voice over ip: security and mobility

V and Mobility

Maguire Total pages: [email protected]

© 2004 G.Q.Maguire Jr. .All rights reserved. No part of this course hotocopying, recording, or otherwise, without written permission of the author.

Last modified: 04.03.03:10:42

KTH Microelectronicsand Information Technology

ld Q. Maguire Jr.

[email protected]>

.kth.se/~maguire

less@KTH&

and Information Technology (IMIT)ology (KTH), Stockholm, Sweden

VA Sydd, Sweden

arch 2004

oice over IP: Security

IVA-Syd-20040303c.fm5 March 3, 2004

may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, p

Prof. Dr. Gera

<magu

http://www.it

Wire

Inst. for Micorelectronics Royal Institute of Techn

ILun

3 M

2 of 42Voice over IP: Security and Mobility

Jr.municationribed in the following Swedish:

för personlig databehandlingoch effektiva implementerings

bia University in CSniversity); 8 licentiate students

iner: >220 (KTH)

etwork Architectures, Internet-ts, Location/Context Aware Per-mmunication (basic courses);

, Programming Languages andation, Performance Analysis,

r Science, University of Utah;nsylvania, 1975

[email protected] March 3, 2004

Gerald Q. MaguireJuly 1994 to present : Professor, Computer Com(Datorkommunikation), formally the chair is desc

Ämnet omfattar integrerade dator- och kommunikationssystemoch personalkomunikation, speciellt trådlös kommunikationstrategier. (Ref. nr 473/93).

Jan. 1983 .. Dec. 1993 - on the faculty of Colum• Doctoral students (completed): 4 (KTH) and 4 (Columbia U

(KTH), Member of 34 doctoral dissertation committees• MS & Civ. Ing. main advisor: 6 (KTH), 1 (Columbia); exam• Teaching:

– Voice Over IP, Sensor Networks, Wireless and Mobile Nworking, Mobile Personal Communication, Access Poinsonal Communication, Telecommunication and Data Cototal > 3400 students at KTH

– VLSI design, Operating Systems, Artificial IntellegenceTranslators, Computer Organization, Symbolic ComputComputer Networks, … ; total > 700 (Columbia)

• Education: Ph. D. 1983 and M.S. 1981 - both in ComputeB.A., magna cum laude, Physics, Indiana University of Pen


)tsrocessing in the end points.

etwork - where processing is

AN, PAN, Ad hoc, … .

(Now) we think about aconverged network whichis aglobal network

k

t

terminal


Voice over IP (VoIPVoIP is an End-to-End Architecture which exploip

Unlike the traditional Public Switch Telephony Ndoneinside the network.

Network Convergence:

VoIP, largelyindependent of the underlying network, i.e., LAN, Cellular, WL

In the past, many different networks -each optimized for aspecific use: POTS, data networks (such as X.25), broadcastradio and television, … and each of these in turn often hadspecific national, regional, or proprietary implementations)

⇒

CODEC

IP stack

radio

CODEC

IP stac

etherne

Cellular IP terminal Fixed IP

VoIP server

call/sessionrouting

IP cloud

IP end-to-end


for VoIP

handsets controlled by thees onany platform

edia contentin digital form

s

Implementation

H.323

Softswitches

ession Initiation Protocol (SIP)


Three major alternatives

SIP⇒ a change from telephony’s “calls” betweennetwork to “sessions” which can be betweenprocessanywherein the Internet and with bothcontrol andmand hence can be easily manipulated.

• thus a separate voice network is not necessary• open and distributed nature enables lots of innovation

– since both control and media can be manipulated and– “events” are no longer restricted to start and end of call

Concept

Usesignalling concepts from the traditional telephony industry

Usecontrol concepts from the traditional telephony industry

Use an internet-centricprotocol S


atacom

cols andpacket formatsnal statetate are soft-state and dynamically built based on traffic

the network

ment⇒ integrity of communications isof the end node,not the network

added by anyonerovided byany nodeattached to the network

hoice of services

rol⇒ no one can easily turn it off

class”, business, & consumer equip.gh availability >99.99% (50 min./year unavailability)

ilability >99% (several days/year of unavailability)

is extremely high availability because most of thereindependent

very fast changengs at 18 or 9 months!

role of operators is operator)


