Paper Menu >>
Journal Menu >>
Communication and Network, 2010, 2, 69-72 doi:10.4236/cn.2010.21011 Published Online February 2010 (http://www.scirp.org/journal/cn) Copyright © 2010 SciRes CN 69 Proposed Model for SIP Security Enhancement Munir B. Sayyad1, Abhik Chatterjee2, S. L. Nalbalwar3 1Technology Innovation Center Reliance Communication, Maharashtra, India 2Electronics Engineerin g of Lok ma nya Tilak College of Engineering, Mumbai University Maharashtra, India 3Department of Electronics and Telecommunication, Dr. Babasaheb Ambedkar Technological University, Maharashtra, India E-mail: powerabhik@yahoo.com.in, nalbalwar_sanjayan@yahoo.com Received October 24, 2009; accepted November 12, 2009 Abstract: This paper aims to examine the various methods of protecting and securing a SIP architecture and also propose a new model to enhance SIP security in certain selected, specific and confidential environments as this proposed method cannot be generalized. Several security measures and techniques have already been experimented with, proposed and implemented by several authors as SIP security is an issue of utmost impor- tance in today’s world. This paper however, aims to summarize some of the better known techniques and propose a unique method of its own. It also aims to mathematically represent SIP fitness values graphically as well via a simulation using the popular Fuzz Data Generation Algorithm. Thus this paper not only aims to contribute to the already vast field of SIP security in an effective manner but also aims to acknowledge and represent some of the fail proof methods and encryption techniques that have helped in making SIP a more secure and less wobbly n e twork for all of us to function in. Keywords: SIP, SoS, VoIP 1. Introduction Session Initiation Protocol (SIP) is the Internet Engi- neering Task Force (IETF) standard for IP Telephony which is making huge inroads into the Voice-Over-IP (VoIP) market, previously domineered by implementa- tions which stuck to the rather difficult H.323 ITU-T Internet Telephony standard [4]. The apparent reality is that Voice and Data services are being quickly shifted from the legacy network to the IPbased network. The standardization of SIP helped to realize the call control function. SIP is the present as well the future of commercial communication systems. SIP is the present a s well the future of commercial communication systems. Many carriers and providers are extensively adopting it; therefore SIP security has become a topic of high impor- tance and priority [5]. With VoIP, voice can now be trans- ported on a traditional IP data network, making use of the vast resources of the Internet and thus drastically lowering the cost of operation. However in the recent past, VoIP services have been plagued and hampered by numerous security threats and issues. With Internet being the primary carrier, VoIP networks are exposed to threats and dangers that an IP data network faces e.g., IP spoofing, denial of service (DoS) etc. [5]. SIP has become the ef fective standa rd for VoIP services. It is described as “an application layer control protocol that can establish, modify and terminate multimedia ses- sions (conferences) such as Internet telephony calls”. It is an ASCII/text based request-response based protocol that works on a client server mode. 2. Security in Sip SIP security is an issue of pri me im portance. Basically we can broadly classify the attacks on any type of system into two categories [2]: Passive Attacks: This threatens the confidentiality of the data/signal being transmitted. Active Attacks: This threatens the integrity or availability of the data/signal being transmitted. The feasibility of a passiv e network primarily depends on the physical transm i ssion medi a in use and i ts p hysical accessibility for any intruder. Fortunately enough, the use of switching technologies makes it harder and more dif- ficult for an attacker to passively attack a signal segment. Now in an active attack, more often than not, the intruder manipulates the domain name system (DNS) to place himself bet wee n the sender and recipi ent of a message. In this situation, the intrud er acts as a man-in-the-mid dle. A very common form of attack is to spoof signals/messages on anothe r (or nonexistent) user’s behalf. These two types of attacks can most probably encom- pass all the different types of attacks and fo rced attempts within their broadly diversified branches. The following diagram will give a clearer picture of a SIP security M. B. SAYYAD ET AL. Copyright © 2010 SciRes CN 70 Figure 1. Protocol architecture Figure 2. SIP security breakup breakup. Authentication and maintaining the integrity of data/ signaling is a matter of the highest priority. It is also im- portant to monitor the access control and the availability of information because it will prevent malformation and spoofing of dat a . We will now define a structure which will include all the important points mentioned above which are of pri- mary importance. Authentication, integrity, confidential- ity, non-re pudiation, access control and avai lability form a framework upon which the others will be derived. Authentication is the property by which the correct identity of an entity, such as a user or a terminal, or the originality of a message that has been transmitted, is es- tablished with a required assurance. Authentication can basically be divided into two classes, which are peer entity authentication and data origin authentication. Peer entity authentication assures that the commun icating parties are who they claim to be. Data origin authentication assures that a message has come from a legitimate and authenticated source. Au- thentication is typically needed to provide safety against masquerading as well as modification. Integrity means the avoidance of unauthorized modi- fication of information. Integrity is an important security service that proves that transmitted data has not been tampered with. Authenticating the communicating parties is not enough if the system cannot guarantee that a mes- sage has not been altered during transmission. Confidentiality is the avoidance of the disclosure of information without the p ermission of its owner. Secrecy and privacy are terms synonymous to confidentiality. Confidentiality may be ensured with enciph erment of the messages. Non_Repudiation is the property by which one of the entities or parties in a communication cannot deny having participated in the whole or part of the communication. Non-repudiation prevents an entity from denying some- thing that actually happened. Access Control is the denial of unauthorized use of a resource. Access control is closely related to authentica- tion, which gives the ability to limit and control access to network systems and applications. Availability means the accessibility of systems and information by authorized users. It is closely related to authentication and access control. An authenticated entity must have access to a system and on the other hand un- authorized entity must not prevent the usability of the system (Denial of service attacks). 3. Some Security Protocols and Applications for Sip 1) Encryption is a mechanism to secure information so that only receiver can use it. In encryption, a cleartext message or plaintext is hidden by using cryptographic techniques, the resulting message is known as ciphertext. The receiver recovers the original plaintext by decrypting the ciphertext. A key is a mathematical value that modern crypto- graphic algorithms make use of when encrypting or de- crypting a message. Cryptographic techniques are not only used to provide confidentiality, but also other ser- vices, like authentication, integrity and non-repudiation may be provided. Cryptographic techniques are typically divided into two generic types: symmetric key and asymmetric key techniques. a) Symmetric Encryption means that the key can be calculated from the decry ption key and vice versa. In m ost cases both keys are the same one and the mechanism is called secret key or single ke y encryption. The security in symmetric key encryption rests in the key, which must be agreed before any communication. As long as the com- M. B. SAYYAD ET AL. Copyright © 2010 SciRes CN 71 munication needs to rem ain secret, the key must be secret, divulging the key means that anyone could encrypt and decrypt the messages. The Data Encryption Standard (DES) is currently the most widely used symmetric encryption scheme. DE S is a symmetric block cipher that processes 64-bit blocks of plaintext producing 64-bit blocks of cipher text The key length is 64 bits, but since every eighth bit (8, 16, . . . , 64) is a parity bit for error detection, the effective key length is 56 bits. b) Asymmetric Encryption also called public-key encryption, the key used for encryption is different from the key used fo r decryptio n and the decryptio n key cannot be calculated from the encrypti on key. The encryption key may be publ ished, s o that anyone could us e the encrypti on key to encrypt the message, but only the receiver with the corresponding decryption key can decrypt the message. So the encryption key is also called the public key and the decryption key is called private key. The RSA algorithm is perhaps the most popular pub- lic-key algorithm. It was invented by Ron Rivest, Adi Shamir and Leonard Adleman in 1977. RSA can be used for encryption / decryption, providing digital signatures and key exchange. decrypt the message. The Diffie-Hellman algorithm was the first ever pub- lic-key algorithm, invented in 1976 by Whitfield Diffie and Martin Hellman. The algorithm can be used for key exchange but not for encryption/decryption, thus the al- gorithm is typically used for exchanging the secret keys. 2) Message-Digest Algorithms are compact “distil- late” or “fingerpr ints” of your message or file checksum. A message-digest algorithm takes a variable length mes- sage as input a nd pro duces a f ixed len gth di gest as outp ut. This fixed length output is called the message digest, a digest or a hash of the message. The digest, which is typically shorter than the original message, acts as a fin- gerprint of the inputted message. The message digest verifies your message and makes it possible to detect any changes made to the message by a forger. 