SIP Security

In recent years I’ve been working on developing secure VoIP protocols to protect against wiretapping. But I’m not really a VoIP guy. I’m a crypto guy trying to learn about VoIP. And one of the first things I learned about VoIP is the lack of security. Not just security against wiretappers. VoIP can be attacked in so many ways. A call center can be targeted in a distributed denial of service attack. You can get a hundred telemarketing calls a day at home, with the calls originating where labor is cheap, out of reach of domestic laws prohibiting unwanted telemarketing calls. Or criminals can penetrate your PBX and make countless PSTN calls from your phone number, at your expense. And, of course, you can be wiretapped from criminals on the other side of the world. It’s appalling how much worse VoIP is compared to the PSTN. If these problems aren’t fixed, VoIP is going nowhere.

Yet VoIP is regarded by many as the manifest destiny of telephony, and for good reason. It’s so much cheaper, it allows so many extra features, like video teleconferencing, and can be intelligently managed by computers under your own direct control. It puts the control back in the end user’s hands, reducing the monopolistic power of the phone company. It just feels so right. It’s obviously where telephony will go.

How do we reconcile these two opposing trends? Well, clearly the answer is we have to fix VoIP security. We just have to. That means a lot of engineers who work on VoIP are going to have to get up to speed on security, and start thinking like security professionals. If you want to develop VoIP applications, you need to read books like the one you’re holding. This one covers a lot of the problems and solutions.

I looked at the crypto topics first. They do a good job showing the complexity in building and maintaining a PKI. They cover a number of crypto protocols in a great detail, including my own ZRTP protocol. Some of these protocols are used outside of VoIP, so this book is useful for those who want to see how crypto can be used in other applications. It’s a nice crypto tutorial in its own right. Just as a source book on a number of influential crypto protocols, it’s useful to have on your bookshelf. And it covers how these can be applied to VoIP. The authors have implemented the well-regarded SIP Express Router, and have run iptel.org, giving them a broad hands-on perspective on implementing SIP applications.

After treading the familiar ground of the crypto related topics, I started looking at the rest of the book. The real strength of this book lies in the the vast panorama of attacks on VoIP systems, each described in meticulous detail. With their hands-on experience running a VoIP service, these guys have see it all. I’ve never seen such an encyclopedic survey of real-world attacks on VoIP systems, exactly how and why the attacks work, and the known countermeasures to those attacks. I noticed that some attacks seemed to have no countermeasures, but at least you will know how they work in detail.

In any arms race, the warring parties develop an evolving body of knowledge over time, like the knowledge embedded in the genomes of cheetahs and gazelles that led to them both learning to run so fast. If you attempt to enter the field without the benefit of that hard-earned knowledge, you will become the lunch entree. This book will let you preload your arms race genome to merge into the ongoing melee in midstream, and maybe not become lunch. Sadly, so many of your colleagues in the VoIP industry will become digestible protein to the attackers, but you may be saved from that fate by your good fortune in reading this book.

So for me, coming to VoIP from another discipline, this book has helped get me up to speed on VoIP, and on the non-crypto attacks on VoIP. A lot of engineers are coming to VoIP for the first time, and need to get smart on the problems and threat models of VoIP. This book is a good way to get there.

Philip Zimmermann
Jan 2009