Security Issues in Iceberg Call Setup - PowerPoint PPT Presentation

About This Presentation
Title:

Security Issues in Iceberg Call Setup

Description:

Steps 3,4: Pref-Reg access. Step 3 (request) requirements: ... Need to ensure that CA1 has indeed gone through the pref-reg. This ensures callee control ... – PowerPoint PPT presentation

Number of Views:16
Avg rating:3.0/5.0
Slides: 11
Provided by: bhas2
Category:

less

Transcript and Presenter's Notes

Title: Security Issues in Iceberg Call Setup


1
Security Issues in Iceberg Call Setup
  • Bhaskaran Raman
  • EECS, U.C.Berkeley
  • Iceberg Retreat, Jan 2000

2
Review Steps in Call Setup
Callee User2
Naming Server NS
1
2
5
6
3
Call Agent CA1
Call Agent CA2
IAP1
IAP2
4
Caller User1
Preference Registry PR2
Not Shown APC Service Clearing House PAC
1,2 Naming Service lookup 3,4 Preference
Registry access 5,6 Call Establishment
3
Issues
  • What are the authentication and encryption
    requirements in each step?
  • How to meet the security requirements?
  • What is the key infrastructure required for
    cryptography?
  • NOTE Concentrate on authentication issues
    encryption can be done after secure key exchange

4
Steps 1,2 Naming Service lookup
  • Naming service is a distributed hierarchical
    service
  • Step 1 (request) requirements
  • Design decision NS stores only public
    information
  • Request need not be authenticated
  • Step 2 (reply) requirements
  • needs to be authenticated
  • Solutions Assume a PKI (trusted CA, like
    Verisign)

5
Steps 3,4 Pref-Reg access
  • Step 3 (request) requirements
  • Question What to authenticate in the request?
  • Answer Authenticate caller-id
  • To prevent caller spoofing
  • Step 4 (reply) requirements
  • Reply from PR2 (Step 4) needs to be authenticated

6
Steps 3,4 Pref-Reg access
  • Step 3 authentication
  • CA1 has to present a certificate proving it as a
    valid CA of user1
  • Certificate issued by PR1
  • When? At the time user1 subscribed to CA1s
    services
  • Step 4 authentication
  • Authenticate reply using public key of PR2
  • Use NS (in steps 1,2) to obtain the public key of
    PR2

7
Steps 5,6 Call Setup
  • Step 5 requirements
  • What to authenticate?
  • Need to ensure that CA1 has indeed gone through
    the pref-reg
  • This ensures callee control
  • Step 6 requirements
  • Authenticate CA2 as being the one you were
    redirected to by PR2

8
Steps 5,6 Call Setup
  • Authenticating in Step 5
  • Have PR2 issue ticket in step 4
  • Ticket presented to CA2
  • Ticket is one-time use, has expiration time
  • This also provides a mechanism for ensuring
    callee privacy
  • Real callee end-point identity can be hidden in
    the ticket
  • Authenticating in Step 6
  • Use key from PR2 in step 4

9
Optimizations
  • All the mechanisms could involve
  • multiple round-trips
  • asymmetric key operations
  • Several steps can be cached
  • Naming lookup info
  • Authentication info of common callers at PR2
  • Authentication info of common callees at CA1

10
Further Issues
  • Privacy concerns with PAC
  • Security model for CHs and billing (look out for
    the CH talk)
  • Dealing with dynamically chosen CAs
  • e.g. for roaming users
  • Preventing traffic analysis attacks
  • can be very hard
  • Denial of service attacks?
Write a Comment
User Comments (0)
About PowerShow.com