Abstract
These last few years, the security of VoIP architectures has become a sensitive issue with many vulnerability announcements. This article first aims to distinguish the threats and the applicable protection mechanisms depending on the underlying VoIP architecture. We then investigate the properties of a specific class of existing call establishment mechanisms based on tokens or tickets. In the last section, an enhancement to these mechanisms is proposed which lifts some of the previously seen limitations, especially the DoS risks, the token storage constraint or the transport impact of large tickets.
Chapter PDF
Similar content being viewed by others
References
Blake, E.A.: Network Security: VoIP Security on Data Network-A Guide. In: Information Security Curriculum Development Conference (2007)
Feijoo, C., Gomez-Barroso, J.L., Rojo-Alonso, D.: A European Perspective of VoIP in Market Competition. Communications of the ACM (November 2008)
Abdelnur, H., et al.: Assessing the security of VoIP Services. In: The 10th IFIP/IEEE Symposium on Integrated Management (2007)
Griffin, S., Rackley, C.: Vishing. In: InfoSecCD’08: Proceedings of the 5th annual conference on Information security curriculum development (2008)
Endler, D., Collier, M.: Hacking VoIP Exposed. McGraw-Hill Osborne Media, New York (2006)
VoIPSA: VoIP security and privacy threat taxonomy. Public Realease 1.0 (October 2005)
Jennings, C., et al.: A SIP Usage for RELOAD. IETF Draft draft-ietf-p2psip-sip-03 (October 2009)
Coarfa, C., Druschel, P.: Performance Analysis of TLS Web Servers. ACM Transactions on Computer Systems, TOCS (2006)
Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 261. Springer, Heidelberg (2002)
Yan, J., Ahmad, A.: A Low-Cost Attack on a Microsoft CAPTCHA. In: Proceedings of the 15th ACM conference on Computer and communications security (2008)
Athanasopoulos, E., Antonatos, S.: Enhanced CAPTCHAs: Using Animation to Tell Humans and Computers Apart. Communications and Multimedia Security (2006)
Yan, J., Ahmad, A.: Usability of CAPTCHAs Or usability issues in CAPTCHA design. In: Symposium On Usable Privacy and Security (SOUPS) (July 2008)
Mathieu, B., et al.: SPIT mitigation by a network level anti SPIT entity. In: VSW’06: Third annual security workshop (2006)
Cerf, V.G.: Spam, Spit and Spim. Communications of the ACM (April 2005)
Hill, J.: The Storm Ahead: How CALEA will turn VoIP on its head. In: InfoSecCD ’06: 3rd annual conference on Information security curriculum development (2006)
Rosenberg, J., Jennings, C.: Verification Involving PSTN Reachability: The ViPR Access Protocol (VAP). Draft IETF draft-rosenberg-dispatch-vipr-vap-00 (November 2009)
Niccolini, S., et al.: SPEERMINT Security Threats and Suggested Countermeasures. Draft IETF draft-ietf-speermint-voipthreats-01 (July 2009)
Rosenberg, J., Jennings, C.: The Session Initiation Protocol (SIP) and Spam. IETF RFC5039
Pathak, A., et al.: Botnet Spam Campaigns Can Be Long Lasting: Evidence, Implications, and Analysis. In: SIGMETRICS ’09: Measurement and modeling of computer systems (2009)
Nassar, M., et al.: Holistic VoIP intrusion detection and prevention system. In: IPTComm ’07: Principles, systems and applications of IP telecommunications (2007)
Fiedler, J., et al.: VoIP defender: highly scalable SIP-based security architecture. In: IPTComm ’07: Principles, systems and applications of IP telecommunications (2007)
Peterson, J., Jennings, C.: Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP). IETF RFC4474 (August 2006)
Rebahi, Y., et al.: Performance analysis of identity management in the Session Initiation Protocol (SIP). In: ACS International Conference on Computer Systems and Applications, AICCSA (2008)
Floroiu, J., Sisalem, D.: A comparative analysis of the security aspects of the multimedia key exchange protocols. In: Principles, systems and applications of IP telecommunications, IPTCom (2009)
IMS Media Plane Security. 3GPP TR33.828-161 (December 2009)
Tonesi, D.S., Salgarelli, L., Tortelli, A.: Securing the signaling plane in beyond 3G networks: analysis of performance overheads. Security and Communication Networks (2009)
Ono, K., Schulzrinne, H.: Have I Met You Before? Using Cross-Media Relations to Reduce SPIT. In: Principles, systems and applications of IP telecommunications, IPTCom (2009)
Wing, D.: SIP E.164 Return Routability Check (RRC). IETF draft-wing-sip-e164-rrc-01 (February 2008)
Mattsson, J., Tian, T.: MIKEY-TICKET: An Additional Mode of Key Distribution in MIKEY. IETF draft-mattsson-mikey-ticket-00 (October 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Battistello, P., Delétré, C. (2010). Analysis of Token and Ticket Based Mechanisms for Current VoIP Security Issues and Enhancement Proposal. In: De Decker, B., Schaumüller-Bichl, I. (eds) Communications and Multimedia Security. CMS 2010. Lecture Notes in Computer Science, vol 6109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13241-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-13241-4_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13240-7
Online ISBN: 978-3-642-13241-4
eBook Packages: Computer ScienceComputer Science (R0)