.1 SIP in IMS 93 4.1.1 Quality ofService Control 94 4.1.2 Support for Roaming 94 4.1.3 Security 95 4.1.4 EfficientResource Usage 95 4.2 General Architecture 98 4.2.1 Subscriber andUser Equipment 99 4.2.2 Signaling Components 102 4.2.3 InterworkingComponents 106 4.2.4 QoS-relatedComponents 109 4.2.5 Application and ServiceProvisioning-related Components 111 4.2.6 Database-relatedComponents 111 4.3 Session Control and Establishment in IMS 112 4.3.1 UE Registration in IMS 112 4.3.2 Session Establishment inIMS 114 5 Secure Access and Interworking in IMS 123 5.1 Access Security in IMS 123 5.1.1 IMSAKA AccessSecurity 123 5.1.2 Access-bundledAuthentication 133 5.1.3 HTTPDigest-based AccessSecurity 136 5.1.4 Authentication Mechanism Selection 140 5.2 Network Security in IMS 141 Contents vii 6 User Identity in SIP 145 6.1 Identity Theft 145 6.2 Identity Authentication using S/MIME 147 6.2.1 Providing Encryptionwith S/MIME 148 6.2.2 Providing Integrity and Authentication withS/MIME 150 6.3 Identity Authentication in Trusted Environments 150 6.4 Strong Authenticated Identity 153 6.5 Identity Theft Despite Strong Identity 158 6.6 User Privacy and Anonymity 161 6.6.1 User-providedPrivacy 162 6.6.2 Network-providedPrivacy 163 6.7 Subscription Theft 165 6.8 Fraud and SIP 168 6.8.1 Theftof SIP Services 169 7 Media Security 173 7.1 The Real-time Transport Protocol 174 7.2 Secure RTP 175 7.2.1 TheSRTP Cryptographic Context 177 7.2.2 TheSRTP PayloadStructure 179 7.2.3 SequenceNumbering 181 7.2.4 TheKey DerivationProcedure 181 7.2.5 TheSRTP Interactionwith ForwardError Correction 183 7.3 Key Exchange 184 7.3.1 SDP Security Descriptions for MediaStreams 187 7.3.2 Multimedia InternetKeying 191 7.3.3 ZRTP 202 7.3.4 DTLS-SRTP 214 7.3.5 TheCapability Negotiation Framework 219 7.3.6 Summary 221 8 Denial-of-service Attacks on VoIP and IMS Services 225 8.1 Introduction 225 8.2 General Classification of Denial-of-service Attacks 229 8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services 230 8.4 Bandwidth Depletion Attacks 233 8.5 Memory Depletion Attacks 234 8.5.1 GeneralMemoryDepletion Attacks 234 8.5.2 MemoryDepletion Attackson SIP Services 235 8.6 CPU Depletion Attacks 243 8.6.1 Message parsing 244 8.6.2 Security checks 245 8.6.3 Application execution 245 8.7 Misuse Attacks 246 8.7.1 TCP/IPProtocol Deviation Attacks 246 8.7.2 Buffer OverflowAttacks 247 viii Contents 8.7.3 SIP Protocol Misuse Attacks 247 8.8 Distributed Denial-of-service Attacks 250 8.8.1 DDoSAttackswith Botnets 251 8.8.2 IP-basedAmplification Attacks 253 8.8.3 DNS-basedAmplification Attacks 254 8.8.4 Loop-basedAmplification Attacks onSIP Services 255 8.8.5 Forking-basedAmplification Attackson SIP Services 257 8.8.6 Reflection-basedAmplification Attackson SIP Services 257 8.9 Unintentional Attacks 258 8.9.1 Flash Crowds 258 8.9.2 Implementationand Configuration Mistakes 259 8.10 Address Resolution-related Attacks 259 8.10.1 DNSServersSecurity Threats 261 8.10.2 Effectsof DNSAttacks 262 8.10.3 Countermeasures and General Protection Mechanisms for DNS Services 262 8.10.4 DNS-relatedAttacks onSIP Services 263 8.10.5 ProtectingSIP Proxiesfrom DNS-basedAttacks 265 8.11 Attacking the VoIP Subscriber Database 265 8.11.1 Web-basedAttackson the Subscriber Database 266 8.11.2 SIP-basedAttackson the Subscriber Database 269 8.12 Denial-of-service Attacks in IMS Networks 270 8.12.1 Bandwidth DepletionAttacks 271 8.12.2 MemoryDepletion Attacks 271 8.12.3 CPUDepletion Attacks 273 8.12.4 ProtocolMisuse Attacks 274 8.12.5 Web-basedAttacks 274 8.13 DoS Detection and Protection Mechanisms 274 8.14 Detection of DoS Attacks 274 8.14.1 Signature-basedDoS Detection 275 8.14.2 Anomaly-basedDDoSDetection 275 8.15 Reacting to DoS Attacks 278 8.15.1 DynamicFiltering 278 8.15.2 Rate Limiting 278 8.15.3 IP Traceback 279 8.16 Preventing DoS Attacks 280 8.16.1 AccessControl 280 8.16.2 MemoryProtection 283 8.16.3 ArchitecturalConsideration 285 8.17 DDoS Signature Specification 289 8.17.1 Fuzzing 289 8.17.2 Honeypots 290 9 SPAM over IP Telephony 291 9.1 Introduction 291 9.2 Spam Over SIP: Types and Applicability 292 Contents ix 9.2.1 GeneralTypesof Spam 293 9.3 Why is SIP Good for Spam? 294 9.4 Legal Side of