1 / 16

Analysis of SIP security

Analysis of SIP security. Ashwini Sanap (006312787) Deepti Agashe (006331234). Agenda. Introduction SIP Entities and messages Security Mechanism Security Attacks Conclusion. Introduction. Session Initiation Protocol (SIP) Application Layer Signaling Protocol

candie
Download Presentation

Analysis of SIP security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)

  2. Agenda • Introduction • SIP Entities and messages • Security Mechanism • Security Attacks • Conclusion

  3. Introduction • Session Initiation Protocol (SIP) • Application Layer Signaling Protocol • Create, Terminate and Manage Session • Similar to HTTP (Request/Response) • SIP Identity (URI)

  4. SIP Entities and Messages

  5. Security Mechanisms

  6. Digest Authentication • Challenge based Authentication Encryption not provided Confidentiality lost

  7. Secure MIME • Multipurpose Internet Mail Extension • End to End security • Encrypts MIME body using public key of receiver • PK Exchanged thru Certificates • Entity Authentication

  8. Transport Layer Security (TLS) • TCP->TLS • SIPS (Similar to HTTPS) • SIPS ensures parameters passed securely • SRTP ensures media is also secured • SIPS+SRTP = Protection

  9. IPSec • Network Layer Security • Hop by Hop • Creates VPN between sites • Provides Encryption (DES,IDEA), Authentication and Integrity(MD5, SHA)

  10. SIP Based network attacks • Registration Hijacking • Authenticate originators of requests

  11. SIP Based network attacks Session Hijacking

  12. SIP Based network attacks Impersonating a Server

  13. SIP Based network attacks : Tearing Down Sessions

  14. SIP Based network attacks : • Other attacks include : • Tampering with Message Bodies • Denial of Service and Amplification • Bots and DDOS Attacks

  15. Conclusion SIP is expected to be the future VoIP protocol of choice. Use SIP-optimized firewalls, which both support use of standards-based security and provide the best possible protection where system-wide standards-based security is not possible.

More Related