© 2006 nec corporation - confidential age 1 november 2008 - 1 speermint security threats and...
TRANSCRIPT
© 2006 NEC Corporation - Confidential
P age <date> 1November 2008 - 1
SPEERMINT Security Threats and Suggested Countermeasures
SPEERMINT Security Threats and Suggested Countermeasures
draft-ietf-speermint-voipthreats-01
Saverio Niccolini, Eric Chen, Jan Seedorf, Hendrik Scholz
© 2006 NEC Corporation - Confidential
November 2008 - 2
Goals / Scope
• Goals of the draft– List of security threats (specific) for SPEERMINT– Mapping of these threats to suggested countermeasures
As information for implementers Also helping implementers choose proper means for addressing
SPEERMINT security requirements(as defined in draft-ietf-speermint-requirements-07)
• Target:– Informational document for implementers
© 2006 NEC Corporation - Confidential
November 2008 - 3
VoIP-SPECIFICUSE CASES
IM/PRESENCE-SPECIFICUSE CASES
VOIP-SPECIFICREQUIREMENTS
IM/PRESENCE-SPECIFICREQUIREMENTS
ARCHITECTURE
MESSAGE FLOWSDNS SRV & NAPTR
USEOTHER IMPLEMENTERDOCUMENTS (BCPs)
TERMINOLOGY
Contribution of the draft(related to SPEERMINT document flow
chart)
SPEERMINT Security Threats and Suggested Countermeasures:Informational Document
© 2006 NEC Corporation - Confidential
November 2008 - 4
Security Requirements vs. concrete Solutions
• Security Requirements: draft-ietf-speermint-requirements-07
– This draft lists security requirements without stating concrete protocols or guidance on how to meet these requirements
• How to fulfill/meet the Security Requirements: draft-ietf-speermint-voipthreats-01
– This draft provides concrete protocols and solutions for meeting the requirements
– As guidance for implementers who want to fulfill the security requirements for SPEERMINT
– Section on security requirements (section 3) Currently only listing the security requirements Waiting for draft-ietf-speermint-requirements-07 to be finalized (IESG processing) Then addressing the requirements with text on protocols and solutions
© 2006 NEC Corporation - Confidential
November 2008 - 5
Comments received for Version -00 at IETF 73
• Minimization of SED suggested as countermeasure Included in the new -01 version
• Text regarding password cracking was misleading Changed
• Digest authentication on all requests was seen as unrealistic Removed
• PKI is assumed for TLS Added text
© 2006 NEC Corporation - Confidential
November 2008 - 6
Changes since -00 version
• Addressed comments received (see previous slide)• New threats
– “network discovery“– “unwanted requests“
• New countermeasures– “minimization of session establishment data“– “topology hiding“
• Renamed / Restructured Countermeasures (see next slide)• Editorial changes
– Updated/removed references
© 2006 NEC Corporation - Confidential
November 2008 - 7
Version -01: Suggested Countermeasures
• Suggested Countermeasures– Database Security BCPs– DNSSEC– DNS Replication– Cross-Domain Privacy Protection– Use TCP instead of UDP to deliver SIP messages– Ingress Filtering / Reverse-Path Filtering– Strong Identity Assertion– Reliable Border Element Pooling– Rate limit– Topology Hiding– Border Element Hardening– Minimization of Session Establishment Data– Encryption and Integrity Protection of Signalling Messages– Encryption and Integrity Protection of Media Stream
© 2006 NEC Corporation - Confidential
November 2008 - 8
Current Issues / Discussion
• IPSec vs. TLS– IPSec is a lower-layer solution but often deployed and seen as
sufficient for hop-to-hop SSP security
– Requirements draft says:“Even though SSPs may use lower layer security mechanisms to guarantee some of those security properties, candidate protocols for the LUF and LRF must meet the above requirements
authentication/integrity/confidentiality]”.
– Opinions from the WG?
• Section on deployment (Comment received at IETF 71)
– Are there other solutions besides DNSSEC which are not deployed yet?
© 2006 NEC Corporation - Confidential
November 2008 - 9
How to proceed ...
• We welcome any comments on this work on the mailing list– Are there additional threats missing / not considered?– Are there countermeasures missing / not considered?– Editorial changes / comments?
• Or contact authors directly if you have any comments:– Saverio Niccolini: [email protected]– Eric Chen: [email protected]– Jan Seedorf: [email protected]– Hendrik Scholz: [email protected]