Security Mechanisms and Key Refresh for P2PSIP Overlays

1. draft-birkos-p2psip-security-key-refresh-00 Konstantinos Birkos University of Patras, Greece kmpirkos@ece.upatras.gr IETF 77, Anaheim, USA Security Mechanisms and Key Refresh for P2PSIP Overlays

2. Outline • Security Challenges in P2PSIP Overlays • Message Encryption • Key Refresh Mechanism • Key Refresh supervised by super peers • Key Refresh handled by peers • Future directions

3. Security Challenges in P2PSIP Overlays • Protect the structure of the overlay • Attacks can lead in partitioned/partially connected overlays • Protect overlay routing • Attackers can drop, delay or forward the requests to wrong destinations • Protect stored items in the DHT • Unauthorized access to resources can be used to reduce availability • Protect SIP signalling • Attackers can eavesdrop on the exchanged messages or alter their content

4. Message Encryption • Certain RELOAD messages carry crucial information that could be exploited by attackers that could target at the structure of the P2PSIP overlay • A general principle: Peers should not by any means be able to obtain global knowledge of the logical topology-at least during the period they are members of the overlay

5. Message Encryption (2)‏ • General Encryption Rules Define what security credentials should be used for the encryption of the bodies of certain message types

6. Key Refresh Mechanism • Delivers fresh keying material to the participating peers • Serves two distinct purposes • Limits the vulnerability period in case an attacker retrieves a peer's private key • Limits the amount of time available for cryptanalysis • Peers periodically produce new PPK pairs and new certificates are created and signed in order to bind peers' new public keys with their identity

7. Key Refresh Mechanism (2)‏ • Key Refresh supervised by Super Peers • Two levels of hierarchy Peers < Super Peers • Super peers are higher-level trusted peers that initiate the refresh process and sign certificates • A super peer periodically checks the certificates of the peers in its jurisdiction and sends a RefreshReq message to the owner of the certificate which is about to expire • The refreshed peer (RP) generates a new PPK pair and sends the new pair to the super peer via a RefreshAns message • The super peer signs the certificate, stores a copy of it in the DHT and sends another copy to RP • RP informs its neighbors about the refreshed credentials

8. Key Refresh Mechanism (3)‏ • MSC of the refresh process supervised by super peers

9. Key Refresh Mechanism (4)‏ • Key Refresh handled by peers • The new certificates are signed by the peers • Before RP's certificate is about to expire, RP • Generates a new PPK pair • Generates a certificate that binds its new public key to its ID and signs the certificate with its old private key • Stores the certificate in the DHT • Sends the certificate to its neighbors

10. Key Refresh Mechanism (5)‏ • MSC of the refresh process handled by peers

11. Future Directions • Establishment of secure TLS connections between peers with different keys than the shared secret key • IDS suitable for P2PSIP overlays

12. University of Patras & TEI of Mesolonghi, Greece People: Konstantinos Birkos kmpirkos@ece.upatras.gr Christos Papageorgiou xpapageo@ceid.upatras.gr Panagiotis Galiotos pgaliot@upatras.gr Tasos Dagiuklas ntan@teimes.gr Christos Tselios tselios@ece.upatras.gr Stavros Kotsopoulos kotsop@ece.upatras.gr Thank You!