Traditional Telecom vs. DCircuit-switched Packet-switched

standardizedinterfaces standardizedprotolots of internal state (i.e., each switch & other networknodes)

very limited inter• caches and other s

• no session state in

long setup times - since the route (with QoS) has to be setup from end-to-end before there is any further traffic

End-to-End Arguthe reponsibility

services: builtinto the network⇒ hard to add new services• operators decide what services users can have

• all elements of the net have to support the service before it can be introduced

• Application programming interfaces (APIs) are often vendor specific or evenproprietary

Services can be • since they can be p

• users control their c

centralized control no central cont

“carrier class” equipment and specifications• target: very high availability 99.999% (5 min./year of unavailability)

• all equipment, links, etc. must operate with very high availability

a mix of “carrier • backbone target: hi

• local networks: ava

• In aggregate - therenetwork elements a

long tradition of slow changes• PBXs > ~10 years; public exchanges ~30yrs

short tradition of • Moore’s Law doubli

clear operator role (well enshrined inpublic law) unclear what the(or evenwho is an


honyuld carriers worry?”1 nicely

re ⇒ Content-neutralhe large margins which

d landline): $1.70/MB”

can offer phone services traffic

s2

can create a service

uate Course "Internet Multimedia", University of Oulu, 3-6

f FCC regulations, free to develop new solutions to addressHands-Off VoIP" Bill, Internetweek.com, January 12, 2004


VoIP vs. traditional telepHenning Schulzrinne in a slide entitled “Why shostates the threats to traditional operators:

• Evolution from application-specific infrastructubandwidth delivery mechanism - takes away tthe operators are used to (and want !):

– “GPRS: $4-10/MB, SMS: >$62.50/MB, voice (mobile an

• Only operators can offer services ⇒ Anybody• SIP only needs to handle signaling, not media

• High barriers to entry ⇒ No regulatory hurdle

In addition to this we can add:

• Only vendors can create services ⇒ anybody

1. Henning Schulzrinne, “When will the telephone network disappear?”, as part of Intensive GradJune 2002.

2. J. Sununu said “VoIP providers should be free from state regulation, free from the complexity osocial needs, and free to amaze consumers.” E-BUSINESS: New Hampshire Senator Readies, "http://www.internetweek.com/e-business/showArticle.jhtml?articleID=17300570

http://www.internetweek.com/e-business/showArticle.jhtml?articleID=17300570




tion

an operator

al/national network to the same


VOIP Modes of Opera• PC to PC• PC-to-Telephone calls• Telephone-to-PC calls• Telephone-to-Telephone calls via the Internet• Premises to Premises

• use IP to tunnel from one PBX/Exchange to another

• Premises to Network• use IP to tunnel from one PBX/Exchange to a gateway of

• Network to Network• from one operator to another or from one operator’s region

operator in another region or nation


Packetsnsport Protocol (RTP) packet

frame.

ith the same time relationshipects of real-time delivery:

pe {often based on the sampling rate}.

Implementation

d sequence number

to time stamp

fo


VoIP details: Protocols andCarry the speech frame inside an Real-Time Tra

Typical packetization time of 10-20ms per audio

A real-time application⇒ data must be delivered was it was created (all be it with a delay). Two asp

The timestampgranularity (i.e., the units) are determined by the payload ty

Concept

Order data should be played in the same order as it was create

Time the receiver must know when to play the packets, in orderreproduce the same signal as was input

IPv4/6 UDP RTP CODEC in20/40 octets

~33 octets

8 octets 12 octets

40/60 octets


ality”aed sampling rate, typically

voice coding

d could havehigher or loweravailable bandwidth between the

fers is quality which is:

still acceptable)

systems.

ear Predictive Coding (LPC), code-excited0: RPE/LTP (residual pulse excitation/long terms DVI ADPCM Wave Type, ITU’ G.721, ITU’sch at 16 kbit/s using low-delay code excitedy streams, defined in ISO standards ISO/IEC


VoIP need not be “toll quPublic Switched Telephony System (PSTN) usesfix8kHz and coding to 8 bits, this results in 64 kbps

However, VoIP isnot limited to using this coding andata rates depending on the CODEC(s) used, theend points, and the user’s preference(s).

