Chapter 11 - Security on the Internet

According to the traditional definition, network security comprises integrity, confidentiality, and availability. Message integrity ensures that if an unauthorized party modifies a message between the sender and the receiver, the receiver is able to detect this modification. In addition to message integrity, integrity mechanisms always provide some type of proof of data origin. Knowing that a message has not been modified without knowing who initially created the message would be useless. ...
Nội dung trích xuất từ tài liệu:
Chapter 11 - Security on the Internet Chapter 11Security on the InternetAccording to the traditional definition, network security comprises integrity, confidentiality,and availability. Message integrity ensures that if an unauthorized party modifies a messagebetween the sender and the receiver, the receiver is able to detect this modification. In additionto message integrity, integrity mechanisms always provide some type of proof of data origin.Knowing that a message has not been modified without knowing who initially created themessage would be useless. Confidentiality mechanisms keep unauthorized parties from gaining access to the contentsof a message. Confidentiality is typically achieved through encryption. Denial of Service (DoS) attacks compromise the system’s availability by keepingauthorized users from accessing a particular service. The most common DoS attacks consistof keeping the servers busy performing an operation or sending the servers more traffic thanthey can handle. SIP provides several security mechanisms to address integrity, confidentiality, andavailability. Some of the security mechanisms come from the world of the web, some comefrom the world of email, and some of them are SIP-specific. We analyze these mechanismsin the following sections and describe how they relate to the three security properties justdescribed.11.1 HTTP Digest Access AuthenticationThe first problem a SIP server faces is authenticating users who are requesting services.SIP has inherited an authentication mechanism from HTTP called HTTP Digest AccessAuthentication (specified in RFC 2617 [145]). In the SIP context the server authenticatingthe user (i.e., the caller) can be a proxy, a registrar, a redirect server, or a user agent(the callee’s user agent). The WWW-Authenticate and Authorization header fields areused with registrars, redirect servers, and user agents, and the Proxy-Authenticate andProxy-Authorization header fields are used with proxies. When using HTTP Digest Access Athentication the client and the server have a sharedsecret (e.g., a password), which is exchanged using an out-of-band mechanism. When aserver at a given domain receives a request from a client the server challenges the client toprovide valid credentials for that domain. At that point the client provides the server with ausername and proves that the client knows the shared secret.The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds Third EditionGonzalo Camarillo and Miguel A . Garc ıa-Mart´n ´ ı© 2008 John Wiley & Sons, Ltd. ISBN: 978-0-470-51662-1 CHAPTER 11. SECURITY ON THE INTERNET278 An obvious way for the client to prove that it knows the shared secret would be to sendit to the server in clear text (i.e., without any encryption). In fact, this is what HTTP basicaccess authentication (also specified in RFC 2617 [145]) does. Nevertheless, the securityrisks created by sending passwords in clear text are obvious. Any attacker that managesto gain access to the message carrying the shared secret gains access to the shared secretitself. Previous SIP specifications allowed the use of basic authentication, but it has nowbeen deprecated for some time. The use of HTTP Digest Access Authentication is currentlyrecommended instead. Clients using digest can prove that they know the shared secret without sending it overthe network. Digest uses hashes and nonces for this purpose. A hash algorithm is a one-wayfunction that takes an argument of an arbitrary length and produces a fixed length result, asshown in Figure 11.1. The fact that hash algorithms are one-way functions means that it iscomputationally infeasible to obtain the original argument from the result. Two popular hashalgorithms are MD5 (specified in RFC 1321 [263]) and SHA1 (specified in RFC 3174 [127]).A nonce is a random value that is used only once. Hash function abd45gx534 This is a short text. Computationally 6hbcRsQ3jP infeasible Fixed length output This text is not that Hash function short. Many would gyE4n9BawH Computationally even say that it is fairly JK3AiBxZfh infeasible long. Figure 11.1: Hash function Figure 11.2 shows how digest uses hashes and nonces. Alice sends an INVITE (1) requestaddressed to Bob through her outbound proxy (at domain.com). The proxy challenges theINVITE with a 407 (Proxy Authentication Required) response (2). The proxy includes aProxy-Authenticate header field with a set of parameters. The realm parameter indicatesthe domain of the proxy server, so that the client knows which password to use. The qop(quality of protection) parameter indicates that the server supports integrity protection foreither the request line alone (auth) or for both the request line and the message body(auth-int). The server provides the client with a random nonce in the nonce parameter.The algorithm parameter identifies the hash function (MD5, in this example). When the client receives the response it issues a new INVITE (3) with a Proxy-Authori-zation header field. The Proxy-Authorization header field contains a set of parameters.The response parameter is especially interesting. It contains a hash comprising, amongother things, the username, the password, the server’s nonce, the client’s nonce (cnonceparameter), and the request line. When the auth-int qop is chosen the message body is alsofed into the hash algorithm to ge ...