SIP

Chapter 5

SIP History• 1980s – first packet multimedia experiments• 1992 – first IETF audio-cast• 1996 – first SIP related IETF drafts Session

Invitation Protocol• Simple Conference Invitation Protocol MMUSIC

IETF WG• 1999 – RFC 2543• 2002 – RFC 3261• Today - over 30 IETF RFCs related to SIP, many

Internet Drafts and Working Groups

What is SIP?

• Application-layer signalling protocol• Easy to understand• Creation, modification and termination of

multimedia communication sessions• Negotiation of session's parameters• Re-negotiation during communication session• User mobility• Ability to allow supplementary services• Extensibility

SIP And VoIP Architecture

VoIP Protocols• Transport protocols• TCP – Transmission Control Protocol• UDP – User Datagram Protocol• SCTP – Stream Control Transmission Protocol• TLS – Transport Layer Security Protocol• Media transport and control protocols• RTP – Real-time Transport Protocol (RFC1889)• RTCP – Real-time Control Protocol (RFC3605)• SRTP – Secure Real-time Transport Protocol (RFC3711)• Signalling protocol• H323 – Set of standards to transmit voice, video over IP.• SIP – Session Initiation Protocol (RFC3261)• Session negotiation• SDP – Session Description Protocol (RFC2327)

SIP Design• Text based protocol in a format similar to HTTP• Client-server communication• Transaction oriented: request-response sequences• Independent of transport layer protocol• Request meaning is specified by method type• Session capability negotiation• Allow alpha-numeric addresses in URL format• (email-like address) as well as E.164 numbers• Use of domain names to locate servers• PSTN number translation

SIP Entities• User Agent (UA)• User Agent Client (UAC) – initiates a SIP request• User Agent Server (UAS) – handles and eventually sends a response to a request• Proxy server – routing of SIP requests• Registrar server – registration of user's contact addresses• Location server – providing of user location details• Redirect server – return callee's addresses to caller• Application server – providing advanced services for users

SIP Deployment Architecture

SIP Request Syntax

SIP Reply Syntax

SIP Media Session

SIP Registration

SIP Re-Direction

SIP Proxy

SIP Security• Ensure privacy, service protection, proper

accounting and billing• HTTP digest authentication schema• Challenge-response architecture• Basic authentication deprecated• Transport Layer Security for SIP entity id and traffic

encryption• IPSec secure channels between SIP servers• S/MIME (Secure/Multipurpose Internet Mail

Extensions) - for end to end encryption.

SIP Services• Voice conversations• Advanced call features: call redirect, call forwarding,

call barring, black/white lists• Easy to manage and use caller's preferences and

callee's capabilities• Parallel and serial search of users• Audio conferences, video and instant messaging

sessions, gaming• Presence and service location• System provisioning• Extensible and programmable environment

Future of SIP

• Deployed all over the world• Europe, USA, Asia• Replacement for H.323 and adopted as signalling

protocol in 3GPP• Continuous extension development within IETF• Widest used protocol by newest ITSP• Devices and applications from most famous

providers: CISCO, Avaya, Microsoft and very good representation in Open Source world

18

Comparison of SIP and H.323

• Complexity• Extensibility• Scalability• Services• Security Mechanisms used in SIP and H.323• Market Analysis• Conclusions

19

Definition – H.323

• ITU H.323 series of recommendations (“Packet Based Multimedia Communications Systems”) defines protocols and procedures for multimedia communications on the Internet.

• It is an umbrella standard that provides a well-defined system architecture and implementation guidelines.

• It includes– H.245 for control– H.225.0 for connection establishment– H.332 for large conferences– H.450(.1,.2,.3) for supplementary services– H.235 for security– H.246 for interoperability with circuit-switched services.

20

Definition – SIP

• The Session Initiation Protocol (SIP), developed by MMUSIC working group of the IETF, is a signaling protocol for establishing real-time calls and conferences over IP networks.

• It resembles HTTP and SMTP.• It uses SDP for media description.• It is not as strictly defined as a complete system like H.323.

Therefore, it is flexible and can be adapted to a number of implementations.

• It allows for the use of established protocols from other applications, such as HTTP and HTML.