One of the interesting possibilities which VoIP of

• better that “toll grade” telephony or• worse than “toll grade” telephony (but perhaps

This is unlike thefixed quality of traditional phone

Audio Encodings: G.711 A-law, G.711 mu−law, 8 bit linear, 16 bit linear, Linlinear prediction (CELP) -- Federal Standard FED-STD 1016, GSM 06.1prediction) coding at a rate of 13 kb/s , Interactive Multimedia Association’G.722: 7 kHz audio-coding within 64 kbit/s, ITU’s G.728: Coding of speelinear prediction, MPEG-I or MPEG-II audio encapsulated as elementar11172-3 and 13818-3, variable-rate version of DVI4, …


(jitter)dio), includes the encoding,

ing/routing, receiving,)+

y in the final receiver.rder tohide the delayck delay > delay variance

y on peceived voice quality, seePerformance Monitoring”,mber 2, April, 2001, pp. 9-24.

ehaviors, thus

ry natural, while aboveing down ⇒ simplex)


Delay and delay varianceThe end-to-end delay (from mouth to ear - for au

packetization, (transmission, propagation, switchdejittering, decoding, playing

To hide the jitter we generally use playout bufferonlNote: This playout bufferadds additional delay in ovariations (this is called:delayed playback), playba

There are very nice studies of the effects of delaR. G. Cole and J. H. Rosenbluth, “Voice over IP Computer Communications Review, Vol. 21, Nu

• the delay impairment has roughly two linear b

• for delays less than 177ms, conversation is vethis it become more strained (eventually break

Id 0.024d 0.11 d 177.3–( )H d 177.3–( )+=

d one-way delay in ms=

H x( ) 0= if x 0<( ) else H x( ) 1= when x 0≥


s it varies during a

ed on observed average this computation isCPining the timestamps is being done at the

hance to catch-uphe receiver’s clock the queue

pling in PC’s codecs is rarely


Playout delay• Playout delay should track the network delay a

session• This delay is computed for each talk spurt bas

delay and deviation from this average delay --similar to estimates of RTT and deviation in T

• Beginning of a talk spurt is identified by examand/or sequence numbers (if silence detectionsource)

• The intervals between talk spurts give you a c• without this, if the sender’s clock were slightly faster than t

would build without limit! This is important as the 8kHz samexactly 8kHz.


l time, only of the end-to-end

orking Performance of Multimedia Delivery on Systems Multimedia, Dept. of CS, Univ. ofre9.pdf

networkdelay

jitter-bufferdelay+ +

d latency

RTPMessage


When to playThe actual playout time isnot a function of the arrivadelay which can be calculated as shown below:

Figure adapted from slide 11 on page 6 of Kevin Jeffay, “Lecture 9: Netwthe Internet Today”, Lecture notes for COMP 249: Advanced DistributedNorth Carolina at Chapel Hill, November 9, 1999.http://www.cs.odu.edu/~cs778/jeffay/Lectu

samplegeneration

time+

local clocksynchronization

correction

senderpackaging

delay

playout time =

+

end-to-en

NTP Clock

RTP Clock

Playout

RTCPMessage

Receive

http://www.cs.odu.edu/~cs778/jeffay/Lecture9.pdf


Recoveryhave time to request the sourceylive without it or recover itfficient redundant data to

sion at the cost of a longer delay

any samples to play:

st samples {as humans getction is broken!}will produce very noticable errors

ing losses), such as those used inimedia/software/rat/


Retransmission, Loss, and For interactive real-time media we generally don’tto retransmit a packet and to receive the new cop⇒using Forward Error Correction (FEC), i.e., send suenable recovery.

Fornon-interactive media we can use retransmisbefore starting playout

If you do have to generate output, but don’t have

• audio• Comfort noise: play white nosie or play noise like in the la

uncomfortable with complete silence, they think the conne• if you are using highly encoded audio even a BER of 10-5

Various techniques for loss concealment (i.e., hidtheUCL’s Robust Audio Tool (RAT)http://www-mice.cs.ucl.ac.uk/mult

http://www.cs.odu.edu/~cs778/jeffay/Lecture9.pdf

http://www-mice.cs.ucl.ac.uk/multimedia/software/rat/

14 of 42

(SIP)

s

g transport

ans can read them)and called parties

messaging, presence,

RTP itself, butsessionscan

teractive sessions

vide information about a call,, multicast addresses, etc.

