Solution: Don't Ignore the Call Recipients (VoIP)

The use of IPSec or TLS at the first and last hop of the call resolves the subscriber authentication problem and hence, the MITM attacks also. However, these solutions are not widely deployed; instead, to avoid the overhead and complexity of these solutions, the VoIP service providers prefer UDP for the transportation of SIP messages and the digest authentication mechanism for SIP security. Furthermore, the digest authentication mechanism is used extensively only at the first hop of the call (i.e., at the caller side) to authenticate the received INVITE messages at the SIP proxy server. However, the attacks mentioned in this topic can still be prevented, if the call recipient UAs also have the same capability of authenticating received INVITE messages. For example, before an INVITE message rings the phone, the SIP UA can authenticate the INVITE message by sending a challenge message back to its own SIP proxy server. The SIP proxy server acknowledges the receipt of the challenge and constructs an INVITE message with proper credentials. Therefore, only the authenticated INVITE message with valid credentials are allowed to initialize the call setup phase at the recipient SIP UA. The exchange of challenge/response messages at the last hop of the call (i.e., at the call recipient side) prevents many of the MITM attacks on subscribers.

Next post:

Previous post: