dtls-srtp handling in sip b2buas draft-ram-straw-b2bua-dtls-srtp ietf-91 hawaii, nov 12, 2014...
TRANSCRIPT
![Page 1: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/1.jpg)
DTLS-SRTP Handling in SIP B2BUAs
draft-ram-straw-b2bua-dtls-srtp
IETF-91Hawaii, Nov 12, 2014
Presenter: Tirumaleswar Reddy
Authors: Ram Mohan, Tirumaleswar Reddy, Gonzalo Salgueiro, Victor Pascual
1
![Page 2: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/2.jpg)
Agenda
B2BUA modes and possible MITM attacks
2
![Page 3: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/3.jpg)
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
3
![Page 4: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/4.jpg)
Legitimate Media Relay
Media Forwards packets without inspection or
modification Only modifies the L3 and L4 headers
Signaling It MUST forward the received certificate
fingerprint without any modifications
4
![Page 5: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/5.jpg)
Malicious Media Relay
Media Forwards packets with inspection or modification
Signaling Modifies the certificate fingerprint and signals its
own fingerprint
5
![Page 6: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/6.jpg)
Possible Mitigation
Mandate authenticated identity management in SIP (draft-ietf-stir-rfc4474bis)
signed-identity-digest carries the signed hash of certificate fingerprint
Mandate Identity headers to be present
6
![Page 7: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/7.jpg)
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA here just changes UDP/IP header and does not modify payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com atlanta.com
1. Alice calls Bob
Authenticated identity management
Alice
Alice’sProxy SIP Cloud
bob
Alice’s B2BUA
(Back-to-Back User
Agent)
![Page 8: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/8.jpg)
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
8
![Page 9: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/9.jpg)
Legitimate Media Aware
Media Modifies the RTP header
Signaling Terminates the DTLS connection and acts as a
DTLS proxy- Changes the certificate fingerprint and
signals its own fingerprint- Decrypts and re-encrypts the payload
9
![Page 10: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/10.jpg)
Malicious Media Aware
Media Inspects or modifies the payload.
10
![Page 11: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/11.jpg)
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA changes the RTP header
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com atlanta.com
1. Alice calls Bob
B2BUA in the same administrative domain
Alice
Alice’sProxy SIP Cloud
bob
Alice’s B2BUA
(Back-to-Back User
Agent)
![Page 12: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/12.jpg)
Possible mitigations
Option 1> SRTP for cloud services (draft-cheng-srtp-cloud-00) proposes a mechanism where confidentiality and message authentication is independent of the RTP header
Option 2> Trust the B2BUA
12
![Page 13: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/13.jpg)
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA changes the RTP header
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com ISP
1. Alice calls Bob
B2BUA in different administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
![Page 14: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/14.jpg)
Possible mitigation
SRTP for cloud services (draft-cheng-srtp-cloud-00) proposes a mechanism where confidentiality and message authentication is independent of the RTP header
14
![Page 15: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/15.jpg)
B2BUA Modes
1. Media Relay2. Media Aware3. Media Terminator
15
![Page 16: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/16.jpg)
Media Terminator
Media terminator modifies the payload Terminates the DTLS connection, acts as a
DTLS proxy- Changes the certificate fingerprint and
signals its own fingerprint- Decrypts and re-encrypts the payload
16
![Page 17: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/17.jpg)
Possible attacks
Breaks end-to-end security.
17
![Page 18: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/18.jpg)
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA modifies the payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.comISP
1. Alice calls Bob
B2BUA in same administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
![Page 19: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/19.jpg)
Possible mitigations
Clients can be configured to maintain the B2BUA server's certificate fingerprints. This way the client is aware that B2BUA is playing the role of a media-proxy.
19
![Page 20: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/20.jpg)
2. The outbound proxy for the Alice’s domain verifies that this is from Alice and adds an assertion(based of 4474bis) that is it from [email protected]
3. This assertion is signed with the atlanta.com certificate from a well known certificate authority
4. The B2BUA modifies the payload
INVITE
Challenge
INVITE
INVITE
INVITE
Alice
atlanta.com ISP
1. Alice calls Bob
B2BUA in different administrative domain
Alice
Alice’sProxy SIP Cloud
bob
B2BUA (Back-to-Back User
Agent)
![Page 21: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/21.jpg)
Possible mitigations
Discourage media terminator mode.
21
![Page 22: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/22.jpg)
Next Steps
22
DTLS-SRTP Handling in SIP B2BUAs
![Page 23: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/23.jpg)
Backup
23
![Page 24: DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar](https://reader036.vdocuments.mx/reader036/viewer/2022081511/56649dff5503460f94ae7a5a/html5/thumbnails/24.jpg)
B2BUA ModesMedia Relay
- Only changes UDP/IP header- e.g.: topology hiding, privacyMedia Aware
- relay which can change RTP/RTCP headers- e.g.: monitors RTCP for QoS, mux/demuxes RTP/RTCP on same 5-tupleMedia Terminator
- Transcoders, Conference Servers
24