Unsolicited Communication 296 9.4.1 Protectionof Personal Privacy 296 9.4.2 Protectionof Property 297 9.4.3 LegalAspectsof Prohibition of Unsolicited Communication by ServiceProviders 298 9.4.4 Effectivenessof LegalAction 299 9.5 Fighting Unsolicited Communication 299 9.5.1 Antispam MeasuresBasedon Identity 300 9.5.2 ContentAnalysis 306 9.5.3 Collaborative Filtering 307 9.5.4 InteractiveAntispam Solutions 307 9.5.5 PreventiveAntispam Methods 312 9.6 General Antispam Framework 314 Bibliography 317 Index 331 Foreword In recent years I’ve been working on developing secure VoIP protocols to protect against wiretapping. But I’m not really a VoIP guy. I’m a crypto guy trying to learn about VoIP. And one of the first things I learned about VoIP is the lack of security. Not just security against wiretappers. VoIP can be attacked in so many ways. A call center can be targeted in a distributed denial of service attack. You can get a hundred telemarketing calls a day at home, with the calls originating where labor is cheap, out of reach of domestic laws prohibiting unwanted telemarketing calls. Or criminals can penetrate your PBX and make countless PSTN calls from your phone number, at your expense. And, of course, you can be wiretapped from criminals on the other side of the world. It’s appalling how much worse VoIPis comparedto the PSTN.If these problems aren’tfixed, VoIPis going nowhere. YetVoIPisregardedbymanyasthemanifestdestinyoftelephony,andforgoodreason. It’ssomuchcheaper,itallowssomanyextrafeatures,likevideoteleconferencing,andcan be intelligently managed by computers under your own direct control. It puts the control back in the end user’s hands, reducing the monopolistic power of the phone company. It just feels so right. It’s obviously where telephony will go. How do we reconcile these two opposing trends? Well, clearly the answer is we have tofixVoIPsecurity.Wejusthaveto.ThatmeansalotofengineerswhoworkonVoIPare goingtohavetogetuptospeedonsecurity,andstartthinkinglikesecurityprofessionals. If you want to develop VoIP applications, you need to read books like the one you’re holding. This one covers a lot of the problems and solutions. I looked at the crypto topics first. They do a good job showing the complexity in buildingandmaintainingaPKI.Theycoveranumberofcryptoprotocolsinagreatdetail, including my own ZRTP protocol. Some of these protocols are used outside of VoIP, so thisbookisusefulforthosewhowanttoseehowcryptocanbeusedinotherapplications. It’sanicecryptotutorialinitsownright.Justasasourcebookonanumberofinfluential crypto protocols, it’s useful to have on your bookshelf. And it covers how these can be applied to VoIP. The authors have implemented the well-regarded SIP Express Router, and have run iptel.org, giving them a broad hands-on perspective on implementing SIP applications. After treading the familiar ground of the crypto related topics, I started looking at the restofthebook.TherealstrengthofthisbookliesinthevastpanoramaofattacksonVoIP systems, each described in meticulous detail. With their hands-on experience running a VoIP service, these guys have seen it all. I’ve never seen such an encyclopedic survey of real-world attacks on VoIP systems, exactly how and why the attacks work, and the xii Foreword known countermeasures to those attacks. I noticed that some attacks seemed to have no countermeasures, but at least you will know how they work in detail. In any arms race, the warring parties develop an evolving body of knowledge over time, like the knowledge embedded in the genomes of cheetahs and gazelles that led to them both learning to run so fast. If you attempt to enter the field without the benefit of that hard-earned knowledge, you will become the lunch entree. This book will let you preloadyourarmsracegenometomergeintotheongoingmeleeinmidstream,andmaybe not become lunch. Sadly, so many of your colleagues in the VoIP industry will become digestible protein to the attackers, but you may be saved from that fate by your good fortune in reading this book. Philip Zimmermann Creator ofPGP andZfone Fellow, Stanford Law School Centerfor Internet andSociety

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.