1 / 11

P2P SIP Names & Security

P2P SIP Names & Security. Cullen Jennings fluffy@cisco.com. Security Trade Offs. Certain other features, or convenience of operation, make users willing to accept reduced security Better than nothing principle

juliamaxwell
Download Presentation

P2P SIP Names & Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. P2P SIPNames & Security Cullen Jennings fluffy@cisco.com

  2. Security Trade Offs • Certain other features, or convenience of operation, make users willing to accept reduced security • Better than nothing principle • Certain ideas that work in small groups of friends completely fail before they meet any size that would be considered “successful”

  3. Threat Models • No idea what to put here - will need work • Run in my home? • Run on the internet? • Protect from neighbor? from me? wireless to front yard? • Protect what? • Used for playing games and no one cares if works? • Used by emergency workers? • Skype claims to have surprisingly strong security? Is it P2P? • What are the devices? • What is the information they exchange? • Who might be able to intercept/tamper with it? • How much would users or attackers care?

  4. Security Concerns • Who am I talking to • When people want to talk to me, do they reach me • Can other people listen to my call • Can people discover who I call and when • Do I know who is calling me • Can I call someone without revealing who I am • Denial of service • Who can cancel my name • Do I know I am talking to same person as previous call • SPAM SPAM SPAMSPAM SPAMSPAM SPAM SPAM SPAM SPAM SPAM

  5. Names • Some properties a namespace might have: • Names are unique • Can know who is authorized to use a name • Don’t require a central registry • Delegation of portions of namespace • Size of namespace • Free/Cheap in the monetary sense • Pick any few :-)

  6. Names, Routes & Translation • What is a name: • An identifier that some object asserts that it goes by. The name is persistent over some time span. • Ex: email address, telephone number, “number” in DHT • What is a routable address: • An address that is routable in the context of a particular network element. • Ex: IP address • What is a translation: • lookup from name to another name or routable address • Ex: DHT

  7. Example Namespaces • DNS • unique, central, delegated, cheap • authorization via web certs • Email addresses • sub delegation of DNS • IP Addresses • unique (mostly), admin delegate + DHCP • E.164 Telephone numbers • unique, non central, delegated, not cheap • authorization hard • somewhat limited size

  8. P2P Names & Translation • Self assigned identifiers as names • Can “ask” if they are unique • Can’t “guarantee” that they are unique • Translation • all examples here translate to IP • A few approaches • Translation with DHT • Translation with broadcast table • Security Properties • Bad: identity, integrity, privacy, DoS, name stealing, Spam • Good: uh, ah, not much • Other properties • Good: operations and management

  9. P2P as a DNS Replacement (Hint: I suspect this is not a good idea) • There are some use cases when DNS is not reachable • Many of these cases can be solved with local discovery approaches • Ex: (multicast, zeroconf, rendezvous, SrvLoc)

  10. The BAD news • So far, no way to simultaneously achieve both: • no central name authority • stop names from being stolen by other users • This will somewhat constrain the security properties of various solutions

  11. The GOOD newsGot lemons, Make lemonade • Anonymous Communications • Anonymous communications can be anonymous • SIP has not practically solved how to deploy media and signaling Anonymization • Distributed media relay • P2P style distributed media relays do not require names principle

More Related