SIP Security

1
SIP Security

• Michael Thomas
• Mat_at_cisco.com

2
Status

• First Cut of Requirements Draft
• draft-thomas-sip-sec-reqt-00.txt
• Will be basis going forward
• Design team being formed
• Should complete soon
• Drafts which can meet all of the requirements
  will not be short term exercise
• Prioritization of requirements needed

3
bis Strawman

• We have enough understanding of the current
  requirements that some prioritization can
  probably be made for bis
• If we are to move bis along, the baseline must be
  fairly uncontroversial, be based on existing
  protocols, and address enough threats so that it
  is acceptable to IESG
• But there is also a strong desire for additional
  mechanisms and support for different
  authentication backends

4
Two Paths

• Choose a limited base set of protections offered
  by bis with the guarantee that we will have a
  standards track SIP security framework
• Were relatively close to coming to consensus
  here
• Existing hop-by-hop crypto and legacy http
  mechanisms
• Resolve future proofing questions
• Open up discussions about what ought to be in bis
  baseline
• No consensus
• Many competing agendas
• Many competing authentication mechanisms

5
My Suggestion

• In order to get bis to move forward soon, we have
  very few options
• If we dont care about moving forward, then an
  endless discussion is probably appropriate
• The only real question is whether an unambitious
  baseline will pass muster
• My sense is that it solves the most serious
  problems that SIP deployments currently face
• Other mechanisms are oriented at enabling
  different authentication deployment scenarios no
  single answer here, so its difficult to pick one
  anyway.

6
The bis Baseline

• Two principle threats
• Various attacks from non call participants
• Theft of service attacks at a remote
  proxy/gateway
• Full Message Crypto Solves 1st Threat
• IPsec, TLS, App layer
• HTTP Digest provides 2nd

7
Transport Options

• IPsec
• Provides keying mechanism
• TCP/SCTP/UDP friendly
• Credential fetching API currently lacking
• TLS
• Provides keying mechanism
• Good credential binding mechanism
• No support for UDP SCTP still being worked on
• App Layer
• Most flexible since it would be SIP-custom
• No keying mechanism
• No off the shelf solution which fits requirements

8
UAC-gtMiddle/UAS

• HTTP Digest currently in Bis
• Widely implemented
• No concept of mutual authentication
• No facility for multiple challenges
• Key distribution undefined
• Hacked on Digest
• Quick and dirty
• - Unproven not widely reviewed by right people
• Side effects questionable
• - Not clear whether benefits fits into the 80/20
  rule
• New SIP-secure
• Should solve these kinds of problems
  systematically
• - Needs to be fully fleshed out