Maguire IVA-Syd-20040303c.fm5

Session Initiation Protocol • Defined in RFC 3261 http://www.ietf.org/rfc/rfc3261.txt

• provides application layer signaling• Used to establish , modify , and terminate multimedia session

• can utilize UDP, TCP, TLS, SCTP, … for underlyin• HTTP-like

• uses textual rather than binary (ala H.323) messages (⇒ hum• uses Uniform Resource Indicators (URIs) to designate calling

• target applications : voice, video, gaming, instantcall control1, …

SIPonly coverssignalingparts of H.323. Does not useuse RTP.

• SIP provides ability to discover remote users and establish in• Does not ensure QoS or deliver large quantities of data

SIP uses SDP (Session Description Protocol) to prosuch as, the media encoding, protocol port number

1. Largely taken from Advanced Intelligent Network (AIN).

http://www.ietf.org/rfc/rfc3261.txt

15 of 42

unt) user agent in a (long)ith respect to securityues, …)

ites Bob to a SIP session:

Maguire IVA-Syd-20040303c.fm5

Is SIP simple?• 25 RFCs (for SIP and SDP) - total of 823 pages• RFC3261 is longest RFC ever (based on byte co• There are claims that one can still build a simple

evening, but there is substantial work required w(due to TLS, S/MIME, AAA, Denial of Service iss

SIP timeline - showing a simple version of Alice invAlice BobInvite

OK,200ACK

Bye

media session


P

n RFC 2326 - remote mediaemote VCR/DVD/CD player).

streamingapplications

CODECs

RTSP

TCP

source - this enables the sources to beadaptive coding algorithm the source cang at the endpoint.

bout a session


SIP, RTP, and RTS

RTP Control Protocol (RTCP)

Real Time Streaming Protocol (RTSP), defined iplayback control (think in terms of controlling a r

audio/videoapplications

signaling and control

video, audio, …CODECs RTCP

SDP

RTP SIP

UDP

IP

[upward] enables endpoints to provide meta-information to theadaptive to the endpoints. For example, by using an accommodate the actually data rate of packets arrivin

[downward] enables sources to send the endpoints information a


teways

☎PSTN

Mobile

MD110

PBX

Frame relay, ATM, …

Signaling Gateway - convert from the signaling usein one network to that of the other

Media Gateway - convert the media format from thused in one network to that of the other


SIP actors

Figure 1: SIP Actors

Called, PresentityCaller, Watcher

Local

Media, Messages

INVITE

Network Proxy

NOTIFY

SUBSCRIBE

GaForking

LocalProxyProxy

INVITE

INVITE


Codes

.

des:

INVITE.

r know the location of a user.

rocess the request acceptedlete the request

lfilled at this server (Try another server!)ive up!)


SIP Methods and Status

At least 8 additional methods have been defined

SIP Status codes - patterned on and simular to HTTP’s status co

Method Purpose

INVITE Invites a user to join a call.ACK Confirms that a client has received a final response to anBYE Terminates the call between two of the users on a call.OPTIONS Requests information on the capabilities of a server.CANCEL Ends a pending request, but does not end the call.REGISTER Provides the map for address resolution, this lets a serve

Code Meaning

1xx Informational or Provisional - request received, continuing to p2xx Final - the action was successfully received, understood, and3xx Redirection - further action needs to be taken in order to comp4xx Client Error - the request contains bad syntax or cannot be fu5xx Server Error - server failed to fulfill an apparently valid request6xx Global Failure - the request cannot be fulfilled at any server (G


tors (URIs)sses: user@domain

omain

es a specific device)[email protected] KTH phone number in E.164hone number (dashes, dots, etc.)


SIP Uniform Resource IndicaURI’s have the same basic form as e-mail addre

Two URI schemes:

• SIP URI - introduced in RFC 2543• example: sip:[email protected]

• Secure SIP URI - introduced in RFC 3261• example: sips:[email protected]• Requires TLS over TCP as transport for security

Two types of SIP URIs:

• Address of Record (AOR) (identifies a user)• example: sip:[email protected]• Need DNS SRV records to locate SIP Servers for kth.se d

• Fully Qualified Domain Name (FQDN) (identifi• examples: sip:[email protected] or sip:magui• sip:[email protected]; user=phone the ma

format via a gateway; note that the visual separators in a pare ignored by the protocol


ersion)

K776asdhds

contains:

is for:


