[VOIPSEC] [Fwd: draft-state-sip-relay-attack-00]

Ali Fessi fessi at net.in.tum.de
Wed Mar 4 10:15:07 CST 2009 

Hi Raphael, and authors of the draft,

first, thanks for pointing out to these attacks. I think one of the 
major security threats, that the attacks you described in the draft are 
based on, is the is that SIP entities do not always verify the identity 
of the communication party. This occurs, for example, in message F5 
(Figure 1) where Bob is talking to proxy.com and is impersonating 
Alice's UA. And this occurs again, in message F8 when Bob is talking to 
Alice and imporsonating the proxy.

One possible way to alleviate the problem could be that UAs must verify 
the identity of the other party, e.g. with a TLS tunnel and a 
certificate, before replying to a challenge (this would prevent Alice UA 
to reply to the challenge coming from Bob in message F8).

Best regards,
 Ali


Raphael Coeffic wrote:
> Hello,
>
> This email has been sent to the SIP mailing list. The first disclosure
> of the attack was on the VOIPSEC mailing list.
>
> Regards,
> Raphael Coeffic.
>
> -------- Original Message --------
> Subject:     draft-state-sip-relay-attack-00
> Date:     Wed, 04 Mar 2009 11:34:39 +0100
> From:     Raphael Coeffic <rco at iptel.org>
> To:     sip at ietf.org
>
>
>
> Hello,
>
> a new internet draft has been published concerning the relay attack on
> digest authentication and SIP. The attack itself has been first
> disclosed 2 years ago by the maydnes team from the french INRIA. Until
> now, no document has been pushlished that documents the attack and
> provides guidance to SIP operators or handset manufacturers.
>
> http://tools.ietf.org/html/draft-state-sip-relay-attack-00
>
> The appropriate mitigations of problem resolutions are still not 100%
> clear. We hope that this draft can help start a discussion on how to
> best resolve this problem.
>
>
> Regards,
>
> Raphael Coeffic.
> (on behalf of all the authors of this draft)
>
> --------------------------------------------------------------------------------------------------- 
>
>
> Filename:       draft-state-sip-relay-attack
> Version:       00
> Staging URL:     
> http://www3.ietf.org/proceedings/staging/draft-state-sip-relay-attack-00.txt 
>
> Title:           SIP digest authentication relay attack
> Creation_date:       2009-03-02
> WG ID:           Indvidual Submission
> Number_of_pages: 18
> Abstract:
> The Session Initiation Protocol (SIP [RFC3261]) provides a mechanism
> for creating, modifying, and terminating sessions with one or more
> participants.  This document describes a vulnerability of SIP
> combined with HTTP Digest Access Authentication [RFC2617] through
> which an attacker can leverage the victim's credentials to send
> authenticated requests on his behalf.  This attack is different from
> the man-in-the-middle (MITM) attack and does not require any
> eavesdropping, DNS or IP spoofing.
>
>
>
>
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org


-- 
Ali Fessi
Chair for Network Architecture and Services
Computer Science
Technical University of Munich, Germany
Phone: +49 (89) 289 18009 / Fax: +49 (89) 289-18033
EMail: fessi at net.in.tum.de
Web: http://www.net.in.tum.de/~fessi

More information about the Voipsec mailing list