ITU Kaleidoscope 2016 ICTs for a Sustainable World TOWARD - - PowerPoint PPT Presentation

itu kaleidoscope 2016
SMART_READER_LITE
LIVE PREVIEW

ITU Kaleidoscope 2016 ICTs for a Sustainable World TOWARD - - PowerPoint PPT Presentation

Oct 20, 2023 28 likes •390 views

ITU Kaleidoscope 2016 ICTs for a Sustainable World TOWARD AUTHENTICATED CALLER ID TRANSMISSION: THE NEED FOR A STANDARDIZED AUTHENTICATION SCHEME IN Q.731.3 CALLING LINE IDENTIFICATION PRESENTATION Huahong Tu, Adam Doup, Ziming Zhao, and

slide-1
SLIDE 1

ITU Kaleidoscope 2016

ICTs for a Sustainable World

TOWARD AUTHENTICATED CALLER ID TRANSMISSION: THE NEED FOR A STANDARDIZED AUTHENTICATION SCHEME IN Q.731.3 CALLING LINE IDENTIFICATION PRESENTATION

Huahong Tu, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn Arizona State University tu@asu.edu

Bangkok, Thailand 14-16 November 2016

slide-2
SLIDE 2
slide-3
SLIDE 3

100000 200000 300000 400000 500000 600000 2013 2014 2015

Fraud Complaints by Method of Contact 2013-2015

Phone Email

Data source: FTC Consumer Sentinel Data Book CY2015

slide-4
SLIDE 4

Fraud Complaints by Method of Communication in 2015

Phone

Email Web Mail Other

Data source: FTC Consumer Sentinel Data Book CY2015

slide-5
SLIDE 5
slide-6
SLIDE 6
slide-7
SLIDE 7
slide-8
SLIDE 8
slide-9
SLIDE 9
slide-10
SLIDE 10
slide-11
SLIDE 11
slide-12
SLIDE 12
slide-13
SLIDE 13

Spoof

slide-14
SLIDE 14

Why Security Indicators Matter

slide-15
SLIDE 15
slide-16
SLIDE 16
slide-17
SLIDE 17
slide-18
SLIDE 18
slide-19
SLIDE 19

Designing the Verification Scheme

slide-20
SLIDE 20
slide-21
SLIDE 21
  • Authentication
  • Integrity
  • Deployability

Design Principles

slide-22
SLIDE 22
slide-23
SLIDE 23
  • 1. Caller ID Verification
  • 2. Authenticated Call Request

The scheme has 2 parts

slide-24
SLIDE 24
  • Provide proof of E.164 ownership to a CA
  • Obtain a short-term Caller ID Certificate
  • Use caller ID to generate Authenticated Call Requests

Caller ID Verification

slide-25
SLIDE 25
slide-26
SLIDE 26
  • Assert the originating identity
  • Generate an extended IAM with a digital signature

using the Caller ID Certificate

  • Validate both the IAM signature as well as the signer

Authenticated Call Request

slide-27
SLIDE 27
slide-28
SLIDE 28
  • UTC Timestamp (UNIX time)
  • X.509 certificate format
  • International E.164 format
  • Parameter Compatibility Information parameter

(Q.764.2.9.5.3.2)

Other Details

Parameter Type Length (octets) UTC Timestamp Optional Part 4-? Signature Algorithm Optional Part 1-? Signature Optional Part 16-? Caller Identity Certificate Optional Part 32-?

slide-29
SLIDE 29
  • Certificate Revocation to guard against stolen identity

– E.g. stolen certificate, cell phone theft, etc.

  • Recommend using Certificate Revocation List (CRL)

with short-term certificates

– No stalling, OCSP can cause stalling – Risk containment – Reduce list size

Security Considerations

slide-30
SLIDE 30
  • Transmitting and presenting the security indicator to

the called party

  • Use a flag indicator

, only if

– local exchange network connection is secured – identity of the local exchange carrier is authenticated – the call request header is integrity protected

  • Otherwise recommend using full conversion of the

extended IAM parameters to allow the called party’s user equipment to perform verification

Local Deployment Considerations

slide-31
SLIDE 31
  • STIR/PASSporT token
  • Authloop

Related Works

slide-32
SLIDE 32
slide-33
SLIDE 33
slide-34
SLIDE 34
slide-35
SLIDE 35

Acknowledgement

slide-36
SLIDE 36

ITU Kaleidoscope 2016

ICTs for a Sustainable World

Thank You

Huahong Tu Arizona State University tu@asu.edu

Download paper: http://huahongtu.me/publications/itu-callerid.pdf

Bangkok, Thailand 14-16 November 2016