Analysis of SIP security

Ashwini Sanap (006312787)

Deepti Agashe (006331234)

Agenda

Introduction SIP Entities and messages Security Mechanism Security Attacks Conclusion

Introduction

Session Initiation Protocol (SIP)

Application Layer Signaling Protocol

Create, Terminate and Manage Session

Similar to HTTP (Request/Response)

SIP Identity (URI)

SIP Entities and Messages

Security Mechanisms

SIP Security

Application Layer Transport Layer Network Layer

HTTP Basic Authentication

Secure MIMEHTTP Digest Authentication

TLS IPSec

Digest Authentication

Challenge based AuthenticationEncryption

not provided

Confidentiality lost

Secure MIME

Multipurpose Internet Mail Extension End to End security Encrypts MIME body using public key of

receiver PK Exchanged thru Certificates Entity Authentication

Transport Layer Security (TLS)

TCP->TLS SIPS (Similar to HTTPS) SIPS ensures parameters passed

securely SRTP ensures media is also secured SIPS+SRTP = Protection

IPSec

Network Layer Security Hop by Hop Creates VPN between sites Provides Encryption (DES,IDEA), Authentication and

Integrity(MD5, SHA)

SIP Based network attacks

Registration Hijacking Authenticate originators of requests

SIP Based network attacks

Session Hijacking

SIP Based network attacks

Impersonating a Server

SIP Based network attacks :

Tearing Down Sessions

SIP Based network attacks :

Other attacks include :

Tampering with Message Bodies

Denial of Service and Amplification

Bots and DDOS Attacks

Conclusion

SIP is expected to be the future VoIP protocol of choice.

Use SIP-optimized firewalls, which both support use of standards-based security and provide the best possible protection where system-wide standards-based security is not possible.