IETF Logo Mail Archive

Re: [perpass] Securing VoIP in the Presence of Pervasive Monitoring

Brian Rosen <br@brianrosen.net> Mon, 09 September 2013 16:16 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA8EE21F99EC for <perpass@ietfa.amsl.com>; Mon, 9 Sep 2013 09:16:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.766
X-Spam-Level:
X-Spam-Status: No, score=-102.766 tagged_above=-999 required=5 tests=[AWL=0.834, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UNCjWjzY4GXQ for <perpass@ietfa.amsl.com>; Mon, 9 Sep 2013 09:16:42 -0700 (PDT)
Received: from mail-qe0-f48.google.com (mail-qe0-f48.google.com [209.85.128.48]) by ietfa.amsl.com (Postfix) with ESMTP id C0EDD21E81EB for <perpass@ietf.org>; Mon, 9 Sep 2013 08:48:24 -0700 (PDT)
Received: by mail-qe0-f48.google.com with SMTP id nd7so2442394qeb.7 for <perpass@ietf.org>; Mon, 09 Sep 2013 08:48:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=0F9XQJhTvESKVGroeT1E3obgO/PmjT5wQA7jAdbHpz8=; b=DKf43tW9oBNrumhF+66XWADS7LBfRDlNRC3EXszKU+f4yi/XlN9KRbcBOGM2SjKceB C/I3MRcHrSc1xUERszGhQENkkDmGxR+lB+8ptoaJ+05khK0l3DH8KbZhvMpwapfs9Dg8 4BuuEzn7eRS6iyoLELUpRl3sTFv6EbHtebjaV3EYy0YOUpdAXUXD62yZ0yOfck4QMW+C XWt4WCs7hpI5r+bSf5RXUmcW/XMhAKH04j1QvZYzGnZLxlb1+QeBQFAIGrp/jXdLXPXZ poyn3+BboGd6yeWk8M0kZPYzOT/sDLkH+4irvRSIyu/amlvRgbbLM73ZrUWoVhK1MKzh nlPw==
X-Gm-Message-State: ALoCoQmdZe+3hmlIK2jVsfgQLojdMHxrFqUxXQWYuLnpIDDLIoDwLUOXz2ycCJSwUSFNVjDkXmIG
X-Received: by 10.49.50.198 with SMTP id e6mr12177362qeo.76.1378741704169; Mon, 09 Sep 2013 08:48:24 -0700 (PDT)
Received: from [10.33.193.10] (neustargw.va.neustar.com. [209.173.53.233]) by mx.google.com with ESMTPSA id b9sm2295802qad.1.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 09 Sep 2013 08:48:23 -0700 (PDT)
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Brian Rosen <br@brianrosen.net>
In-Reply-To: <522DE999.9010100@cs.tcd.ie>
Date: Mon, 09 Sep 2013 11:48:19 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <ABBD4388-2EFF-4A7D-9A52-725EDD46CC53@brianrosen.net>
References: <522D863F.10903@gmx.net> <87ioyaz0xg.fsf@nordberg.se> <522DB47D.5080400@gmx.net> <CAOHm=4ugJox1dop2_SQPzum-9i8svF=2A+7+j5x7oC45AmifiQ@mail.gmail.com> <6C08F669-75F6-441B-A7C5-85C0DBD8DB07@brianrosen.net> <522DE999.9010100@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.1508)
Cc: Linus Nordberg <linus@nordberg.se>, perpass@ietf.org, Hannes Tschofenig <hannes.tschofenig@gmx.net>, Dean Willis <dean.willis@softarmor.com>
Subject: Re: [perpass] Securing VoIP in the Presence of Pervasive Monitoring
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 16:16:47 -0000

RELOAD is a rendezvous protocol - it yields a URI to send SIP messages to in order to establish a p2p connection.  

It uses an algorithm (the RELOAD spec is designed around a pluggable algorithm) of which Distributed Hash Table examples like Chord are good candidates.  The algorithm defines how a p2p distributed databases of these URIs is created, and how you query the DHT to find the URI of the party you want to talk to.  You start with an identifier, query the DHT and get the URI.  

Then you send a normal SIP INVITE to that URI.  This means the SIP signaling itself does not go through any intermediaries, nor does the media (assuming a TURN relay is not needed).

Contrast this with how normal SIP calling works, where you send the INVITE to a proxy server in your local domain (carrier) who routes it through some set of proxy servers to the destination domain (possibly including a transit domain) who routes it to the destination.  Along the way, as implemented, any number of changes to the SIP INVITE are made, including changing the media end point IP addresses, so the media is forced through middle boxes in the carrier network.

