Voice of VOIPSA

In June last year, I attended the 3rd VoIP Security Workshop in Berlin and wrote about some of it here.  It seems there is now a successor conference (although not with the same name) to be held at Columbia University in New York in July, organized by the same committee.

The scope is broader this year, encompassing not only VoIP Security, but a range of IP and NGN related topics.  They have just published a call for papers, so please take a look at the IPTComm site here.  I’m sure it will be a stimulating event, as the last one was.

 

UPDATE:  The event has been postponed, so I won’t be in CT this week.
FYI, if any readers happen to be in the Norwalk, CT, (USA) area next Thursday, January 18th, I’m going to be speaking at a VoIP Security Awareness Seminar sponsored by a Mitel reseller. Obviously I’m speaking there wearing a Mitel versus VOIPSA hat, but if you’d like to hear that perspective, you’re welcome to attend. If you are a blog reader or Blue Box listener and do attend, please do identify yourself… I definitely like meeting people who listen to the show or read these blogs.

The other day at the IET Secure Mobile conference in London, Steve Babbage, Vodafone’s Group Chief Crypographer (great job title) gave the keynote, and I was fortunate to speak to him afterwards about his ideas.  One interesting area was “security through obscurity”, where he maintained that in some situations it makes sense to make an attacker’s job as difficult as possible through the use of secret algorithms.  I hope I can do the argument justice here. 

The World has changed today, and generally governments do not try to interfere in the issues of what crypto gets used in commercial mobile networks.  However, when GSM was born, 40bit encryption was a (rather weak) standard that governments agreed should be used.  In this environment, Steve Babbage maintains, the cellcos would have been mad to release all the details of the algorithm to the public, since the added obscurity would make it even harder for an attacker to get a foothold.  In the context of SIM attacks (being physically in contact with the SIM to decrypt it,  a so-called “side-channel attack”), sometimes attackers can gain knowledge about the secret key by measuring the power usage of the chip under attack.  On the other hand, if the algorithm is secret, then it is impossible for an attacker to map power fluctuations against a model, since all he has is a seemingly patternless output from an engine of unknown design. 

The use of secret algorithms is generally thought of these days as a “bad thing”, since if the algorithm is openly published it means that academics and researchers can test the thing to death and publish vulnerabilities that they find.  This should result in better algorithms and fewer defects in the long term.  Babbage doesn’t argue in favour of “cobbling something together in secret”, but rather he is saying that if you take a proven good thing like AES/Rijndael, and then add a further secret component to the algorithm, then the intellectual rigour is still there, with an added component to defeat foes.  

What do you think about security via obscurity?

At the IP’06 event in London recently, I heard Tom Cross of Internet Security Solutions present on VoIP Security, and some of types of threats to VoIP phones.  Those of you that have listened to the Bluebox Podcast will have heard Dan York, Jonathan Zar and Shawn Merdinger talk about the threats to phone handsets before.  Some of these devices ship from the factory in an unsafe state, with security holes like remote configuration backdoors and TFTP servers running on the phone.  Often if there are usernames and passwords they can be weak combinations like ‘1′ and 1′ or ‘root’ with no password.  Often users do not know that these back doors are open, and the software does not force you to change from default or factory passwords.

The cost of not closing these security holes is that someone could remotely hack into the phone, and once in control of the phone could trace or record phone calls; mount a denial-of-service attack such as repeatedly reboot the phone; or hijack the phone in order to make calls at your cost.  So Tom’s advice was to make sure that VoIP phones are not accessible to the Internet, so they can’t be attacked from outside.

In many ways the PBX is a dinosaur these days, since it is solving problems we no longer have.  For example VoIP phones have built in dialling directories, so we don’t need a special abbreviated dialling system inside the company; VoIP softphones can have their own voicemail functionality, so we don’t need the PBX to do that.  Also traditionally, the PBX has been the device that shares out and manages the expensive, limited resources, the telco trunk lines, and increasingly PBXes don’t need to do that either, often sitting just on a LAN or LANs.  However, thinking about Tom’s words, the security aspect is a whole new reason to buy PBXes, as any device that can limit the exposure of SIP phones to attack is going to be of benefit.

