All messages are then redirected to the hacker.
Another example of why encryption is necessary is to prevent session hijacking. This
is accomplished when a hacker intercepts an INVITE and sends a 3xx response redirecting
the request to their server. Session hijacking can be prevented partially through
encryption (the contents are no longer readable by hackers) or through route verification
at the P-CSCF.
There are downfalls to encryption as well. When the SIP message is encrypted,
only those devices with the cipher key will be able to decipher the message. These are
typically the proxies in the network (call session control functions within the IMS).
Monitoring systems used for performance management may not have this capability.
Security Procedures in the IMS 155
Likewise, lawful intercept may also become a challenge. Without encryption, however,
there are many more consequences.
Transport Layer Security (TLS) and IPsec are two methods recommended by the
3GPP for encryption. IPsec works within a trusted domain, providing encryption
between trusted entities. This prevents eavesdropping by entities between call session
controllers, for example. IPsec is implemented within the operating system of the various
network nodes themselves working at the lower layers.
This includes between CSCFs as well. IPsec should be used between all entities
within an operator??™s network.
Pages:
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323