21

Definition - Functional EntitiesTerminal Terminal Gatekeeper Terminal

MCU GatewayPSTN

H.323Zone

Enterprisenetwork

UA(softphone)

UA (IP phone)

Proxy/Registrar

Redirectserver

SIP telephony gateway

H.323/SIPgateway

SIP Realm

SIPnetwork

H.323network

22

Comparison - ComplexityH.323• Rather complex protocol• Defines hundreds of elements• Uses binary representation for its

messages → therefore it requires special code

generators to parse• Uses several protocol

components→therefore, many services require

interaction between many of them

→ this also complicates firewall traversal

SIP• Simpler protocol• Defines only 37 headers

• Encodes its messages as text, similar to HTTP

→ this allows simple parsing and generation

• Uses a single request that contains all necessary information

Source: schulzrinne and Rosenberg

23

Comparison - Extensibility

H.323• Provides extensibility generally by

use of nonstandardParam fields → this allows for different vendors to

develop their own extensions• Extensions are limited only to those

places where a non-standard parameter has been added

• It has no mechanisms for allowing terminals to exchange information about which extensions each supports.

SIP• Built in a rich set of extensibility

and compatibility functions• Numerical error codes are

hierarchically organized → this allows for additional features

to be added by defining semantics for the error codes in a class, while achieving compatibility

• Uses textual encoding which is self describing

→ this enables developers to determine usage from the name

Source: schulzrinne and Rosenberg

24

Comparison - Scalability

H.323• Large Number of Domains

– It provides no easy way to perform loop detection in complex multi-domain searches.

• Server Processing– The complexity of signaling

makes it less scalable.• Conference Sizes

– Three distinct mechanisms exits to support different conference sizes.

Source: schulzrinne and Rosenberg

SIP Large Number of Domains

It uses a loop detection algorithm which can be performed in a stateless manner.

Server Processing Simple signaling

mechanism makes it more scalable.

Conference Sizes It scales all different

conference sizes.

25

Comparison - Services

• H.323 and SIP offer roughly equivalent call control services.

• H.323 provides a much richer set of functionality for capabilities exchange services.

• SIP provides rich support for personal mobility services.• H.323 supports various conference control services. Sip

does not provide conference control, rather it relies on other protocols for this service.

Source: schulzrinne and Rosenberg

26

Security Mechanisms

H.323/H.235Two mechanisms that provide Authentication

or/and Integrity are:• Annex D - Baseline Security Profile

– Hop-by-hop processing– Password based security– Shared Secret-Key– Digest (Hashing) Algorithm

• Annex E - Signature Security Profile– Signature Profile – Public Key

Infrastructure (PKI)– Certificate Based Security– Scalable - applicable for “Global” IP

Telephony – Hop-by-Hop and End-to-End security– Digest Algorithms (Source: Radvision PPT)

SIP• End-to-end mechanisms

– Basic authentication– Digest authentication– S/MIME

• Hop-by-hop mechanisms– Transport Layer Security (TLS)– IP Security (IPSec)– The SIPS URI schema

(source: Ben Campbell presentation)

27

SIP AuthenticationSIP Client

SIP Server

REQUEST

CHALLENGE

Generate theNonce value

Nonce, realm

Compute response = F(nonce, Username, password, realm)

REQUEST

Nonce, realm,Username, response

Authenticate: compute F(nonce, username, password, realm)And compare with response

F= MD5

28

Market Analysis

• Chart 1 summarizes the technology supported by the 77 products. (source: Wind River White Paper)

• Chart 2 summarizes the technology supported by VoIP Service Providers. (source: Wind River White Paper)

29

Interoperability

Source: Ho et al.

30

Conclusion• If SIP is better, why is H.323 important?

– Huge installed base and backward compatibility is important. – However, newer products may not need H.323.

• In videoconferencing world, H.323 is still a dominant player.• Most VoIP products support H.323 and SIP together. But this has the

potential to increase the cost, size and power requirements of the products.

• An all-SIP network is simple and cleaner to run/manage but we will see H.323/SIP for a long time.

• Security mechanisms (authentication, privacy, authorization, integrity, non-repudiation) may well decide their fate.

31

References• www.ietf.org drafts and RFCs (3261, 2543) for SIP• ITU-T and H.323 specifications.• SIP Vs. H.323:A Business Analysis, white paper from WindRiver.• SIP versus H.323, iptel.org/info/trends/sip.html• H.323 versus SIP: A Comparison, packetizer analysis at

http://www.packetizer.com/iptel/h323_vs_sip/• A Comparison of SIP and H.323 for Internet Telephony • Henning Schulzrinne and Jonathan Rosenberg

Network and Operating System Support for Digital Audio and Video (NOSSDAV), (Cambridge, England), July 1998.

• For our work on SIP/H.323 security, see http://middleware.internet2.edu/video/