1 / 43

VoIP Information Security Issues in Voice Over Internet Protocol

VoIP Information Security Issues in Voice Over Internet Protocol. Satya Bhan, Jonathan Clark, Joshua Cuneo, Jorge Mejia. Road Map of Presentation. Introduction and basics Security threats in VoIP Encryption algorithms for VoIP Research and development of VoIP Conclusions. What is VOIP?.

raine
Download Presentation

VoIP Information Security Issues in Voice Over Internet Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. VoIP Information Security Issues in Voice Over Internet Protocol Satya Bhan, Jonathan Clark, Joshua Cuneo, Jorge Mejia

  2. Road Map of Presentation • Introduction and basics • Security threats in VoIP • Encryption algorithms for VoIP • Research and development of VoIP • Conclusions

  3. What is VOIP? • Voice Over Internet Protocol • ARPANET - 1973 • Dramatic rise in popularity • Mobile • Cheap • Accessible • Full of security holes

  4. How VOIP Works • Resolution of IP Address • Analog-digital conversion • Parsed into RTP packets • Sent via UDP protocol • Extraction of data • Analog-digital conversion (8)

  5. How VOIP Works • H.323 Protocol • Umbrella standard • Terminals, gateways, gatekeepers, and multipoint control units (MCUs) (8)

  6. How VOIP Works • SIP Protocol • Location stored in a location server • Proxy server resolves location • Session Description Protocol (SDP) for logistics (8)

  7. Road Map of Presentation • Introduction and basics • Security threats in VoIP • Encryption algorithms for VoIP • Research and development of VoIP • Conclusions

  8. VoIP Security Myth “Security administrators assume that because digitized voice travels in packets, they can simply plug VoIP components into their already secured networks and get a stable and secure voice network” - Walsh, T.J.; Kuhn, D.R

  9. Why are existing protections unusable? • Most firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) rely on deep packet inspection • Encryption adds overheads • Max tolerable packet delay is set to 150 ms

  10. Denial of Service (DOS) • Most harmful attack – effects customers, Quality of Service (QoS), profits etc. “Latency turns traditional security measures into double-edged swords for VoIP” Walsh, T.J.; Kuhn, D.R

  11. Denial of Service – Packet Loss • User Datagram Protocol (UDP) • Fast, Lightweight • Transmission/Order not guaranteed • Small payloads – 10 to 50 bytes • 1% loss – unintelligible • 5% loss - catastrophic, no matter how good the codec

  12. Eavesdropping • Public Switch Telephone Networks (PSTN) • Physical access harder & more detectable • Proprietary protocols • VoIP • Standardized protocols • Readily available tools to monitor network • Ethereal analyzer • Voice over misconfigured Internet telephones (VOMIT)

  13. Eavesdropping • User software available freely for download • Using Cache-poisoning distribute hacked upgrades • Man-in-the-middle attacks • Rogue server with modified configuration files containing the IP addresses of call managers • Victims’ calls are then routed through the attacker’s call manager

  14. Spoofing • Identity management complicated • No physical device • Universal Reference Identification (URI) • Spoofing available on multiple layers (ip, mac) • Spoof caller’s identification • Attacker calls regular phone line • Flash over using 3 way calling, dial next party • First callee’s id or unknown displayed

  15. Theft of Service • Edwin Pena and Robert Moore VoIP fraud • Routed more than ten million calls through unsuspecting companies • Orchestrated a "brute force" attack to identify the prefixes needed to gain access to VoIP networks • Sold VoIP services cheap

  16. Theft of Service • Attackers gain access to VoIP networks • Security vulnerabilities in user’s software • Sniffing user accounts and passwords • Profitable attacks • Toll frauds, identity thefts etc.

