[VOIPSEC] VoIP Attack : How feasible
DePietro, John
jdepietro at starentnetworks.com
Tue Jul 25 11:36:14 CDT 2006
Dan,
Regarding, sip-outbound's approach. Do you have a description of this, draft-rfc or whitepaper?
John
-----Original Message-----
From: Dan Wing [mailto:dwing at cisco.com]
Sent: Tuesday, July 25, 2006 12:21 PM
To: 'Geoff Devine'; DePietro, John; 'Pankaj Shroff'
Cc: Voipsec at voipsa.org
Subject: RE: [VOIPSEC] VoIP Attack : How feasible
> John DePietro writes:
> > I my opinion even though TLS (SIPS, HTTPS, S/MIME) and SRTP provide
> > better end-to-end security; are optional for wireless standards
> > (3GPP, 3GPP2 and WIMAX), they do not fit as economically as IPSEC
> > from a network equipment deployment perspective, yet!
>
> My ongoing issue with TLS is the technical difficulty of making TCP
> redundant in a fully scaled carrier-class environment. If you don't
> make it redundant, you end up having storms of TCP SYN and TLS
> authentication messages whenever you have a node failure or an access
> network failure. This blows any five 9's availability requirement out
> of the water.
sip-outbound's approach is to make TLS connections to two edge
proxies.
> I believe the 3GPP approach is the correct
> one... put SIP on a diet so it fits within an MTU and
> you can use UDP.
The problem isn't just SIP but also SDP. Here is an example of SDP
that is over 10K bytes long:
http://www1.ietf.org/mail-archive/web/mmusic/current/msg04205.html
And the problem is fragmenting UDP, too. See:
http://www.ietf.org/internet-drafts/draft-heffner-frag-harmful-02.txt
It is time to abandon SIP over UDP.
-d
> Run transport
> mode IPSec which is very straightforward to make redundant. Sadly,
> SIGCOMP is an unfortunately complex way of putting SIP on a diet. We
> need to invent a better "binary SIP" compression standard.
>
> I think TLS is somewhat better when used inside the core
> where you have
> a much smaller number of connections/sockets and don't face the
> initialization/restart storm problem. TCP is a little worrying to use
> in the core since a few dropped packets can cause flow control to be
> invoked on mission-critical signaling. SCTP is a better transport and
> is less prone to this problem.
>
> SRTP is fairly straightforward to make redundant in a carrier-class
> media gateway. The only tricky bit is dealing with RTP
> sequence number
> wrap for a codec that uses silence suppression/voice activity
> detection.
>
>
> Geoff Devine
> Chief Architect
> Cedar Point Communications
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
"This email message and any attachments are confidential information of Starent Networks, Corp. The information transmitted may not be used to create or change any contractual obligations of Starent Networks, Corp. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this e-mail and its attachments by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient, please notify the sender immediately -- by replying to this message or by sending an email to postmaster at starentnetworks.com -- and destroy all copies of this message and any attachments without reading or disclosing their contents. Thank you."
More information about the Voipsec
mailing list