SIP Invite (method/URI/vINVITE sip:[email protected] SIP/2.0Via: SIP/2.0/UDP pc33.atlanta.com:5060;branch=z9hG4bTo: Bob <sip:[email protected]>From: Alice <sip:[email protected]>;tag=1928301774Call-ID: a84b4c76e66710CSeq: 314159 INVITEContact: <sip:[email protected]>Content-Type: application/sdpContent-Length: 142

(Alice’s SDP not shown)

Start Line is the first line of a SIP message which

• method or Request type: INVITE• Request-URI which indicates who the request

sip:[email protected]• SIP version number: SIP/2.0


redIP request is to computeuser at a specific

SIP’s power.

kup


Issues to be conside• Address Resolution - first step in routing the S

the mapping between the URI and a specific host/address.• This is a very general process and the source of much of • Provides support for mobility and portability• Can utilize: DNS SRV lookup, ENUM, Location Server loo

• Session Setup• Media Negotiation• Session Modification• Session Termination• Session Cancellation• Mid-call Signaling• Call Control• QoS Call setup


rversld be a SIP phone, a

pecific parts of a SIPrver closer to the

wer; can also forward severaltateful ).

requestceives incoming requests)

act an alternate URIquests updates LSng and queried by

ate (inbound) proxy.database


Several types of SIP Se• User agent server runs on a SIP terminal (cou

PDA, laptop, …) - it consists of two parts:• User Agent Client (UAC): initiates requests• User Agent Server (UAS): responds to requests

• SIP proxy - interprets (if necessary, rewrites srequest message) before forwarding it to a sedestination:• SIP stateful proxy server - remembers its queries and ans

queries in parallel (can be Transaction Stateful or Call S• SIP stateless proxy server• They ignore SDP and don’t handle any media (content)• Outgoing proxy: used by a user agent to route an outgoing• Incoming proxy: proxy server which supports a domain (re

• SIP redirect server - directes the client to cont• Registrar server - receives SIP REGISTER re• Location server (LS) - knows the current bindi

proxies to do their routing• SIP can also use DNS SRV (Service) Records used to loc• note in RFC 2543: a location server is a generic term for a


n,

User Agent B

cation Server

SIP

boundroxy Server

User Agents}

Proxy servers}

Other servers}


SIP Trapezoid 1

Figure 2: SIP Trapezoid

1. From the lecture notes “SIP Tutorial: Introduction to SIP” by Henry Sinnreich and Alan Johnsto

http://smuhandouts.com/8393/SIPTutorial.pdf

User Agent A

Lo

OutboundProxy Server

DNS

Media(RTP)

SIP

InPSIP

DNS Server

SIP



ont device and location

tion to "just anyone", butearn of it


Purpose of registratiUser B registers in order to establish their curren

• Only their location server need know• Therefore this scales well• The location server need not disclose this loca

can apply various polices to decide who can l


headers:

ailsile

Preferences on page 242.

-SIP)

Location server

n-SIP)

-SIP)

n-SIP)

n-SIP)

n-SIP)

Registrar updateslocation server withuser’s location

User moves homeandclears all their

User re-REGISTERsat home


REGISTERing

REGISTER request includes one or moreContact Contact: <sip:[email protected]>;class=personalContact: <sip:[email protected]>;feature=voicemContact: <sip:[email protected];user=phone>;class=businesContact: <sip:[email protected];user=phone>;mobility=mobContact: <tel:+13145551212>Contact: <mailto:[email protected]>

Details at: Sinnreich & Johnston, pp. 78-79 andUser

1. REGISTER2. Update (non

User Agent (office) Registrar Server

4. 200 OK 3. Response(noUser

5. REGISTER6. Update (non

7. Response(no8. 200 OK

9. REGISTER10.Update (no

11.Response(no12.200 OK

Agent (home)


pt 1

B has registered

Johnston,

User Agent B

Location Server

InboundProxy Server

8. Response: sip:[email protected]

9. INVITEinging

13. 200 OK


SIP Call Setup Attem

Figure 3: SIP Call Setup Attempt - when

1. Adapted from the lecture notes “SIP Tutorial: Introduction to SIP” by Henry Sinnreich and Alan


User Agent A

OutboundProxy Server

DNS Server

1. INVITE2. 100 Trying

3. DNS query 4. DNS reply with IPaddress of Inbound Proxy Server

5. INVITE

6. 100 Trying

7. Query for B

11. 180 Ringing

14. 200 OK 10. 180 R12. 180 Ringing

15. 200 OK

16. ACK

Media (RTP)



ith BYE

E

User Agent

ging

OK

K

EOK


SIP Session - terminates w

BYE causes the media session to be torn down.Note:BYE like INVITE is anend-to-end method.

