[VOIPSEC] VoIP Attack : How feasible

Mark Baugher mbaugher at cisco.com
Tue Jul 25 12:53:17 CDT 2006 

On Jul 25, 2006, at 9:21 AM, Dan Wing wrote:

>> John DePietro writes:
>>> I my opinion even though TLS (SIPS, HTTPS, S/MIME) and SRTP provide
>>> better end-to-end security; are optional for wireless standards
>>> (3GPP, 3GPP2 and WIMAX), they do not fit as economically as IPSEC
>>> from a network equipment deployment perspective, yet!
>>
>> My ongoing issue with TLS is the technical difficulty of making TCP
>> redundant in a fully scaled carrier-class environment.  If you don't
>> make it redundant, you end up having storms of TCP SYN and TLS
>> authentication messages whenever you have a node failure or an access
>> network failure.  This blows any five 9's availability requirement  
>> out
>> of the water.
>
> sip-outbound's approach is to make TLS connections to two edge
> proxies.
>
>> I believe the 3GPP approach is the correct
>> one... put SIP on a diet so it fits within an MTU and
>> you can use UDP.
>
> The problem isn't just SIP but also SDP.  Here is an example of SDP
> that is over 10K bytes long:
> http://www1.ietf.org/mail-archive/web/mmusic/current/msg04205.html

But it can be compressed below 1500 bytes

Mark
>
> And the problem is fragmenting UDP, too.  See:
> http://www.ietf.org/internet-drafts/draft-heffner-frag-harmful-02.txt
>
> It is time to abandon SIP over UDP.
>
> -d
>
>> Run transport
>> mode IPSec which is very straightforward to make redundant.  Sadly,
>> SIGCOMP is an unfortunately complex way of putting SIP on a diet.  We
>> need to invent a better "binary SIP" compression standard.
>>
>> I think TLS is somewhat better when used inside the core
>> where you have
>> a much smaller number of connections/sockets and don't face the
>> initialization/restart storm problem.  TCP is a little worrying to  
>> use
>> in the core since a few dropped packets can cause flow control to be
>> invoked on mission-critical signaling.  SCTP is a better transport  
>> and
>> is less prone to this problem.
>>
>> SRTP is fairly straightforward to make redundant in a carrier-class
>> media gateway.  The only tricky bit is dealing with RTP
>> sequence number
>> wrap for a codec that uses silence suppression/voice activity
>> detection.
>>
>>
>> Geoff Devine
>> Chief Architect
>> Cedar Point Communications
>>
>> _______________________________________________
>> Voipsec mailing list
>> Voipsec at voipsa.org
>> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list