experiences of using a secure voip user agent on pdas johan bilien ([email protected]) erik eliasson...
TRANSCRIPT
Experiences of using a secure VoIP user agent on PDAs
Johan Bilien ([email protected])Erik Eliasson
([email protected]) Jon-Olov Vatn ([email protected])
Royal Institute of Technology (KTH)
Stockholm, Sweden
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 2 of 20
Secure VoIP on PDAs HP iPAQ h5550
Built-in WLAN and Bluetooth
Built-in microphone and speaker can be used
Add-on camera SIP User Agent (UA)
Minisip (www.minisip.org)
Security enhancements
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 3 of 20
Securing public (mobile) IP telephony
Security scope WLAN link (potentially
with WPA) Only first/last hop Enforce access control
Mobile VPN solutions Good for communication
within an organization Public communication
(end-to-end security) Secure telephony
between two arbitrary parties
AP
a.org
GW
b.org
AP
GW
Internet
These are complementary techniques. We focus on public communication.
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 4 of 20
What security does VoIP provide to a user?
• Is she really talking to Bob?
• Is charging being done correctly?
• Can incoming calls be blocked selectively (avoiding spamming)?
• Can Trudy listen to our call?
• Can Trudy find out who Alice calls (or who is calling Alice)?
• Can Trudy detect where Alice is (location privacy)?
• Can Alice make anonymous calls?
Alice (a user) associates the term secure VoIP with properties such as:
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 5 of 20
End-to-end security: which layer? Network layer: IPSEC / IKE
NAT/firewall traversal problem Requires strong interaction between
the application and the operating system
Application layer: SRTP / MIKEY Transparent to the lower layers Very few implementations yet
(but we have one!) Optimized for media protection
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 6 of 20
Secure RTP IETF standard (RFC 3711, March 2004) Secures RTP and RTCP streams, by
adding: Encryption (AES used in stream cipher mode) Integrity (HMAC-SHA1) Low overhead
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 7 of 20
Multimedia Internet KEYing
IETF draft – approved by the IESG Mutual authentication and key exchange for
secure multimedia exchange Requires only one round-trip Embedded in session establishment (SIP,
RTSP) Three alternative authentication modes:
Shared key Public key encryption Signed Diffie-Hellman
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 8 of 20
VoIP architecure: Internet Internet calls
Entities: User agents
Alice and Bob SIP servers (proxies)
Register current location Forward Invite messages
DNS servers SRV Records (SIP)
Certificate authorities (CAs) Needed if certificate-based
authentication is desired
AP
a.org
AP
Internet
a.org
CA DNSSIP
a.org
b.org
CADNSSIP
Media
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 9 of 20
VoIP architecure: Internet PSTN calls
SIP/PSTN provider PSTN-GW Security
No security support no confidentiality at all
Security support confidentiality over Internet
RoutingDoes not route IP-IP for free need two SIP
servers/identities
AP
012-45678
Internet
a.org
c.com
GWDNSSIPCA
PSTN
SIP/PSTN provider
a.org
CA DNSSIP
Possiblysecure
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 10 of 20
VoIP architecure:Intermediate solution
No security at SIP/PSTN provider
Add B2B UA at Alice’s organization (a.org)
a.org can add security support to B2B UA Partial security of PSTN-calls
End-to-end security for Internet Internet calls
AP
012-45678
Internet
a.org
c.com
GWDNSSIPPSTN
SIP/PSTN
a.org
CA DNSSIP
[email protected]([email protected])
B2B
provider
AP
Secure
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 11 of 20
Minisip SIP User Agent Open Source (GPL)
Security implementation open for review!
Released April 5 2004 www.minisip.org ~350 downloads
(as of May 6 2004) Distributed as:
Source code RedHat RPM-package Debian .deb-package Microsoft Windows
version to come
Source modules MIKEY
First published implementation
SIP SDP SRTP/RTP STUN (NAT traversal) Sound I/O
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 12 of 20
Platforms Minisip runs on:
HP iPAQ h5550 (or similar) and PC hardware
Linux operating system (Familiar Linux recommended on iPAQs, www.handhelds.org)
Microsoft Windows (CE) support required for large scale PDA tests
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 13 of 20
Implementation Developed in C++ Written in separate modules that
can be used by other applications Portability
GUI and Sound IO is not (yet) ported to Microsoft Windows and Windows CE
Dependencies OpenSSL (various security functions) GUI: Qt or GTK on Linux
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 14 of 20
Campus environment IEEE 802.11b coverage, no link-layer security SIP soft-phones (minisip)
Laptops with USB headsets, GNU/Linux HP iPAQ h5550, Familiar Linux
SIP servers SIP Express Router (www.iptel.org) Asterisk for outgoing PSTN calls (www.asterisk.org)
SIP/PSTN provider – Digisip (www.digisip.com) DNS (BIND), PKI (OpenSSL)
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 15 of 20
Public Key Trust Models Current model
SIP phones store root CA certificates
Root CAs certify SIP providers (no name subordination)
SIP providers certify their users (Common Name = SIP URI)
Future models Top-down
Similar to the current model, but with name subordination
Could utilize DNSSEC Up-Cross-Down
Less dependent on external CAs Who should certify the users?
a.org
CA CA CA
CA
Root Certificate Authorities
b.orgCA
Rootcertificates
Rootcertificates
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 16 of 20
Secure VoIP first experiences: DelaysNo significant delays: At call establishment: in the worst case roughly
100 ms (Diffie-Hellman) on an average PC*1
No additional round-trip Pre-computation of some parameters
For the media processing: throughput of 20 Mbit/s on an average PC*2
Fast encryption scheme Can be used on small devices
*1: see J. Bilien et al. ”Call establishment delay for secure VoIP”, WiOpt’04, Cambridge UK, March 2004*2: see I. Caballero ”Secure Mobile VoIP”, Master Thesis, KTH, Stockholm Sweden, June 2003
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 17 of 20
Secure VoIP first experiences:User interaction Secure call policies:
Opportunistic or required? Very few secure UAs No secure PSTN gateway The UA should be able to fall back on non-secure calls
Certificate management is not user-friendly Hard certificates (e.g. SIM card) Will users ignore security alerts?
Accept unsecure calls? (Opportunistic – policy matter) Accept/install non-verified certificates? (Potentially scary!)
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 18 of 20
Secure VoIP first experiences:User interaction [2]
Incoming call management: Authentication allows incoming call management
policies Unsolicited calls can be blocked (white-lists) How to establish the first contact? What user interface should be used to enter these
policies? CPL? User interface representation of “security”
Messages, symbols, color indicators in the GUI Hands-free (e.g. USB headset) to enable screen
interaction Sound signals, vibration
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 19 of 20
Experiences not related tosecurity
HP iPAQ h5550 Battery time concerns
Hibernation state not possible (can not receive calls) We are currently not using WLAN power-save mode
Possible to utilize iPAQ buttons and buzzer Good audio quality (better than GSM phone)
Campus WLAN environment Web-login mechanism to block unauthorized
users Cumbersome interaction using PDAs Losing connectivity when moving have to login
Wi-Fi Voice, Paris,25-28 May 2004 Experiences of using a secure VoIP user agent o
n PDAs Bilien, Eliasson, Vatn
Page 20 of 20
Future work Security
Secure PSTN gatewayMIKEY/SRTP may require dedicated hardware support
MIKEY re-keying effects on media stream Secure Session Mobility PKI trust models
Push-To-Talk Video media stream Large scale tests on students using iPAQs with
Microsoft Windows CE supported by HP donation UPnP support for NAT traversal complementing
STUN