1. INVITE2. INVIT

User Agent Proxy Server

3. 100 Trying

4. 180 Rin

6. 2005. 180 Ringing

7. 200 OK

8. ACK 9. AC

Media Session

10.BYE 11.BY12.20013.200 OK


for HTTP (see RFC 2716), for

tion Required (reponse sent by a

hentication.

information seeSIP Security


AuthenticationBuilds upon authentication schemes developed example challenge/response, digest, …

Two forms:

• user agent-to-user agent• 401 Unauthorized ⇒ Authentication Required

• user agent-to-server• 407 Proxy Authentication Required ⇒ Authentica

proxy/server)

Note: Any SIP request can be challenged for aut

Note: There isno integrityprotection, for additionalon page 254.


atures

01 response

oxies in a Supported or Require

ponse field

ecification.

of RFCs.


SIP Extensions and Fe• Method Extensions

• Unknown methods rejected by User Agent using 405 or 5• Listed in Allow header field• Proxies treat unknown methods as a non-INVITE

• Header Field Extensions• Unknown header fields are ignored by user agents and pr• Some have feature tags registered, these can be declared

header field

• Message Body Extensions• Unknown message body types are rejected with a 406 res• Supported types can be declared with an Accept header• Content-Disposition indicates what to do with it

• Extension must define failback to base SIP sp

⇒ No Profiling is needed• unlike for example, Bluetooth!

SIP Method Extensions are defined in a number


vices

to an INVITE

an INVITE

lls

early media annoucement which contains the URI of the


RFC 3261 - New Ser• Customized ringing

• A trusted proxy can insert an Alert-Info header field in

• Screen Pops• A trusted proxy can insert an Call-Info header field into• URI can be HTTP and can contain call control “soft keys”

• Callback• Reply-to and In-Reply-To header - to assist in returning ca

• Annoucement handling• UAS or proxy need not make a decision about playing an

– Error response contains new Error-Info header fieldannoucement

• UAC makes a decision based on the user’s interface


& Instant

traveling, …

ce, video, …

nce and Instant Communications), Protocols, and Applications.

ssaging platform for thers each week.

oyees - an experimentalging (IM), email, voice,


Beyond the PSTN: PresenceMessaging

• Presence , i.e., Who is available?• Location , i.e., Where are they?: office, home,• Call state : Are they busy (in a call) or not?• Willingness : Are they available or not?• Preferred medium : text message, e-mail, voi• Preferences (caller and callee preferences)

See Sinnreich and Johnston’s Chapter 11 (Prese& course2G5565 Mobile Presence: Architectures

• Reuters has deployed a SIP-based instant-mefinancial services industry that has 50,000 use

• IBM’s NotesBuddy application for ~315k emplmessaging client that integrates instant messaand other communication.


vices

onal time”

roup chat sessions, …f people are all available

ensions (SIMPLE)charter.html


Presence-Enabled Ser• Complex call screening

• Location-based: home vs. work• Caller-based: personal friend or business colleague• Time-based: during my “working hours” or during my “pers

• Join an existing call ⇒ Instant Conferencing, g• Creating a conference when a specific group o

and willing to be called• New services that have yet to be invented!• SIP Messaging and Presence Leveraging Ext

Working Group http://www.ietf.org/html.charters/simple-

http://www.ietf.org/html.charters/simple-charter.html


alling protocol (Release5)resence mechanism

GPP and IETF points of view

umber of new components: Proxy Call Session (I-CSFC), Serving Call Session Controlr (AS), Subscription Locator Function (SLF),unction (MGCF), and Media Gateway (MGW)

lide 5.

s the network


Significance• In July 2002, 3GPP adopted SIP for their sign• 3GPP adops SIMPLE as instant messaging/p

(Release6)

