WO2007125025A1 - Prevention spit par des listes positives sécurisées par des clés cryptographiques - Google Patents

Prevention spit par des listes positives sécurisées par des clés cryptographiques Download PDF

Info

Publication number
WO2007125025A1
WO2007125025A1 PCT/EP2007/053656 EP2007053656W WO2007125025A1 WO 2007125025 A1 WO2007125025 A1 WO 2007125025A1 EP 2007053656 W EP2007053656 W EP 2007053656W WO 2007125025 A1 WO2007125025 A1 WO 2007125025A1
Authority
WO
WIPO (PCT)
Prior art keywords
subscriber
call
time stamp
public key
positive
Prior art date
Application number
PCT/EP2007/053656
Other languages
German (de)
English (en)
Inventor
Joachim Charzinski
Maurice Uhlmann
Original Assignee
Nokia Siemens Networks Gmbh & Co. Kg
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Siemens Networks Gmbh & Co. Kg filed Critical Nokia Siemens Networks Gmbh & Co. Kg
Priority to EP07728121A priority Critical patent/EP2014075A1/fr
Publication of WO2007125025A1 publication Critical patent/WO2007125025A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • H04M7/0078Security; Fraud detection; Fraud prevention
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1076Screening of IP real time communications, e.g. spam over Internet telephony [SPIT]
    • H04L65/1079Screening of IP real time communications, e.g. spam over Internet telephony [SPIT] of unsolicited session attempts, e.g. SPIT
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp

Definitions

  • the subject of the application relates to a method for SPIT defense.
  • white lists are used - lists of known participants from whom calls or other calls (multimedia connections, instant messages, multimedia messages, e-mails) should always be accepted. Calls from subscribers who are not members of a called party positive list will be rejected or referred to an announcer or voice mail facility. In Applicant's series marketed under the product name Surpass hiQ, this is implemented as a "selective call acceptance (SCA)", but terminals may also include such devices, for example by signaling calls from subscribers to the positive list with a particular ringing tone.
  • SCA selective call acceptance
  • a spitter M now wants to call a subscriber B who shields himself from a positive list, he can - e.g. by looking up in a phone book or similar directory - identify suspected members of participant B's positive list and try by
  • Receiver of a call setup message can check whether a SIP INVITE message has been transmitted in the essential fields unadulterated. This procedure requires an infrastructure of CAs associated with the sender IDs. It also has to be received at every
  • INVITE message the public key of the appropriate instance are fetched so that the header fields can be checked.
  • Network elements such as Session Border Controller (SBC) or back to back user agents (B2BUA, for example the device distributed under the product name Surpass hiQ)
  • SBC Session Border Controller
  • B2BUA back to back user agents
  • the secure shell (ssh) protocol uses a fully distributed public key method with no centralized certificate stores to identify a partner computer in a connection.
  • the public key is transmitted from R 2 to R 1 and stored in this in a "known hosts" list
  • the key is then checked and the connection is only established if R2 can authenticate to Rl with the same key as the first contact
  • ssh foresees that Rl has received a "fingerprint" of R2 over a separate channel, which he checks.
  • the subject of the application is based on the problem of specifying a method which prevents an underrunning of the whitelist-based protection against unwanted calls by means of forged sender addresses.
  • the problem is solved by the features of claim 1.
  • the WL can also be maintained for outgoing calls.
  • a call setup request with a public key arrives at an end system in which another PK is stored for this identity, this is recognized as a forgery of the ID, and the call is rejected, or it is forwarded to the method for first contacts. It is additionally demanded that in each case a new time stamp TS is used in the case of a short successive connection setup request, even if this would not be necessary due to the predetermined interval (the tolerance) of B. This prevents replay attacks even in short time intervals.
  • FIG. 1 shows two networks N1 and N2 with SIP proxies SP1 and SP2 and session border controller SBC, signaling and media data traffic between subscriber terminals A and B.
  • FIG. 2 shows a subscriber terminal B with positive list WL and entries for subscriber ID, public key PK, timestamp contained therein TS (optional) and status information Z (optional),
  • FIG. 5 State transition diagram for the public key of A on the positive list (WL) of B.
  • FIG. 6 Processing of the keys for incoming and outgoing calls, FIG. 7 Subroutine After Key Call Processing (x) to FIG. 6, FIG. 8 Subroutine Process new public key to FIG 7, FIG. 9 Subroutine Process known public key to FIG. 6, FIG. 10 Subroutine Process known public key in VALIDATED State to FIG. 9 and FIG. 11 Subroutine Process known public key in VALIDATED_ID State to FIG.
  • FIG. 1 shows a scenario in which two terminals A and B communicate via two communication networks N1 and N2.
  • N1 SPl and in N2 SP2 is used as SIP proxy / SIP server, and between them a session border controller SBC filters the signaling traffic.
  • a subscriber A who wishes to establish a call to subscriber B sends in the initial call setup message (in case of SIP: INVITE) his public key PK A in a field and in a (possibly other) field a cryptotext encrypted or signed with his associated private key KT.
  • This Kryptotext KT contains a timestamp TS.
  • the call On the first call of a hitherto unknown subscriber - as with any system based on positive lists - the call is not initially signaled directly to the called party, but forwarded to a separate treatment.
  • the call can be routed to an answering machine or an announcement system, for example, or it can be signaled to the called subscriber separately (one-time ringing, separate ringing tone).
  • the terminal B stores in this first call from A the public key PK A transmitted in the call setup message and the time stamp TS_A extracted from the KT with the aid of PK A with an initial state. It is checked whether the extracted with PK A from the KT timestamp TS within a certain interval at the current time. If this is not the case, the request is rejected in any case (with SIP: 403 forbidden).
  • subscriber B may decide to record A on the WL.
  • the status information of the entry for A is changed accordingly. If participant B himself is participant A calls, the state information can be changed again. It makes sense to increase the
  • Trustworthiness because A is more likely to foresee a false identity in a signaling message than that the routing in the telephone network additionally results in a call to the wrong party.
  • a subscriber sends his public key not only in the initial call setup message, but also when called, in one of the reply messages to the end system of the call partner.
  • the WL can also be maintained for outgoing calls.
  • time stamp in KT ensures that third parties can not easily reuse a KT observed in the network to gain access to subscriber B (replay protection). It is additionally required that in each case a new time stamp TS is used in the case of connection requests that are placed on each other for a short time, even if this is not necessary due to the tolerance of B. This prevents replay attacks even in short time intervals.
  • the positive list can be maintained in the terminal of subscriber B or in the associated SIP proxy / switching node. Instead of passing state information in
  • Positive lists can also be maintained for multiple positive lists, e.g. one for temporary information, one for WL entries and one for recalled WL entries.
  • PK A and KT can be transmitted in case of using SIP for signaling in the following protocol data fields:
  • a terminal can send the public key information redundantly in several of these fields in the event that systems in the network delete one or the other entry.
  • the positive list WL can be extended by an entry that specifies in which field the public key information for the respective communication partner can best be transmitted by the network.
  • the timestamps are specified in GMT.
  • KT may include an encrypted timestamp or a timestamp in plain text plus a digital signature.
  • KT may also contain information about the identity of the sender and / or the recipient of the message. Instead of rejecting a timestamp or key that does not match, a call setup can be redirected to an announcement unit or an answering machine, or the call can be signaled with a distinctive ringing ring.
  • an end system can carry a conventional whitelist This can be considered one separate list or as an additional state in a common WL.
  • the timestamp is not within the tolerance interval of the addressee B in the case of a connection setup request, the latter can initiate a challenge-response method in which the original sender A of the request encrypts or signs a character string selected by B instead of a timestamp selected by A.
  • the state-transition behavior of the keys in the WL can be designed such that a key that has been confirmed for a long time or repeatedly for many calls is more likely to remain in its state, whereas a key that has been newly recorded will be deleted more quickly and the caller will be referred back to the first contact procedure.
  • the positive list can be maintained in the terminal of subscriber B or in the associated SIP proxy / switching node.
  • PK_A and KT in the case of using SIP, can be transmitted for signaling in the following protocol data fields:
  • a terminal can send the public key information redundantly in several of these fields in the event that systems in the network delete one or the other entry.
  • the positive list WL can be extended by an entry indicating in which field the public key information can be best transmitted to the respective communication partner through the network.
  • G. KT may include an encrypted timestamp or a timestamp in plain text plus a digital signature.
  • H. KT may also provide information about the identity of the person
  • Sender and / or the recipient of the message can be a call setup on an announcement unit or an answering machine be redirected, or the call can be signaled with a special ringing tone ("distinctive ringing").
  • an end system may carry a conventional whitelist. This may be configured as a separate list or as an additional state in a common WL.
  • time stamp is not within the tolerance interval of the addressee B in the case of a connection setup request, this can initiate a challenge-response method in which the original sender A of the request encrypts or signs a string selected by B instead of a time stamp selected by A.
  • the state-transition behavior of the keys in the WL can be designed to be a key that has been repeated for a long time or for many calls has been confirmed, rather remains in its state, whereas a key that has been newly recorded is deleted more quickly and the caller is thus referred back to the procedure for initial contact.
  • Timestamp "* the sender's UTC timestamp *"
  • Public-Key "* the sender's public key *”
  • signing algorithm "* the applied signing algorithm *”

