SlideShare a Scribd company logo

Realtime communication security - SIP, XMPP and others

Olle E Johansson
Olle E Johansson

A short presentation on issues we face with realtime security - too many solutions and too few customer requirements and a lack of demand on the market.

TechnologyNews & Politics
1 of 25
REALTIME COMMUNICATION SECURITY Olle E. Johansson * oej@edvina.net * Twitter oej Copyright Edvina AB, Sollentuna, Sweden 2011. All rights reserved.
From this...
to this
Talk Video Chat Application sharing 3D holographic 7.1 conferences
COMMUNICATION BETWEEN TWO OR MORE PEOPLE
OUT OF SCOPE TODAY. Tommy the system intruder Christina the network sniffer Adrian the BOT network manager
IN SCOPE You Me
WHAT IS THE PROBLEM? The usual security issues...
WHO’S TALKING? You Me Identity
WHO IS LISTENING? You Me 3rd party Confidentiality
DID YOU REALLY WRITE THAT? You Me Integrity
YOU CAN’T DO THAT. You Me Authorization
WHO AM I? IP Phone Pad Softphone Set-top-box Chat client Laptop Me Car Cell phone
THE SIP WORLD DATACOM TELECOM
NETWORK SECURITY You Me Our problem
TELECOM SECURITY MODEL You Me In the telco we trust.
END2END OR THROUGH PROXY SERVER? Do you want someone else to handle your keys? You Me Do you want to set up a secure session between you and me? If so, how?
THIS APPLIES TO MANY PROTOCOLS SIP RTCWEB XMPP ?
SIP SECURITY TLS DTLS/SRTP SIGNALLING MEDIA S/MIME SIP IDENTITY INTEGRITY HTTP DIGEST MSRP/TLS AUTH CHAT
ASTERISK 1.8 TLS ACLs SRTP SDES TLS very, very experimental
KAMAILIO SIP SERVER 3.1 TLS ACLs DOS prevention TLS very, very good!
WHAT’S THE ISSUE WITH REAL TIME SECURITY? No one asks for it. Therefore no one implements it. Which means lack of experience.
WHAT I DO NOT UNDERSTAND. Why does nobody care, really?
FINAL QUESTION: What’s a secure session for you?
H E L P. THANK YOU.

Recommended

Script
ScriptScript
Script
Josh Sheil
 
Script
ScriptScript
Script
KittyT
 
If you are being cyber bullied powerpoint
If you are being cyber bullied powerpointIf you are being cyber bullied powerpoint
If you are being cyber bullied powerpoint
lsammut
 
Cloud Computing for Legal Professionals Handout
Cloud Computing for Legal Professionals HandoutCloud Computing for Legal Professionals Handout
Cloud Computing for Legal Professionals Handout
Rocket Matter, LLC
 
Kamailio on air
Kamailio on airKamailio on air
Kamailio on air
Olle E Johansson
 
The Realtime Cloud - unified or isolated islands on the net?
The Realtime Cloud - unified or isolated islands on the net?The Realtime Cloud - unified or isolated islands on the net?
The Realtime Cloud - unified or isolated islands on the net?
Olle E Johansson
 
Astricon 2010: Scaling Asterisk installations
Astricon 2010: Scaling Asterisk installationsAstricon 2010: Scaling Asterisk installations
Astricon 2010: Scaling Asterisk installations
Olle E Johansson
 
Anonymizers
AnonymizersAnonymizers
Anonymizers
Gregory Hanis
 

Recommended

Script
ScriptScript
Script
Josh Sheil
 
Script
ScriptScript
Script
KittyT
 
If you are being cyber bullied powerpoint
If you are being cyber bullied powerpointIf you are being cyber bullied powerpoint
If you are being cyber bullied powerpoint
lsammut
 
Cloud Computing for Legal Professionals Handout
Cloud Computing for Legal Professionals HandoutCloud Computing for Legal Professionals Handout
Cloud Computing for Legal Professionals Handout
Rocket Matter, LLC
 
Kamailio on air
Kamailio on airKamailio on air
Kamailio on air
Olle E Johansson
 
The Realtime Cloud - unified or isolated islands on the net?
The Realtime Cloud - unified or isolated islands on the net?The Realtime Cloud - unified or isolated islands on the net?
The Realtime Cloud - unified or isolated islands on the net?
Olle E Johansson
 
Astricon 2010: Scaling Asterisk installations
Astricon 2010: Scaling Asterisk installationsAstricon 2010: Scaling Asterisk installations
Astricon 2010: Scaling Asterisk installations
Olle E Johansson
 
Anonymizers
AnonymizersAnonymizers
Anonymizers
Gregory Hanis
 
Identity On The Internet
Identity On The InternetIdentity On The Internet
Identity On The Internet
Jon Spriggs
 
How to get back your privacy?
How to get back your privacy?How to get back your privacy?
How to get back your privacy?
Jérôme aka "Genma" Kun
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guide
JD Liners
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
Olle E Johansson
 
Morecrypto in the world of SIP - the Session Initiation Protocol
Morecrypto in the world of SIP - the Session Initiation ProtocolMorecrypto in the world of SIP - the Session Initiation Protocol
Morecrypto in the world of SIP - the Session Initiation Protocol
Olle E Johansson
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
Michael Renner
 
Mac security - a pragmatic guide
Mac security - a pragmatic guideMac security - a pragmatic guide
Mac security - a pragmatic guide
Jason Norwood-Young
 
Network Security R U Secure???
Network Security R U Secure???Network Security R U Secure???
Network Security R U Secure???
trendy updates
 
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
adamdeja
 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
AEGILITY
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
#MoreCrypto
#MoreCrypto #MoreCrypto
#MoreCrypto
Olle E Johansson
 
Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:
Recursion Ventures
 
Information Security
Information SecurityInformation Security
Information Security
Technocratz
 
network security, cryptography,steganography
network security, cryptography,steganographynetwork security, cryptography,steganography
network security, cryptography,steganography
Nikhil l
 
Passwords in the Internet Age - Jim Salter
Passwords in the Internet Age - Jim SalterPasswords in the Internet Age - Jim Salter
Passwords in the Internet Age - Jim Salter
IT-oLogy
 
3D - password
3D - password3D - password
3D - password
BhavikParmar24
 
How To Secure Online Activities
How To Secure Online ActivitiesHow To Secure Online Activities
How To Secure Online Activities
- Mark - Fullbright
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
vicenteDiaz_KL
 
Cybernode.se: Securing the software supply chain (CRA)
Cybernode.se: Securing the software supply chain (CRA)Cybernode.se: Securing the software supply chain (CRA)
Cybernode.se: Securing the software supply chain (CRA)
Olle E Johansson
 
CRA - overview of vulnerability handling
CRA - overview of vulnerability handlingCRA - overview of vulnerability handling
CRA - overview of vulnerability handling
Olle E Johansson
 

More Related Content

Similar to Realtime communication security - SIP, XMPP and others

Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
Michael Renner
 
Mac security - a pragmatic guide
Mac security - a pragmatic guideMac security - a pragmatic guide
Mac security - a pragmatic guide
Jason Norwood-Young
 
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
adamdeja
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:
Recursion Ventures
 
Information Security
Information SecurityInformation Security
Information Security
Technocratz
 

Similar to Realtime communication security - SIP, XMPP and others (20)

Identity On The Internet
Identity On The InternetIdentity On The Internet
Identity On The Internet
 
How to get back your privacy?
How to get back your privacy?How to get back your privacy?
How to get back your privacy?
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guide
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
 
Morecrypto in the world of SIP - the Session Initiation Protocol
Morecrypto in the world of SIP - the Session Initiation ProtocolMorecrypto in the world of SIP - the Session Initiation Protocol
Morecrypto in the world of SIP - the Session Initiation Protocol
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
 
Mac security - a pragmatic guide
Mac security - a pragmatic guideMac security - a pragmatic guide
Mac security - a pragmatic guide
 
Network Security R U Secure???
Network Security R U Secure???Network Security R U Secure???
Network Security R U Secure???
 
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
Deja vu security Adam Cecchetti - Security is a Snapshot in Time BSidesPDX ...
 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
 
#MoreCrypto
#MoreCrypto #MoreCrypto
#MoreCrypto
 
Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:Black Ops of Fundamental Defense:
Black Ops of Fundamental Defense:
 
Information Security
Information SecurityInformation Security
Information Security
 
network security, cryptography,steganography
network security, cryptography,steganographynetwork security, cryptography,steganography
network security, cryptography,steganography
 
Passwords in the Internet Age - Jim Salter
Passwords in the Internet Age - Jim SalterPasswords in the Internet Age - Jim Salter
Passwords in the Internet Age - Jim Salter
 
3D - password
3D - password3D - password
3D - password
 
How To Secure Online Activities
How To Secure Online ActivitiesHow To Secure Online Activities
How To Secure Online Activities
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 

More from Olle E Johansson

More from Olle E Johansson (20)

Cybernode.se: Securing the software supply chain (CRA)
Cybernode.se: Securing the software supply chain (CRA)Cybernode.se: Securing the software supply chain (CRA)
Cybernode.se: Securing the software supply chain (CRA)
 
CRA - overview of vulnerability handling
CRA - overview of vulnerability handlingCRA - overview of vulnerability handling
CRA - overview of vulnerability handling
 
Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)
 
The birth and death of PSTN
The birth and death of PSTNThe birth and death of PSTN
The birth and death of PSTN
 
WebRTC and Janus intro for FOSS Stockholm January 2019
WebRTC and Janus intro for FOSS Stockholm January 2019WebRTC and Janus intro for FOSS Stockholm January 2019
WebRTC and Janus intro for FOSS Stockholm January 2019
 
Kamailio World 2018: Having fun with new stuff
Kamailio World 2018: Having fun with new stuffKamailio World 2018: Having fun with new stuff
Kamailio World 2018: Having fun with new stuff
 
Webrtc overview
Webrtc overviewWebrtc overview
Webrtc overview
 
Realtime communication over a dual stack network
Realtime communication over a dual stack networkRealtime communication over a dual stack network
Realtime communication over a dual stack network
 
The Realtime Story - part 2
The Realtime Story - part 2The Realtime Story - part 2
The Realtime Story - part 2
 
Sip2016 - a talk at VOIP2DAY 2016
Sip2016 - a talk at VOIP2DAY 2016Sip2016 - a talk at VOIP2DAY 2016
Sip2016 - a talk at VOIP2DAY 2016
 
Sips must die, die, die - about TLS usage in the SIP protocol
Sips must die, die, die - about TLS usage in the SIP protocolSips must die, die, die - about TLS usage in the SIP protocol
Sips must die, die, die - about TLS usage in the SIP protocol
 
SIP :: Half outbound (random notes)
SIP :: Half outbound (random notes)SIP :: Half outbound (random notes)
SIP :: Half outbound (random notes)
 
Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!
 
SIP & TLS - Security in a peer to peer world
SIP & TLS - Security in a peer to peer worldSIP & TLS - Security in a peer to peer world
SIP & TLS - Security in a peer to peer world
 
Tio tester av TLS - Transport Layer Security (TLS-O-MATIC.COM)
Tio tester av TLS - Transport Layer Security (TLS-O-MATIC.COM)Tio tester av TLS - Transport Layer Security (TLS-O-MATIC.COM)
Tio tester av TLS - Transport Layer Security (TLS-O-MATIC.COM)
 
2015 update: SIP and IPv6 issues - staying Happy in SIP
2015 update: SIP and IPv6 issues - staying Happy in SIP2015 update: SIP and IPv6 issues - staying Happy in SIP
2015 update: SIP and IPv6 issues - staying Happy in SIP
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6
 
Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.
 
RFC 7435 - Opportunistic security - Some protection most of the time
RFC 7435 - Opportunistic security - Some protection most of the timeRFC 7435 - Opportunistic security - Some protection most of the time
RFC 7435 - Opportunistic security - Some protection most of the time
 
SIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreSIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and more
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Realtime communication security - SIP, XMPP and others

Editor's Notes

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. \n
  20. \n
  21. \n
  22. \n
  23. \n
  24. \n
  25. \n