While there are some differences between the 3

Not suprisingly the 3GPP system for using SIP is rather complex with a nControl Function (P-CSFC), Interrogating Call Session Control FunctionFunction (S-CSFC), Home Subscriber Server (HSS), Application ServeBreakout Gateway Control Function (BGCF), Media Gateway Control F

From Henning Schulzrinne, “SIP - growing up”, SIP 2003, Paris, January 2003, s

3GPP IETF

Network does not trust the user User only partially trust

layer 1 and layer 2 specific generic

walled garden open access

http://www.ietf.org/html.charters/simple-charter.html


e”

quipment vendors


Programmable “phonProgramming environments

• Symbian• Java• Linux• …

Avoids lock-in driven by operators and telecom e

Greatly increases numbers of developers

⇒ more (new) services

⇒ more security problems


sed in the test

fferent properties

byte RTP payload lengthKbps), i.e., 20 ms

tion (with Replay Protection)nfidentiality and HMAC SHA1 for

ntication key: 16 bytes;


Erik Eliasson’s miniSIP - as uminiSIP supports pluggable CODECs:

• each RTP packet says which codec was used• SDP can specify multiple codecs each with di

(including better than toll quality)• tests used PCM ⇒ sending 50 packets of 160

(packet size is 176 bytes) per second (i.e. 64 between packets• time to transmit/receive a packet ~55-60 µs• Laptop ASUS 1300B with Pentium III processor, 700 MHz• 112 MB RAM (no swapping)• Operating System: SuSE Linux 7.1 Personal Edition• Security Services: confidentiality and message authentica• Cryptographic Algorithms: AES in Counter Mode for the co

the message authentication• Lengths: master key: 16 bytes; salting key: 14 bytes; authe

encryption key: 16 bytes; block: 128 bytes


P) for securing theortr IP, M.Sc. Thesis, June 2003.port.pdf

crypto)

ag if message authentication is to

hput 20Mbps)s 240 µs

iorcket from the socket.cryptographic context to be usedsession keys from master key (via MIKEY)tication and replay protection are provided, replay and verify the authentication tagrypted Portion of the packet authentication tag

packet up the stack


Secure Real Time Protocol (SRTmedia data transp

Israel M. Abad Caballero,Secure Mobile Voice oveftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/030626-Israel_Abad_Caballero-final-re

• AES CM (Rijndael) or Null Cipher for encryption (using lib• HMAC or, Null authenticator for message authentication• SRTP packet is 176 bytes (RTP + 4 for the authentication t

be provided)• Packet creation: RTP 3-5 µs; RTP+SRTP 76-80 µs (throug

– ~1% of the time there are packets which take as long a

Sender behavior Receiver behavRead the SRTP pa

Determine cryptographic context to use Determine the Derive session keys from master key (via MIKEY) Determine the

If message authencheck for possible

Encrypt the RTP payload Decrypt the EncIf message authentication required,compute authentication tag and append

If present, remove

Send the SRTP packet to the socket Pass the RTP

ftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/030626-Israel_Abad_Caballero-final-report.pdf


EY) as the keycol

er IP, M.Sc. Thesis, Dec. 2003.

Q under linux

laptops)p.com and ssvl.kth.se to their

ting, and each router also runs a

laptops,running Linux 2.4

Answering Delay 9.5

10.5

7.6 (UDP)

8.9 (TCP)

pt’04: Modeling and Optimization in Mobile, Ad Hocand


Multimedia Internet KEYing (MIKmanagement proto

Johan Bilien,Key Agreement for Secure Voice ovftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/031215-Johan-Bilien-report-final-with-cover.pdf

Extends earlier thesis - Runs on a Laptop or iPA

Secure Call Setup 1

• name-servers (BIND 8.2 on Linux 2.4, 500 MHz Pentium 3• root name-server ns.lab manages the delegation of minisi

respective name server• two routers (1.1 GHz Celeron desktops) perform static rou

SIP server, SIP Express Router (SER v0.8.11))• Alice and Bob use minisip, running on 1.4 GHz Pentium 4

Total delay (in ms) Calling DelayNo security 19.5

MIKEY, shared key 20.9

MIKEY, Diffie-Hellman 52.5 (UDP)

58.9 TCP)

4

4

1. Johan Bilien, Erik Eliasson, and Jon-Olov Vatn, “Call establishment Delay for secure VoIP”, WiOWireless Networks, University of Cambridge,UK, 24-26 March, 2004

ftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/031215-Johan-Bilien-report-final-with-cover.pdf


