Security Issues in Iceberg Call Setup

1
Security Issues in Iceberg Call Setup

• Bhaskaran Raman
• EECS, U.C.Berkeley
• Iceberg Retreat, Jan 2000

2
Review Steps in Call Setup
Callee User2
Naming Server NS
1
2
5
6
3
Call Agent CA1
Call Agent CA2
IAP1
IAP2
4
Caller User1
Preference Registry PR2
Not Shown APC Service Clearing House PAC
1,2 Naming Service lookup 3,4 Preference
Registry access 5,6 Call Establishment
3
Issues

• What are the authentication and encryption
  requirements in each step?
• How to meet the security requirements?
• What is the key infrastructure required for
  cryptography?
• NOTE Concentrate on authentication issues
  encryption can be done after secure key exchange

4
Steps 1,2 Naming Service lookup

• Naming service is a distributed hierarchical
  service
• Step 1 (request) requirements
• Design decision NS stores only public
  information
• Request need not be authenticated
• Step 2 (reply) requirements
• needs to be authenticated
• Solutions Assume a PKI (trusted CA, like
  Verisign)

5
Steps 3,4 Pref-Reg access

• Step 3 (request) requirements
• Question What to authenticate in the request?
• Answer Authenticate caller-id
• To prevent caller spoofing
• Step 4 (reply) requirements
• Reply from PR2 (Step 4) needs to be authenticated

6
Steps 3,4 Pref-Reg access

• Step 3 authentication
• CA1 has to present a certificate proving it as a
  valid CA of user1
• Certificate issued by PR1
• When? At the time user1 subscribed to CA1s
  services
• Step 4 authentication
• Authenticate reply using public key of PR2
• Use NS (in steps 1,2) to obtain the public key of
  PR2

7
Steps 5,6 Call Setup

• Step 5 requirements
• What to authenticate?
• Need to ensure that CA1 has indeed gone through
  the pref-reg
• This ensures callee control
• Step 6 requirements
• Authenticate CA2 as being the one you were
  redirected to by PR2

8
Steps 5,6 Call Setup

• Authenticating in Step 5
• Have PR2 issue ticket in step 4
• Ticket presented to CA2
• Ticket is one-time use, has expiration time
• This also provides a mechanism for ensuring
  callee privacy
• Real callee end-point identity can be hidden in
  the ticket
• Authenticating in Step 6
• Use key from PR2 in step 4

9
Optimizations

• All the mechanisms could involve
• multiple round-trips
• asymmetric key operations
• Several steps can be cached
• Naming lookup info
• Authentication info of common callers at PR2
• Authentication info of common callees at CA1

10
Further Issues

• Privacy concerns with PAC
• Security model for CHs and billing (look out for
  the CH talk)
• Dealing with dynamically chosen CAs
• e.g. for roaming users
• Preventing traffic analysis attacks
• can be very hard
• Denial of service attacks?