 

 

 

Over at Blue Box, I have just uploaded a podcast of the “Intro to VoIP Security” panel at the Internet Telephony conference last week in San Diego, CA. Moderated by Ken Camp, the panel provided a good introduction to the basic issues related to VoIP security.

This is the first of several panel sessions related to VoIP security that we will be making available through the podcast feed. We thank Rich Tehrani and the rest of the TMCNet staff for allowing us to record the sessions. Thanks also to Ken Camp for his assistance and to all the panelists who gave their permission to be recorded as well.

Martin Geddes recently reflected on the use of Skype as a tool for recording podcasts with two people in different locations.  This is a technique that is used on many podcasts now, including Blue Box, the VoIP Security Podcast.  But as Geddes says, sometimes the quality is not all it should be, and it would be useful to be able to record in top quality, and in some way transmit this out-of-band, while using the inferior, real-time audio between the two podcasters.  Sometimes this technique (called double-ending, or a “double ender”) is done manually today in podcasting and in radio: each person records their end of the conversation locally, then the files get spliced together at the end to make a broadcast quality programme.  The telephone call only needs to be good enough for the two people to understand each other while the interview is taking place.

But adding double-ending functionality in Skype has interesting possibilities, apart from the podcasting one.  In some areas human speech needs to be understood by less tolerant parties than humans, for example in the areas of automatic speech recognition, or speaker verification.  Given that VoIP streams can be of cellphone quality (or lower), it could be useful for a computer system to be able to play back a passage of speech it was having trouble with.  For example, a speaker verification system might listen to the live VoIP speech, perhaps match with a certainty of 20%, then after a few tens or hundreds of milliseconds it could try again using extra hi-fidelity information that came in while it was processing the first time.  Much better than forcing the user to re-speak their passphrase over and over until the computer figures it out.

On the subject of Dan York (of Blue Box) and Martin Geddes, you can almost see them in this photograph from Fall VON.  York is moving at speed, presumably in order to eclipse Geddes.

Being in Malaysia myself this week, I stumbled across this article by the Grugq in the Malaysia Star.  It’s quite a nice roundup of the coming threats in the VoIP world.  The mention of phone freakers brought back a thought I had a few weeks ago.  Before digital networks, phone phreakers were able to play tones down the phone handset (using a Blue Box), emulating the tones used by the telco themselves, and this allowed them to get free calls and mess around with the network.

With digital networks, all the signalling started to be done with SS7, carried on a parallel network dedicated to signalling traffic.  SS7 doesn’t extend to the phone handset, so suddenly phreakers were out of business.  This has been great for telcos, since the SS7 net was isolated and pretty safe from evildoers.

In some ways with VoIP, we’ve now gone back the other way.  Now all the VoIP signalling protocols, as well as the voice, go to the handset.  This allows phreakers to send any kind of message (SIP, H323 etc) they like into the net, to see what the result is.  This is a much worse proposition for the telcos, since they now need to make sure their edge switches are stable, secure, and as far as possible invulnerable to poorly formed messages, or floods of messages.  Today, it’s not a huge problem, but with Next Generation Networks (like IP Multimedia Subsystem or IMS) an awful lot of work is going to be needed to make the networks safe from attackers.

The Grucq is speaking at the HITB Security Conference in Malaysia, as is security guru Bruce Schneier.

Presentations from the recent Black Hat conference in Las Vegas are online and can be downloaded from here.

A lot of interesting stuff, including the Hacking VoIP Exposed presentation from our own David Endler and Mark Collier and Henrik Scholz on SIP Fingerprinting.

Blue Box Podcast #36 is now available for download. In this super-sized show, we discuss the voice security talks given at Black Hat 2006 last week in Las Vegas. There is an interview with David Endler and Mark Collier about the VoIP security tools they released, an interview with Ofir Arkin about his talk on NAC and involvment with VOIPSA, and many other news items coming out of the conference.

On the Infoworld Zero Day Security page, Garza talks a little about the VoIP Phreaking session at the Black Hat conference, which is on right now in Las Vegas.  I’m looking forward to the promised podcast with The Grugg, who led that class.

On the Black Hat website is an archive of presentations from previous conferences, and the ones from the current conference should pop-up there in the coming weeks.