Voice over IP (VoIP) security

Introduction

• Voice over IP and IP telephony• Network convergence

– Telephone and IT– PoE (Power over Ethernet)

• Mobility and Roaming• Telco

– Switched -> Packet (IP)– Closed world -> Open world

• Security and privacy– IPhreakers – VoIP vs 3G

Architecture: protocols

• Signaling– User location– Session

• Setup• Negotiation• Modification• Closing• Transport

– Encoding, transport, etc.

Architecture: protocols

• SIP– IETF - 5060/5061 (TLS) - “HTTP-like, all in one” – Proprietary extensions– Protocol becoming an architecture– “End-to-end” (between IP PBX)

• Inter-AS MPLS VPNs• Transitive trust

– IM extensions (SIMPLE)• H.323

– Protocol family– H.235 (security), Q.931+H.245 (management), RTP, CODECs, etc.– ASN.1

Architecture: protocols

• RTP (Real Time Protocol)– 5004/udp – RTCP– No QoS/bandwidth management– Packet reordering– CODECs

• old: G.711 (PSTN/POTS - 64Kb/s)• current: G.729 (8Kb/s)

Architecture: systems

• Systems– SIP Proxy– Call Manager/IP PBX

• User management and reporting (HTTP, etc)– H.323: GK (GateKeeper)– Authentication server (Radius)– Billing servers (CDR/billing)– DNS, TFTP, DHCP servers

Architecture: systems

• Voice Gateway (IP-PSTN)– Gateway Control Protocols– Signaling: SS7 interface

• Media Gateway Controller– Controls the MG (Megaco/H.248)– SIP interface

• Signaling Gateway– Interface between MGC and SS7– SCTP - ISUP, Q.931

– Transport• Media Gateway: audio conversion

Architecture: firewall/VPN

• Firewall– “Non-stateful” filtering– “Stateful” filtering– Application layer filtering (ALGs)– NAT / “firewall piercing”

• (H.323 : 2xTCP, 4x dynamic UDP - 1719,1720)• (SIP : 5060/udp)

• Encrypted VPN– SSL/TLS– IPsec – Where to encrypt (LAN-LAN, phone-phone, etc)?

VOIP Threats

• Denial of Service– ICMP Flood– IP Spoofing – Port Scans – Land Attack– IP Source Route

• Evasdropping or recording– In VOIP eavesdropping is a type of an attack, if an attacker able to eavesdropp a

communication. Then he can launch different type of an attack like Man in the Middle attack etc.

• Call Hijacking and Spoofing• Call Redirection• Voice SPAM (Vishing, Mailbox Stuffing, Unsolicited Calling)• Voicemail Hacking

VOIP Attacks

• Signaling Layer Attacks– SIP Registration Hijacking– Impersonating a Server– SIP Message Modification– SIP Cancel / SIP BYE attack– SIP DOS attack

• Media Layer Attacks– Eavesdropping– RTP insertion attack

• SSRC collision attacks

Signaling Layer Attacks

• SIP Registration attack• Attacker impersonates a valid UA to a registrar himself as a valid user

agent. So attacker can recieve calls for a legitmate user.• Impersonating a Server

• When an attacker impersonates a remote server and user agent request are served by the attacker machine.

• SIP Message Modification• If an attacker launches a man in the middle attack and modify a message.

Then attacker could lead the caller to connect to malicious system.• SIP CANCEL / SIP BYE• SIP Denial of Service

• In SIP attacker creates a bogus request that contained a fake IP address and Via field in the SIP header contains the identity of the target host.

Media Layer Attacks

• Eavesdropping• SSRC collision

• If an attacker eavesdropp the conversation and uses one’s peer SSRC to send RTP packet to other peer, it causes to terminate a session.

Security Solutions

• Two types of security solutions• End-to-End security

• In SIP end points can ensure end-to-end security to those messages which proxy does not read, like SDP messages could be protectedusing S/MIME.

• Media is transferred directly, so end-to-end security is achieved by SRTP.

• Hop-by-hop security• TLS, IPSec• TLS provide transport layer security over TCP. Normally SIP URI is in

the form of sip:abc@example.com, but if we are using TLS then SIP URI will be sips:abc@example.com and signaling must be send encrypted.

Authentication

• Authentication means to identify a person.• If we take SIP as signaling protocol in VOIP, it defines two mechanisms

for authentication• HTTP digest authentication• S/MIME

• HTTP Digest Authentication• HTTP digests mechanisms used between users to proxies, users

to users but not between proxies to proxies.• S/MIME

• S/MIME uses X.509 certificates to authenticate end users in the same way that web browsers use them.

Media Encryption

• In VOIP media is send directly between users using RTP. Encryption of media is achieved by– IPSec– Secure RTP (SRTP)

• It provides a framework for encryption and message authentication of RTP and RTCP.

• Cipher Algorithum: AES• Authenitcation is an optional feature.• SRTP uses Security Description for Media Streams (SDES) algorithum to negotiate

session keys in SDP.

– MIKKEY• Mikkey provides its own authentication and integrity mechanisim.• Mikkey messages carried in a SDP with a=key-mgmt attritbute.

There are Specialized Hacking Tools

• SIPScan - enumerate SIP interfaces• TFTPBrute - TFTP directory attacking• UDP and RTP Flooder - DoS tools• hping2 – TCP session flooding• Registration Hijacker - tool to take over H.323 session• SIVUS - SIP authentication and registration auditor• Vomit - RTP Playback• VOIP HOPPER – IP Phone mimicing tool• Dsniff - various utilitarian tools (macof and arpspoof)• Wireshark (Ethereal) / tcpdump - packet capture and protocol analysis

Thanks You