SIP and S/MIME

RFC 3261 describes the use of Secure MIME (S/MIME) message bodies:

SIP header fields can be encrypted in an S/MIME message body
see RFC 5751 (which has replaced RFC 2633 and RFC 3851)

Provides:

Message integrity - Allows detection of any modification of message contents
Message privacy - Private headers protected by S/MIME
Identity - Certificates can be verified to validate identity

Slide Notes

Ramsdell and S. Turner, “Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification”, Internet Request for Comments, RFC Editor, RFC 5751 (Proposed Standard), ISSN 2070-1721, January 2010 http://www.rfc-editor.org/rfc/rfc5751.txt Links to an external site.

Transcript

[slide357] We also saw yesterday that we could use S/MIME, secure MIME, to take the SDP content, the body of the SIP message, and now we could encapsulate it in MIME, and now we could encrypt it, so only the other party could actually see the details of the session that was being proposed. It also provides message integrity. Why would we want to provide message integrity? Why? Well, what would happen if along the way someone took my SDP message, rewrote the IP address in it to be their IP address, I would now send all of my media to their address, where they could get it, and then they could of course forward it on to the real destination, voilà, we have a man-in-the-middle attack. [student asks a question] Yes. But for that, we need to be able to have integrity. We need to make sure that it can't be tampered with. We may also need privacy. One of the things that we saw that we could put in the SDP description was in fact the key to be used for encrypting the media stream. Well, if we don't keep that private, anyone who can see that knows the key to our media stream. We could also make use of certificates to be able to provide strong identity. Now, in the U.S. there's a so-called quiet period that occurs before quarterly reports and annual reports come out, and during that period of time, or if a company is going to be going public, the chief executive officer, the chief financial officer, et cetera, have to be very careful who they talk to. Because if they talk to the wrong people and they were to give information out in advance that someone could exploit to, for instance, buy the shares, knowing that the price is likely to go up or down, that would be a criminal activity. So they need to carefully record who it is that they speak with. That means we actually have to know. The advantage here is we can now exchange certificates so we can have strong proof of who the identity of the caller is.