dtls-srtp handling in sip b2buas
DESCRIPTION
DTLS-SRTP Handling in SIP B2BUAsTRANSCRIPT
DTLS-SRTP Handling in SIP B2BUAs
draft-ram-straw-b2bua-dtls-srtp
IETF-91Hawaii, Nov 12, 2014
Presenter: Tirumaleswar Reddy
Authors: Ram Mohan, Tirumaleswar Reddy, Gonzalo Salgueiro, Victor Pascual
1
Agenda
B2BUA modes and possible MITM attacks
2
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
3
Legitimate Media Relay
Media Forwards packets without inspection or
modification Only modifies the L3 and L4 headers
Signaling It MUST forward the received certificate
fingerprint without any modifications
4
Malicious Media Relay
Media Forwards packets with inspection or
modification
Signaling Modifies the certificate fingerprint and
signals its own fingerprint
5
Possible Mitigation
Mandate authenticated identity management in SIP (draft-ietf-stir-rfc4474bis)
signed-identity-digest carries the signed hash of certificate fingerprint
Mandate Identity headers to be present
6
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA here just changes UDP/IP header and does not modify payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com atlanta.com
1. Alice calls Bob
Authenticated identity management
Alice
Alice’sProxy SIP Cloud
bob
Alice’s B2BUA
(Back-to-Back User
Agent)
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
8
Legitimate Media Aware
Media Modifies the RTP header
Signaling Terminates the DTLS connection and
acts as a DTLS proxy- Changes the certificate fingerprint
and signals its own fingerprint- Decrypts and re-encrypts the payload
9
Malicious Media Aware
Media Inspects or modifies the payload.
10
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA changes the RTP header
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com atlanta.com
1. Alice calls Bob
B2BUA in the same administrative domain
Alice
Alice’sProxy SIP Cloud
bob
Alice’s B2BUA
(Back-to-Back User
Agent)
Possible mitigations
Option 1> SRTP for cloud services (draft-cheng-srtp-cloud-00) proposes a mechanism where confidentiality and message authentication is independent of the RTP header
Option 2> Trust the B2BUA
12
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA changes the RTP header
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com ISP
1. Alice calls Bob
B2BUA in different administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
Possible mitigation
SRTP for cloud services (draft-cheng-srtp-cloud-00) proposes a mechanism where confidentiality and message authentication is independent of the RTP header
14
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
15
Media Terminator
Media terminator modifies the payload
Terminates the DTLS connection, acts as a DTLS proxy- Changes the certificate fingerprint
and signals its own fingerprint- Decrypts and re-encrypts the
payload 16
Possible attacks
Breaks end-to-end security.
17
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA modifies the payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.comISP
1. Alice calls Bob
B2BUA in same administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
Possible mitigations
Clients can be configured to maintain the B2BUA server's certificate fingerprints. This way the client is aware that B2BUA is playing the role of a media-proxy.
19
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA modifies the payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com ISP
1. Alice calls Bob
B2BUA in different administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
Possible mitigations
Discourage media terminator mode.
21
Next Steps
22
DTLS-SRTP Handling in SIP B2BUAs
Backup
23
B2BUA Modes
Media Relay- Only changes UDP/IP header-
e.g.: topology hiding, privacyMedia Aware
- relay which can change RTP/RTCP headers- e.g.: monitors RTCP for QoS, mux/demuxes RTP/RTCP on same 5-tupleMedia Terminator
- Transcoders, Conference Servers
24