  17. Spam over Internet Telephony (SPIT) “where there's a channel, there's a pitchman” Pierce Reid, Qovia VP marketing • Mass advertisements over PSTN complex & costly

  18. Spam over Internet Telephony (SPIT) • VoIP merges IT & PSTN • Easily accessible & cheap • unwanted voice messages will clog voice mail • Spam tools such as blacklists etc useless against SPIT • Session hijacking • Video conferences can be hijacked and advertisements shown instead • Similarly voice conversations disrupted by advertisements

  19. Road Map of Presentation • Introduction and basics • Security threats in VoIP • Encryption algorithms for VoIP • Research and development of VoIP • Conclusions

  20. PGPfone History • Released in 1995 • Never gained popularity due to lack of interest • Broadband was not widespread • Voice over IP was not popular • Intended more for point-to-point modem connections

  21. PGPfone Motivations • Zimmermann believes in a right to privacy provided by the Constitution • Released in response to 1994 Digital Telephony law • “mandated that phone companies install remote wiretapping ports in their central office digital switches” • Says that while warrants were still necessary, a shift in policy could lead to privacy violations • NSA program to monitor without warrants

  22. PGPfone Details • Uses Diffie-Hellman for key generation • Keys generated from random prime numbers • Uses TripleDES, Blowfish, or CAST as ciphers • Symmetric for speed • Run in counter mode • Diffie-Hellman has vulnerability to man-in-the-middle attacks • Solved by using Short Authentication Strings

  23. Secure Real-Time Transfer Protocol • Published in RFC 3711 in March 2004 • Goal to create secure version of Real-Time Transfer Protocol • Ensure confidentiality and integrity of RTP packets • Provides “a framework that permits upgrading” • Allows protocol to upgrade to more secure ciphers in the future

  24. Secure Real-Time Transfer Protocol • Key exchange is entirely defined in the RFC • Uses master key to generate keys • Number of keys generated by one master key is up to the user • Number of packets encrypted by one key can be set • Default cipher is Advanced Encryption Standard (AES) • Runs in counter mode by default • Keyed-Hashing for Message Authentication-Secure Hash Algorithm (HMAC-SHA1) used to ensure message authenticity

  25. ZRTP • Created by Phil Zimmermann • Title of RFC is “Extensions to RTP for Diffie-Hellman Key Agreement for SRTP” • Features: • Similar to PGPfone, but updated to run on top of new standards (RTP, SIP) • Backwards compatible with standard RTP • Does not rely on public key infrastructure (PKI) • Foils man-in-the-middle attacks in similar fashion to PGPfone • Adds “shared secret” for added protection

  26. Zfone • Also written by Phil Zimmermann • Implementation of ZRTP • “Lets you turn your existing VoIP client into a secure phone” • Simply intercepts and filters RTP packets • If Zfone is not running on both sides it will simply revert to standard RTP • GUI to let you know if current call is secure • SDK to license for developers to integrate ZRTP into their applications

  27. Skype • Closed source and closed specification • Tom Berson's security analysis • Was allowed uninhibited access to the code and the engineers • Findings: • Skype uses only standard encryption techniques • All techniques are properly implemented • Uses a central server as public key infrastructure to authenticate messages • No backdoors or malware

  28. Skype Concerns • Closed does not always mean safe • Have to trust Skype when they say their software is secure • Single person, company sponsored analysis • Closed protocol makes it difficult to verify • Small Chinese company claims to have broken protocol • Will release software that connects to Skype network soon

  29. Road Map of Presentation • Introduction and basics • Security threats in VoIP • Encryption algorithms for VoIP • Research and development of VoIP • Conclusions

  30. Research and Development in VoIP Security • VoIP security is still a big question in the service • Many improvements are still possible • Collective effort needed by government, academia, and private companies

  31. The 1st IEEE Workshop on VoIP Management and Security (2006) • Open workshop for researchers from any sector to improve state of security of VoIP • Projects to cover: • Locating SIP users • Monitoring VoIP networks • Intrusion Detection for VoIP

  32. Lightweight Scheme for Locating Users: Goal/Motivation • Group of Georgia Tech Researchers (CoC) • Most important challenge in VoIP:Locate communicating parties via internet in secure and reliable way • Session Initialization Protocol (SIP) users are at risk because this technology is weak to attacks • Mainly, the Integrity of the mapping from SIP to contact address is critical