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé pour la prévention SPIT (message indésirables par téléphonie IP), selon lequel un abonné A, qui souhaite établir un appel vers un abonné B, envoie dans le message initial d'établissement d'appel sa clé publique et un texte crypté KT, signé par sa clé privée correspondante, qui contient une estampille temporelle TS, et selon lequel il est vérifié lors d'une requête dans le terminal de l'abonné B si l'estampille temporelle extraite TS se trouve à l'intérieur d'un intervalle prédéterminé de l'heure actuelle et si ce n'est pas le cas, la requête est rejetée. Etant donné que les entrées des listes positives sont sécurisées par des clés cryptographiques entre des abonnés finaux, la faille d'adresses d'expéditeurs falsifiées de membres supposés d'une liste positive est formée. Par l'utilisation de l'estampille temporelle dans le KT, il est garanti à chaque appel que des tiers ne peuvent pas simplement réutiliser un KT observé dans le réseau, pour se procurer un accès à l'abonné B (replay protection).
PCT/EP2007/053656 2006-04-27 2007-04-13 Prevention spit par des listes positives sécurisées par des clés cryptographiques WO2007125025A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07728121A EP2014075A1 (fr) 2006-04-27 2007-04-13 Prevention spit par des listes positives sécurisées par des clés cryptographiques

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102006020244.9 2006-04-27
DE102006020244A DE102006020244B3 (de) 2006-04-27 2006-04-27 Positiv-Listen zur SPIT-Abwehr

Publications (1)

Publication Number Publication Date
WO2007125025A1 true WO2007125025A1 (fr) 2007-11-08

Family

ID=38175822

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2007/053656 WO2007125025A1 (fr) 2006-04-27 2007-04-13 Prevention spit par des listes positives sécurisées par des clés cryptographiques

Country Status (3)

Country Link
EP (1) EP2014075A1 (fr)
DE (1) DE102006020244B3 (fr)
WO (1) WO2007125025A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102020003328A1 (de) 2020-06-03 2021-12-09 Daimler Ag Zeitstempelbasiertes Verfahren zum Schutz vor Replay-Attacken

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102005046965B3 (de) * 2005-09-30 2007-02-15 Siemens Ag Verfahren und Anordnung zur Verifikation einer im Zuge einer Verbindungsanfrage zum Zweck des Aufbaus einer Sprach-Kommunikationsverbindung übermittelten Absenderadresse in einem IP-Kommunikationsnetzwerk

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HENTZEN, WHIL: "Remote Access Via SSH", HENTZENWERKE WHITEPAPER SERIES, 2004, pages 1 - 9, XP007902592 *
KULLENWALL ET AL: "Study of security aspects for Session Initiation Protocol", THESIS, XX, XX, 19 April 2002 (2002-04-19), pages complete, XP002402617 *

Also Published As

Publication number Publication date
EP2014075A1 (fr) 2009-01-14
DE102006020244B3 (de) 2007-09-20

Similar Documents

Publication Publication Date Title
CN102077550B (zh) Voip地址发现系统中通信的限制
US7613923B2 (en) Method and apparatus for controlling unsolicited messaging in real time messaging networks
KR101367038B1 (ko) 키 교환 시스템 및 시스템 조작 방법
CA2636780C (fr) Methode et dispositif pour transmission de donnees et de communication vocale chiffrees anonymes
US8621033B2 (en) Method for identifying internet users
US9077806B2 (en) Method, system and apparatus for implementing secure call forwarding
Song et al. iVisher: Real‐Time Detection of Caller ID Spoofing
US20090025062A1 (en) Verifying authenticity of conference call invitees
US20080307225A1 (en) Method For Locking on to Encrypted Communication Connections in a Packet-Oriented Network
DE102006020244B3 (de) Positiv-Listen zur SPIT-Abwehr
CN113839905B (zh) 一种证书写入、证书反馈方法、记账节点及身份认证系统
KR20110038163A (ko) 통신 연결들의 연결-수반 데이터에 대한 접근 관리
CN101296085B (zh) 基于分叉的认证方法、系统以及分叉认证装置
Ono et al. Have I met you before? Using cross-media relations to reduce SPIT
Ahmadzadegan et al. Secure communication and VoIP threats in next generation networks
Patil et al. VoIP security
CN111163465A (zh) 连接用户终端与本地终端的方法、装置以及呼叫中心系统
Song et al. Towards standardized prevention of unsolicited communications and phishing attacks
Yang et al. Security issues in VoIP telecommunication networks
JP2006005880A (ja) 通知番号検証システム
Ham et al. Vulnerability analysis on Mobile VoIP supplementary services and MITM attack
Wing et al. Voip Security
Voorneveld et al. Proposal for a Possible Solution to Spam for the Session Initiation Protocol
Hossein Ahmadzadegan et al. Secure communication and VoIP threats in next generation networks
Alsmairat et al. Securing session initiation protocol in voice over IP domain

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07728121

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2007728121

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE