April 2004

Security In Carrier VoIP Applications

BY DEBASHISH "RON" NAG & SOPHIA SCOGGINS, Ph.D.

The advancements in VoIP technology � such as performance, cost reduction, and feature support � make VoIP a compelling proposition for service providers who are trying to create new revenue streams based on data while still offering traditional phone services. In light of such interest, security is a critical feature for service providers to provide a carrier class offering.

The importance of stringent security is one that cannot be overlooked because it is easier to probe into voice information on a packet network than to physically tap into the circuit switched network. Inherent security issues with packet-based communications are: voice �tapping� by sniffing packets, unpaid service usage by falsification of network ID, and service disruption by packet manipulation. Subscriber account and equipment fraud can be committed by accessing network databases and IP addresses. Hackers can breach the integrity of a network, modify the databases, or replicate the equipment, resulting in a shutdown, �jam� or takeover of the voice network.

Other security threats pose privacy threats to the end user. New security challenges include intercepting and modifying the call control (such as SIP) packets, and subsequently altering the packet destination or the call connection. Additionally, packet network performance may not be up to par with the circuit switched network.

As carriers are beginning to announce VoIP services, service providers can protect their services and associated revenues by implementing security and safeguards to prevent various threats.

Internet Security For Telephony
The existence of these security threats does not mean that the deployment of VoIP networks and services by carriers will be hindered in any way. A variety of security features can be implemented to address these challenges. The security functions for VoIP applications are taken from the IP network and there are various levels of security features that are required by the carrier, such as authentication, encryption, and firewall. The IETF RFC 2401 Internet Security (IPSec) is a popular security protocol and provides authentication and encryption functions. In order to encrypt and decrypt, end points must establish a security association (SA) and exchange keys.

The Network Architecture For VoIP Security
In a VoIP network, there are three types of packets to be considered: voice, signals, and data. In some situations, video packets are also transported over the internet. The signaling packets are used to set up a virtual connection between two end points, e.g., two IP phones, over a connectionless IP network. The signaling packets are transmitted between an IP phone and a call server or proxy server.

Once the virtual connection is set up, the voice packets can be transmitted over different paths between two IP phones. Data packets may come from the same device or another device connecting to it (such as a PC connecting to an IP phone) as the voice packets, but can travel in the same or different paths.

Delay Due To Security Association (SA)/Key Exchange
Signaling packets, voice packets, and data packets take different paths, therefore there will be a different security association (SA) for each type of packet. Each time a SA is established, the security key information must be exchanged, which can add significant delay, often several seconds. In a store and forward data network, delay is not a problem.

Delay is a threat to call setup and voice quality for real-time voice processing. If the setup delay for the signaling packets is greater than 300 ms in a PSTN, the call will be abandoned. In the VoIP network, the setup delay is often greater than 300 ms. If the delay for voice packets is greater than 300 ms, there will be a long silence to the user. During the call, voice will chirp or difficult to comprehend. Therefore, the delay in establishing a SA for signals and voice should be minimized.

Each IP phone has only one primary call server. It is optimal to establish the SA with the primary call server one time for all calls originating from a given IP phone. However, the SA has a short lifetime. Therefore, it is necessary to set up the SA on a per call basis. The short lifetime of the SA posts another issue to the voice quality. If the SA becomes expired during a call, then the call must be torn down and re-established. During these processes, there will be visible silence to the users.

The solution is to expand the lifetime of the SA for the voice applications. For a long call, if the SA has expired, there are two options. A valid, but less than ideal option, is to take down the call and re-establish the SA. In this scenario, the users will have to be alerted so that they don�t assume the call disconnected. A more transparent option is to leave the call in place and re-establish the SA. Though the latter suggestion does not follow call processing procedure, it is less disruptive and for some, a preferred solution.

The delay of establishing the SA has less impact to data packets, as they are stored and forwarded. The data applications shall be able to establish a SA with another end point, independent to the signaling and voice applications in most cases. In some cases, data packets can only be sent between two end points after the virtual connection is established.

Delay Due To Encryption
The encryption protocol Advanced Encryption Standard (AES) requires about the same amount of time as voice packetization. That means the total delay will be double. In the cases of Data Encryption Standard (DES), the delay is even greater. Triple Data Encryption Standard (3DES), which has about three times more delay than the one for DES, is considered unacceptable for voice encryption. Many voice applications choose to use Secured Real-time Transport Protocol (SRTP), which uses AES, instead of IPSEC. One reason is for performance and another is for end-to-end security.

VPN And Encryption
A Virtual Private Network (VPN) is a virtual connection between an end point and its VPN server. Carriers can offer IP telephony service as part of a VPN service offering. In this offering IPSec is a popular security protocol for VPNs where several different models can be applied.

Multiple-VPN Pipe Model
In this model, there is one VPN for each type of packet. For signaling packets and data packets, IPSEC with encryption will be used. For voice packets, either SRTP or IPSEC encryption is used, but not both. This reduces encryption delay and requires multiple VPNs and therefore, multiple IP addresses. In addition, there will be more synchronization effort among different VPNs for a call.

VPN Model With Encryption
In this case, there is only one VPN with encryption for all packets. The VPN terminates the IPSEC, and there is no security after the VPN server in a corporate or ISP network. Because of this, SRTP is often used for voice encryption to provide end-to-end security. This means the voice will be encrypted and decrypted by both IPSec and SRTP. Although this can produce some delays, the network connection between the phone and VPN can be done once at setup, thus mitigating the extent of the delays. The advantage of this model is to minimize the number of IP addresses and call processing synchronization efforts. Therefore, this method is recommended.

VPN Model Without Encryption
In this case, there is one VPN without encryption for all packets. Encryption can be done outside the VPN pipe. In this model, the signaling packets and data packets can use IPSEC encryption, while the voice packets can use SRTP encryption before entering the VPN pipe. Since the VPN is not encrypted, it is less secure.

Network Address Translation And Call Controls
The Network Address Translation (NAT) protocol effectively uses a public IP address and maps it to many private LAN addresses. For an outgoing call, the VoIP application has to register its RTP port, UDP/TCP port, and IP address with the NAT unit. For an incoming packet with unknown originating or destination IP address, the packets will be blocked by the NAT unit. Therefore, the NAT unit serves as a firewall. This creates a problem for incoming calls. One solution is to register the IP address, UDP/TCP port, and RTP port of a device with a Universal Plug and Play (uPnP) unit. The NAT unit then checks with the uPnP unit for any incoming and outgoing packets. The UDP/TCP port must be always open, so that the VoIP can accept an incoming call. The RTP port will only be created when there is a call setup. All VoIP applications, including security must also register with the NAT unit, so that they won�t be blocked.

Conclusion
Carriers can offer VoIP services based on the many security protocols developed for data services. Furthermore, carriers can offer VoIP services bundled with VPN services. However, there are challenges for VoIP to meet a carrier�s expectations, such as delay due to key exchange and encryption/decryption and the lifetime of the SA. Ultimately, the security mechanism for VoIP needs improvement in order to meet the real-time VoIP requirements. As new implementations for security emerge, carriers will be able offer voice service alternatives to PTSN with the reliability and quality that is expected. c

Debasish �Ron� Nag is a Product Manager in the Voice over Packet business unit at Texas Instruments. Sophia Scoggins, Ph.D., is a Systems Engineering Manager in the Voice over Packet business unit at Texas Instruments. Texas Instruments is a world leader in digital signal processing and analog technologies, the semiconductor engines of the Internet age.

If you are interested in purchasing reprints of this article (in either print or HTML format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.

[ Return To The April 2004 Table Of Contents ]