4. Novel Proposed Method to Enhance Sip Security in Specific Confidential Sectors: TOUCH ME NOT In some secure and confidential sectors such as the army (for e.g.) data and signaling leakage is highly volatile and potentiall y very da ngerous. In such cases signal ta pping is neither lawful nor desirable. Thus a new security archi- tecture termed TOUCH ME NOT is being proposed in- order to avoid signal tapping. This proposed model is currently under test and development. Its source code has been written in Tu rbo C++. The testing activity has been carried out using freely available evaluation copies of several popular SIP soft phone clients. Since our testing activity is not complete, we have not informed the ven- dors about our produced results. Hence, in this paper we Figure 3. TOUCH ME NOT architecture Figure 4. N vs deviation factor are refraining from using client names. In this process, there will be present a main security master which will be consisting of a continuous key jumbler whose task will be to rando mly jumble and reas- sign key values in order to prevent key cracking by an intruder. The security master will also be consisting of a list of predefined attack cycles and algorithms so that it can detect and reco gnize the m ost com m on and di f ficul t ty pes of attacks if any. M. B. SAYYAD ET AL. Copyright © 2010 SciRes CN 72 The entire signaling route from the sender to th e sender to the receiver will be divided into several checkpoints. If the attacker attempts to access or tap the signal at any point, on or between the checkpoints, a pre programmed delay generator which may be an exe file will appear as a non removable pop up, displaying random gibberish values or a blank screen. This will act a cover for the signal to self destruct, in other words the signal will be auto terminated at that point and a signal informing the sender and receiver of the interception or attempted attack on the sent signal will reach the sender as well as the receiver in due time. This will prevent the signal from being tapped with, examined or malformed. This method cannot however be general- ized in all sectors as tapping is lawful in several govern- ment as well as private sectors. 5. Fuzz Data Generation We are already aware of the Fuzz Data Generation Algo- rithm. Fuzz testing or fuzzing is a software testing tech- nique used to find implementation defects using mal- formed or semi malformed input data [1]. We have to define a set of parameters that contribute to the overall fitness value of a given data. All these parameters need not always be used: a subset of them can be used de- pending on the input population and the application being fuzzed. They can be for e.g. Native size, Native type, Parent’s Fitness etc. [1] The challenge will be to define more and more criterion to define a fitness value. The more the value of N, the better the fitness value. This can be verified from the graph given below as well as the set of relations provided [1]. Let N be the n umber of param eters chose n to contrib ute to the fitness value. Calculate the deviation factor DF+1/N (We can also calculate a weighted DF, i f some of the parameters need t o be given more weight compared to the others). Calculate the deviation contribution DC=A*DF, for each parameter, where A is the deviation percentage. Calculate total deviation contribu tion TDC=SUM(DC) for all N. Final Fitness Value F= Ceiling [TDC*10] 6. Conclusions Thus we have analyzed some of the methods which make SIP a more secure network. The proposed TOUCH ME NOT architecture is an effective way to prevent illegal tapping in selected confidential setups. Fuzzing data generation along with the simulation can be used to de- termine fitness values. Th ese steps will hopefully help in making SIP a stronger and a more secure network. REFERENCES [1] IEEE Paper: A SIP Security Testing Framework: Hemanth Srinivasan and Kamil Sarac. [2] Applied Cryptography-Second Edition-Protocols, algo- rithms and Source code in C: Bruce Scheneier. [3] SIP Tutorial: Daniel-Constantin Mierla. [4] IEEE Paper: SIP Security Issues: The SIP Authentication Procedure and its Processing Load: Stefano Salsano, Luca Veltri, Donald Papalilo. [5] IEEE Paper: Security Challenges for Peer-to-Peer SIP: Jan Seedorf. |