sip digest access authentication relay-attack for toll-fraud

11

RFC 3261 Overview Known Authentication Attacks Unknown Attack SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud Humberto J. Abdelnur [email protected] Radu State [email protected] Olivier Festor [email protected] Madynes team http://madynes.loria.fr LORIA-INRIA Lorraine November 2, 2007

Upload: others

Post on 12-Sep-2021

5 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

SIP Digest Access AuthenticationRELAY-ATTACK for Toll-Fraud

Humberto J. [email protected]

Radu [email protected]

Olivier [email protected]

Madynes teamhttp://madynes.loria.frLORIA-INRIA Lorraine

November 2, 2007

Page 2: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Outline

1 RFC 3261 OverviewDirect Callre-INVITE RequestAuthenticated Call

2 Known Authentication AttacksMITM AttackReplay Attack

3 Unknown AttackRelay Attack

Page 3: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

RFC 3261 Overview

Page 4: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Direct Call

Direct Call from user B to A

Page 5: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

re-INVITE Request

re-INVITE overview

“This modification can involve changing addresses or ports, adding a media

stream, deleting a media stream, and so on. This is accomplished by sending a

new INVITE request within the same dialog that established the session. An

INVITE request sent within an existing dialog is known as a re-INVITE.”1

1RFC 3261 Section 14 Modifying an Existing Session

Page 6: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Authenticated Call

Call from User B to User A via a Proxy using DigestAccess Authentication (RFC 2617)

Page 7: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Known Authentication AttacksRFC 2617 Section 4.5 ReplayAttacks

Page 8: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

MITM Attack

Man in the Middle Attack

Page 9: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Replay Attack

Replay Attack

Page 10: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Unknown Authentication Attack toSIP

Page 11: SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud

RFC 3261 Overview Known Authentication Attacks Unknown Attack

Relay Attack

Trigger a re-INVITE on User B in order to request himto authenticate

[MS-SIP]: Session Initiation Protocol ExtensionsMS-SIP].pdfSession Initiation Protocol Extensions SIP. . SIP message.

SIP Communicator Training Chris Joannou. What is SIP?What is SIP? Overview of SIP CommunicatorOverview of SIP Communicator Site requirementsSite requirements

Sprint Global SIP Trunking – Europe and Canada · • How SIP Trunking Europe and Canada can work for you • SIP toll-free solutions • Examples of success stories Desired Outcome

Architecture Proxy, Redirect, Registration server. Authentication Programmable (SIP- CGI) OpenSource SQL database: MySQL User information:

Toll Fraud Mitigation by SIP Trunk Plus

[MS-SIP]: Session Initiation Protocol ExtensionsMS-SIP]-160714.pdf · [MS-SIP]: Session Initiation Protocol Extensions ... sip. . . .

Study of Digest Authentication for SIP

AP2120 VoIP Gateway - AddPac AP2120 VoIP Gateway ... RTP SS7 RTCP PPP SIP FTP/TFTP SNMP DNS Dynamic DNS NTP ... – Challenge Handshake Authentication Protocol (CHAP)

Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual

A Robust and E cient SIP Authentication Schemescientiairanica.sharif.edu/article_3313_ca46dd3d3c8da34bdda4942c… · Authentication in SIP In a direct session between UC and US, US

Digest Authentication Setup for SIP Trunks · Digest Authentication Setup for SIP Trunks ... Release 12.0(1) 2 Digest Authentication Setup for SIP Trunks ... Table 1: Digest Authentication

Sip Detailed , Call flows , Architecture descriptions , SIP services , sip security , sip programming

18th TF-Mobility Meeting 2 December 2008, Utrecht Project SIP - infrastructure – authentication – client Project SIP multimedia communication in academic

SIP Security Issues : The SIP Authentication Procedure and its Processing Load

UNIX Authentication and Pluggable-authentication Modules ... · UNIX Authentication and Pluggable-authentication Modules (PAMs) Russell Bateman Description of UNIX authentication,

Authentication Without Authentication

interoperability.blob.core.windows.netMS-SIPA… · Web view[MS-SIPAE]: Session Initiation Protocol (SIP) Authentication Extensions. Intellectual Property Rights Notice for Open

The Open Source SIP Server - Kamailio · The Open Source SIP Server ... (FIFO, Sockets) accounting authentication ... enables reinitialization of some internal parameters or reload

Introduction - Microsoftinteroperability.blob.core.windows.net/...160914.docx · Web view[MS-SIPAE]: Session Initiation Protocol (SIP) Authentication Extensions. Intellectual Property

Toll Free Termination Product Overview - West Corporation · the appropriate toll free subscriber or service provider via a SIP handoff. TFT is a one-way (inbound to customer only)

1) · 2019. 9. 11. · 1) How do I setup my SIP trunk for inbound/outbound calling? We authenticate IP-PBX SIP Trunking traffic by: IP Authentication (IP address) or Digest Authentication

XO SIP Service XO certifies interoperability between XO SIP service and the IP PBX as outlined ... IP PBX and a router. Cisco 2821 ISR CME Service ... aaa authentication login

Request for Information National Toll Protocol Requirements … · 2017. 5. 2. · Tag authentication (integrity) - The ability to detect counterfeit ... Use of Encryption or other

SIP Overview. SIP2 Contents What is Sip? SIP Benefits SIP message structure SIP components SIP mobility

mvoicecall.commvoicecall.com/setup/Voip-Device-configration-screensort.pdf · Authentication ID Password SIP Proxy SIP Registrar Server Re-register Period (s) Phone Number Display

VoIP - SIP Securitycs.uccs.edu/.../Sip_Security_Mechanisms_Evaluation... · Web viewSIP Security Issues: The SIP Authentication Procedure and its processing Load, Stefano Salsano,

interoperability.blob.core.windows.net · Web view[MS-SIPAE]: Session Initiation Protocol (SIP) Authentication Extensions. Intellectual Property Rights Notice for Open Specifications

Columbia -Verizon Research Securing SIP: Scalable ... · Ongoing -SIP DoS Detection and Mitigation Filters Authentication based -Return Routability Check – For UDP use SIP's built-in

I SIP WATER! I SIP I - Healthy Kids : Homepage sip water! i sip water! i sip water! i sip water! i sip water! i sip water! i sip water! i sip water! i sip water! i sip water! i sip

Voice over IP Gateway - addpac.su VoIP Presentation Rus_1.pdf · RTP SS7 RTCP PPP SIP FTP/TFTP SNMP DNS ... (Challenge Handshake Authentication Protocol) • ... – Best EMS Solutions

Oracle® Communications Core Session Manager Digest User Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 SIP

Subscriber Data Management - Oracle · 2012. 10. 12. · This use case describes a successful SIP Registration of a subscriber for which SIP Digest authentication has been disabled

Authentication. TOPICS Objectives Legacy Authentication Protocols IEEE 802.1X Authentication Extensible Authentication Protocol (EAP) Authentication Servers