Analysis of SIP security

1
Analysis of SIP security

• Ashwini Sanap (006312787)
• Deepti Agashe (006331234)

2
Agenda

• Introduction
• SIP Entities and messages
• Security Mechanism
• Security Attacks
• Conclusion

3
Introduction

• Session Initiation Protocol (SIP)
• Application Layer Signaling Protocol
• Create, Terminate and Manage Session
• Similar to HTTP (Request/Response)
• SIP Identity (URI)

4
SIP Entities and Messages
5
Security Mechanisms
6
Digest Authentication

• Challenge based Authentication

Encryption not provided
Confidentiality lost
7
Secure MIME

• Multipurpose Internet Mail Extension
• End to End security
• Encrypts MIME body using public key of receiver
• PK Exchanged thru Certificates
• Entity Authentication

8
Transport Layer Security (TLS)

• TCP-gtTLS
• SIPS (Similar to HTTPS)
• SIPS ensures parameters passed securely
• SRTP ensures media is also secured
• SIPSSRTP Protection

9
IPSec

• Network Layer Security
• Hop by Hop
• Creates VPN between sites
• Provides Encryption (DES,IDEA), Authentication
  and Integrity(MD5, SHA)

10
SIP Based network attacks

• Registration Hijacking
• Authenticate originators of requests

11
SIP Based network attacks

• Session Hijacking

12
SIP Based network attacks

• Impersonating a Server

13
SIP Based network attacks

• Tearing Down Sessions

14
SIP Based network attacks

• Other attacks include
• Tampering with Message Bodies
• Denial of Service and Amplification
• Bots and DDOS Attacks

15
Conclusion

• SIP is expected to be the future VoIP protocol of
  choice.
• Use SIP-optimized firewalls, which both support
  use of standards-based security and provide the
  best possible protection where system-wide
  standards-based security is not possible.

16
(No Transcript)