One of the primary advantages of Voice over IP (VoIP) is that it allows mobile operators and enterprises to extend their core telephony networks. And, with WiFi-enabled VoIP phones, users can connect to their core telephony servers over the Internet from any remote location. Often, such remote VoIP is secured using IPSec VPNs, which, as this demonstration will show, is not sufficient to secure VoIP.
In this presentation, we will show how to exploit a SIM card from an IPSec VPN-enabled GSM/VoIP phone to launch attacks through the IPSec tunnel. This demonstrates that IPSec VPNs are not sufficient to secure VoIP, and that it is possible to embed exploits inside the tunneled traffic to generate attacks on the core telephony network. More importantly, with all VPN tunnel traffic considered “trusted,” such attacks go undetected and can have a devastating impact on the core network.
While there are several ways to implement VPNs and authenticate remote phones, for the purpose of this demonstration, the demonstration will focus on EAP-SIM based authentication that is typically implemented in dual-mode GSM/VoIP phones.
With GSM 2G mobile network standards, GSM phones are equipped with a SIM module (typically a smart card) to allow the gateway server of the core telephony network to authenticate the identity of the GSM phone and to enable over-the-air encryption of the voice traffic. When such a GSM phone is also equipped with a VoIP module, the standard GSM authentication security strength is insufficient in the context of the IP-network. This problem is solved by extending the GSM authentication with the EAP-SIM (Extensible Authentication Protocol) mechanism (RFC 4186). Essentially, the GSM SIM runs GSM algorithms using credentials stored in the SIM card and challenges received from the core network to set up an IPSec tunnel with the network, and then routes all VoIP traffic through the tunnel. As far as the core network is concerned, any device that responds successfully to its challenges, and abides by the negotiated security parameters, is a legitimate device – which is where the problem lies. As this demonstration will show, it’s easy to become an authenticated subscriber on the network and launch attacks on the core infrastructure.
The presentation and demonstration will include following:
- Introduction to SIM-based authentication and IPSec VPN setups.
- Explain how to extend free open-source tools to exploit the SIM card using a Linux laptop and turn it into a seemingly legitimate mobile phone.
- Demonstrate successful setup of IPSec tunnel from the laptop with a SIM reader. This is the heart of the demonstration and will show the vulnerability in the core telephony networks which allows the attacker to pose as a legitimate phone and subsequently launch attacks on the network and other legitimate users. The vulnerability exists because the core network does not monitor activities inside the IPSec tunnel as it assume everything received within the tunnel is trusted.
- Show attacks through the IPSec tunnel by writing simple applications that inject attack traffic inside the tunnel. We will demonstrate IKE protocol message flooding attacks (IKE_SA_INIT, IKE_SA_AUTH) and RTP flooding attacks.
- Discuss the impacts of the attacks and other possible ones. For example, with all network elements available, there several other application level attacks that can be launched on a UMA network, such as IMSI Reconnaissance, Session Anomalies, and Location Update spoofing.