  33. Is Session Initialization Protocol (SIP) Safe? • Terminal registers its contact address • Address stored in location services • During call initialization, caller finds server in DNS table • Callee’s server query location services for Address (1)

  34. Lightweight Scheme for Locating Users: Proposed Solution • Don’t use registrar services • Let SIP phone sign their own contact address bindings on behalf of their users • Verify identity through public keys • Have modified SIP infrastructure to distribute public keys

  35. Solution Scheme to Interchange Public Keys • Initial Key exchange between 2 users • After the key exchange, communication follows through secure channel • This is only needed once (1)

  36. Monitoring VoIP Networks: Goal/Motivation • Researchers from NEC Japan • Goal: VoIP carriers should identify and separate legal from illegal traffic • Motivation: Stop SPAM over Internet Telephony (SPIT) from using network resources • Result: Prototype implemented to monitor traffic from Skype, SIP phones, Netmeeting

  37. Monitoring VoIP Networks: Proposed Scheme/Prototype • Add time stamp to packets and measure size • Extract statistical data from the flow (I.e. payload) • Verification to check eavesdropping • Compare packet against known threats • Repeat the process and control the flow (2)

  38. Intrusion Detection and Prevention on SIP: Goal/motivation • Researchers from University of Pisa and Switzerland. • Goal: Use the same principles of network intrusion detection to provide security to VoIP networks • Motivation: Threats will move to VoIP • Results: Working prototype using Snort

  39. Intrusion Detection and Prevention on SIP: Prototype Tested successfully against a brute force generator (3)

  40. Road Map of Presentation • Introduction and basics • Security threats in VoIP • Encryption algorithms for VoIP • Research and development of VoIP • Conclusions

  41. Conclusion • Great effort to secure VOIP networks • Leadership efforts by companies and universities • Ideas both old and revolutionary • One solution: encryption • Speed • New, effective algorithms like ZRTP • Technology caught everybody by surprise • Encouraging future for VOIP

  42. References (1) Kong, L., Balasubramaniyan, V.B., and Ahamad, M. "A lightweight scheme for securely and reliably locating SIP users." IEEE Xplore. Georgia Tech Lib., Atlanta, GA. 12 July 2006 <http://ieeexplore.ieee.org/Xplore/guesthome.jsp>. (2) Okabe, T., Kitamura, T., and Shizuno, T. "Statistical traffic identification method based on flow-level behavior for fair VoIP service." IEEE Xplore. Georgia Tech Lib., Atlanta, GA. 12 July 2006 <http://ieeexplore.ieee.org/Xplore/guesthome.jsp>. (3) Niccolini, S. et al. "SIP intrusion detection and prevention: recommendations and prototype implementation." IEEE Xplore. Georgia Tech Lib., Atlanta, GA. 12 July 2006 <http://ieeexplore.ieee.org/Xplore/guesthome.jsp>. (4) Zimmermann, Philip R. PGPfone Owner’s Manual. 8 July 1996. Phil’s Pretty Good Software. 13 July 2006. <ftp://ftp.pgpi.org/pub/pgp/pgpfone/manual/pgpfone10b7.pdf>. (5) Baugher, M., et al. The Secure Real-time Protocol (SRTP). March 2004. The Internet Society. 13 July 2006. <http://tools.ietf.org/html/3711>. (6) ---, et al. ZRTP: Extensions to RTP for Diffie-Hellman Key Agreement for SRTP. 5 March 2006. The Internet Society. 13 July 2006. <http://www.ietf.org/internet-drafts/draft-zimmermann-avt-zrtp-01.txt>. (7) Zfone Home Page. Phil Zimmermann & Associates. LLC 13 July 2006. <http://www.philzimmermann.com/EN/zfone/index.html>. (8) Kuhn, D. Richard, Thomas J. Walsh, Steffen Fries. United States. National Institute of Standards and Technology, Technology Administration, Department of Commerce. Security Considerations for Voice Over IP Systems. Gaithersburg, MD: NIST, 2005.

  43. Questions?

More Related