[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Requirements Classification

To: ietf-rtpsec@xxxxxxx
Subject: Requirements Classification
From: Hannes Tschofenig <Hannes.Tschofenig@xxxxxxx>
Date: Sat, 10 Mar 2007 13:00:08 +0200
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx
User-agent: Thunderbird 2.0b2 (Windows/20070116)


Hi all,

with an update to the Media Security Requirements draft, see
http://www.tschofenig.com/svn/draft-wing-media-security-requirements/draft-wing-media-security-requirements-02.txt

we tried to put a classification of the requirements into a new section.Here is the new text:


-----------

6.  Requirements Classification

  An adversary might be located along

  (1)  the media path,

  (2)  the signaling path,

  (3)  the media and the signaling path.

  An attacker that can solely be located along the signaling path, and
  does not have access to media, is not considered (ref item 2).

  Furthermore, it is reasonable to consider the capabilities of the
  adversary.  We also have different types of adversaries, namely

  (a)  active adversary

  (b)  passive adversary

  Note that the adversary model for (a) and (b) also assumes the
  attacker being able to control SIP signaling entities.

  With respect to item (a) an adversary may need to be active with
  regard to the key exchange relevant information traveling along the
  data or the signaling path.

  Some of the deployment variants of the media security key management
  proposals under considerations do not provide protection against man-
  in-the-middle adversaries under certain conditions, for example when
  SIP signaling entities are compromised, when a global PKI is missing
  or pre-shared secrets are not exchanged between the end points prior
  to the protocol exchange.

  Based on the above-mentioned considerations the following
  classifications can be made:

  Class I:

     Passive attack on the signaling and the data path sufficient to
     reveal the content of the media traffic.


  Class II:

     Active attack on the signaling path and passive attack on the data
     path to reveal the content of the media traffic.


  Class III:

     Active attack on the signaling and the data path necessary to
     reveal the content of the media traffic.


  Class IV:

     Active attack is required and will be detected by the end points
     when adversary tampers with the messages.

  For example, SDES falls into Class I since the adversary needs to
  learn the SDES key by progressing a signaling message at a SIP proxy
  (assuming that the adversary is in control of the SIP proxy).
  Subsequent media traffic can be decrypted with the help of the
  learned key.

  As another example, DTLS-RTP falls into Class III when DTLS is used a

public key based ciphersuite with self-signed certificates andwithout SIP

  Identity.  An adversary would have to modify the fingerprint that is
  sent along the signaling path and subsequently to modify the

certificates carried in the DTLS handshake that travel along themedia path.


  An attack is not successful when SIP Identity is used, the adversary
  is not between the SIP UA and its Authentication Service (or at the
  Authentication Service), both end points are able to verify the
  digital signature (of the SIP Identity) and are able to validate the
  corresponding certificates.

-----------

Useful?

Ciao
Hannes

Follow-Ups:
- Re: Requirements Classification
  - From: Richard Barnes
- Re: Requirements Classification
  - From: Richard Barnes

Prev by Date: Re: Security for RTP connections - some thoughts
Next by Date: Re: Security for RTP connections - some thoughts
Previous by thread: kerberos SIP/RTSP/RTP encryption?
Next by thread: Re: Requirements Classification
Index(es):
- Date
- Thread