So RELOAD is privacy friendly by turning calling into true p2p with signaling and media not transiting any third party.

The concern I have is that to get credentials enabling you to store your URI in the DHT, you interact with an enrollment server.  That server only issues credentials, it's not in the path of the call,  but if it was co-opted, it could create mischief with those credentials.

Brian


On Sep 9, 2013, at 11:30 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> 
> Hi Brian, Dean,
> 
> RELOAD [1] is a bit of a gigantic spec though but I agree could
> be promising in this space. I wonder if anyone might be interested
> enough to write a draft saying how to use RELOAD to be more
> privacy friendly?
> 
> I've no idea if that'd be easy or a huge amount of effort for
> someone who already knows the protocol, but I'm pretty sure it'd
> be a major task for someone starting from scratch.
> 
> S.
> 
> [1] http://tools.ietf.org/wg/p2psip/draft-ietf-p2psip-base/
> 
> On 09/09/2013 04:09 PM, Brian Rosen wrote:
>> I'm still worried about the role of the enrollment server.  If it got compromised, then mischief would be possible (you may not know who you are talking to).  I think MITM would be hard.
>> 
>> I think we need to come up with a new way to come up with credentials that is less dependent on servers that are subject to co-opting by the authorities.
>> 
>> It's a HECK of a lot better than conventional VoIP though.
>> 
>> Brian
>> 
>> On Sep 9, 2013, at 10:46 AM, Dean Willis <dean.willis@softarmor.com> wrote:
>> 
>>> I think we can mostly get there with RELOAD, but the implementations are still pretty early.
>>> 
>>> On Sep 9, 2013 6:53 AM, "Hannes Tschofenig" <hannes.tschofenig@gmx.net> wrote:
>>> Hi Linus,
>>> 
>>> thanks for the comments.
>>> 
>>> I have indeed skipped that topic. I will have to read into the Mumble project to see what security and privacy guarantees it provides.
>>> 
>>> My current conclusion from using VoIP/IM systems without using Tor is that you cannot really protect against collecting this transaction data (i.e., you have to at least trust the two VSPs, our own and then the VSP of your communication partner). While you can influence routing of the data traffic to a certain extend it does not work too well when your VSP is working against you.
>>> 
>>> With IM you could at least set up your own server (e.g., by using an XMPP server) but with VoIP that's more complicated because nobody else will accepted your connection attempts (as explained in the interconnection part of my write-up).
>>> 
>>> I will come back to you on that issue.
>>> 
>>> Ciao
>>> Hannes
>>> 
>>> 
>>> On 09.09.2013 14:31, Linus Nordberg wrote:
>>> Hannes Tschofenig<hannes.tschofenig@gmx.net>  wrote
>>> Mon, 09 Sep 2013 11:26:39 +0300:
>>> 
>>> | http://www.tschofenig.priv.at/wp/?p=997
>>> |
>>> | It contains a number of recommendations, which are addressed to VoIP
>>> | providers and vendors but have to be enforced by data protection
>>> | authorities.
>>> |
>>> | The recommendations unfortunately highlight some challenges...
>>> 
>>> Indeed. And still, I miss any mention on protection against collecting
>>> data about who's talking to who.
>>> 
>>> Without claiming any expertise at all in this area, the closest thing to
>>> something implementing this that I've heard of is Mumble over
>>> Tor. Mumble [0] is not standardised AFAICT. The Guardian Project wrote
>>> [1] about this earlier this year. Some people seem to use it [2].
>>> 
>>> [0] https://en.wikipedia.org/wiki/Mumble_%28software%29
>>> [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Mumble
>>> [2] https://guardianproject.info/2013/01/31/anonymous-cb-radio-with-mumble-and-tor/
>>> _______________________________________________
>>> perpass mailing list
>>> perpass@ietf.org
>>> https://www.ietf.org/mailman/listinfo/perpass
>>> 
>>> _______________________________________________
>>> perpass mailing list
>>> perpass@ietf.org
>>> https://www.ietf.org/mailman/listinfo/perpass
>>> _______________________________________________
>>> perpass mailing list
>>> perpass@ietf.org
>>> https://www.ietf.org/mailman/listinfo/perpass
>> 
>> 
>> 
>> 
>> _______________________________________________
>> perpass mailing list
>> perpass@ietf.org
>> https://www.ietf.org/mailman/listinfo/perpass
>>

v2.23.0 | Report a Bug | By Email