Privacyre feasible

form, it will be trivial to provideparticipants want to), SRTP, MIKEY, …-bit Advanced Encryption

on privacy in mobile internetwork-

in the context of the European


Communications and • Encryption as the norm - even onetime pads a

• Since all speech and other media content will be in digital encryption and authentication of all communication (if the

• traditional public telephony less secure than using: VPNs• For WLANs: IEEE 802.11i security features along with 128

Standard (AES) encryption, …

• Identity hiding• Authentication when you mutually want to

• Mobile presence has to be done carefully• Anonymous network access• Location hiding & Privacy

• Alberto Escudero-Pascual, http://www.it.kth.se/~aep– Anonymous and Untraceable Communications - Locati

ing, Licentiate Thesis, June 2001– Privacy in the Next generation Internet: Data Protection

Union Policy, Dissertation, Dec. 2002

• Location mis-direction ⇒ End of Sovereignty• Traffic pattern hiding• Traffic hiding


ailablely spend time? in X% of these places?

ces you have WLAN

s?

ng dissertation


If WLANs are widely av• How many different places to do you frequent• What would happen if you had WLAN access

(perhaps with X > 90%)• What if you also had VoIP service in all the pla

access?• For example, via a Cisco Wireless IP Phone 7920

⇒ Is there a business case for 3G in urban area

⇒ Is there a business case for 3G anywhere?

Handoffs for real-time media: J-O Vatn’s upcomi


PRS systemhttp://csd.ssvl.kth.se/monaco/main.htm)

IP

onfiguration as users move aboutgs around them - Adaptive and

ing a 3D (or 4D) audio

ser movements (i.e., classes,

services do theyneed? Howachers, staff, … .


Future workTo combine:• Mobility : WLAN + GPRS (via a private complete GSM/G

• Security: IPsec, TLS, SRTP+MIKEY, … + SIP⇒ secure Vo

• Context and location awareness: minimizing manual (re-)cand facilitating their interaction with each other & the thinContext-Aware Services (ACAS)1

⇒ New services: such as audio services - managenvironment, automatic call diversion, …

In a challenging environment ofsocially correlatedumeetings, etc.)

Questions: What services do studentswant? Which will this change interactions with other students, te

1. http://psi.verkstad.net/acas/ (part of AWSIhttp://www.wireless.kth.se/AWSI/)

http://psi.verkstad.net/acas/

http://www.wireless.kth.se/AWSI/

http://csd.ssvl.kth.se/monaco/main.htm


interaction while on the

uting andsible to have multiplelity to use force interaction, andvices which people will

ffects of correlation and1.


• Why audio? Because users can utilize audiomove

• Why PDAs? Because they support both compcommunication in a small form-factor, it is poswireless interfaces, audio is good enough quaentertainment (MP3files, streaming audio, voiinteractive voice), and we can have enough deuse on the move to start to understand the ethe demands on the underlying infrastructure

1. HP grant “Applied Mobile Tech. Solutions in Learning Environments”


for:

): SIP and related

egulatory issues, M.Sc.skar_Bergquist-Report.pdf

Practical VoIP: Using

t Communications Using with Session Initiation

ary (VOCAL) system -

rg/ser/


¿Questions?For details, references, … see my lectures notes

• 2G1325/2G5564 Practical Voice Over IP (VoIPprotocols http://www.imit.kth.se/courses/2G1325/

• Magnus Sjöstedt and Oskar Bergquist, VoIP rThesis, June 2003 ftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/030627-Magnus_Sjostedt-and-O

Books

• Luan Dang, Cullen Jennings, and David Kelly,VOCAL, O’Reilly, 2002, ISBN 0-596-00078-2

• Henry Sinnreich and Alan B. Johnston, InterneSIP: Delivering VoIP and Multimedia ServicesProtocol, Wiley, 2001, ISBN: 0-471-41399-2.

Software

• Vovida Open Communication Application Librsource code available from vovida.org

• SIP Express Router (SER) - http://www.iptel.o• …

http://www.imit.kth.se/courses/2G1325/

ftp://ftp.it.kth.se/Reports/DEGREE-PROJECT-REPORTS/030627-Magnus_Sjostedt-and-Oskar_Bergquist-Report.pdf

voice over ip: security and mobility

Documents