STIR C. Zhang, Ed. Internet-Draft China Mobile Group Design Institute Intended status: Informational H. Deng Expires: January 7, 2016 China Mobile Research Institute July 6, 2015 Issue with current STIR scenario draft-zhang-stir-scenario-issue-00 Abstract This document introduces couple of scenarios have been identified to find out that certificate based solution has some limitation. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 7, 2016. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Zhang & Deng Expires January 7, 2016 [Page 1] Internet-Draft STIR scenario issue July 2015 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction The work item "Technical measures and mechanism on countering the spoofed call in the terminating network of VoLTE (ITU-T X.ticsc, supplement to ITU-T X.1245)" was established by ITU-T SG17 in Sept, 2014. However, before the implementation of the mechanism by VoLTE is taken, the work item of X.ticsc is to focus on the countering measures in the following three scenarios existing in the current networks: We have some definition of the terminology below: IPBX: Internet-protocol Private Branch Exchange (note: IPBX is the exit of the caller's private network) MSC: Mobile Switching Center LSTP: Low Signaling Transfer Point HSTP: High singaling Transfer Point VoLTE AS: Voice over LTE Application Server 1. The caller and caller's visiting/home network are not all in the trusted domain like below figure 1 and 2. Zhang & Deng Expires January 7, 2016 [Page 2] Internet-Draft STIR scenario issue July 2015 Bad Guy: Bad guy: Make a Call Turn Real Number:83658173 +---------+ A Call with To Faked Number:10086 |Telephony| a internal Number +------------------+ |Terminal |--------------------->| IPBX +--+ +---------+ +------------------+ | A Call with | 10086 +-+-----+ | MSC | +-+-----+ +----------+ | A Call with | Exchange | +-----------------+ | 10086 | Gateway |<---------------------| LSP |<-+ | to other | A Call with +-----------------+ | Networks | 0531-10086 Add Area Number: +----------+ 0531 Figure 1: Caller cannot be trusted Bad Guy: Make a Call +---------+ A Call with A Call with |Mobile | 13356784321 +-----+ 13356784321 +------+ |Phone |--------------->| MSC |----------------->| LSTP | +---------+ +-----+ +---+--+ | |A Call with |13356784321 +----------+ +-----+------+ | Exchange | | | | Gateway |<-------------------------------------| VoLTE AS | | to other | A Call with | | | Networks | 13201010086 +------------+ +----------+ Bad Guy: Turn Real Number: 13356784321 To Faked Number: 13201010086 Figure 2: The caller's visiting /home network cannot be trusted 2. The calling ID is real and can be trusted, but highly similar to some public service numbers, for example, a real mobile phone number of 132-010-10086 is quite similar to China Mobile's service number 10086. Some bad guy could use it to make fraud against the customers of China Mobile. Zhang & Deng Expires January 7, 2016 [Page 3] Internet-Draft STIR scenario issue July 2015 3. The international calling ID can be presented incompletely to the callee according to some international exchange rules. If the calling ID is hidden intentionally and legally by the caller in an international call like the figure 3, the presented caller number could be the 00 + country code + area code. While, 00 + country code + area code could be petty similar to some public service numbers also. For example, 95 is the country code of Myanmar and also the first two numbers of many public service numbers of banks in China. And plus some area codes, a bad caller in Myanmar could mimic many public service numbers of banks in China and cheat the customers of these banks easily. Bad Guy: Make a Call Add Area Number: +---------+ A Call with A Call with 5330 |Mobile | number hidden +-----+ number hidden +------+ |Phone |--------------->| MSC |----------------->| LSTP | +---------+ +-----+ +---+--+ | |A Call with |5330 +--------------+ +----+-------+ | International| | | <------------------| Gateway |<--------------| HSTP | A Call with | to other | A Call With | | 00955330 | Networks | 955330 +------------+ +--------------+ Add Country Number: Add International 95 header:00 Figure 3: The caller just hid the ID in a international call By proposing the integrated measures of detecting and verifying, blocking, alerting and etc., X.ticsc dedicates to solve the concerns in these three scenarios listed above at least to some extent. Yet, the rsisk in the scenario 2 and 3 may still not be solved systematically even when the mechanism of the end-to-end authentication is implemented. Meanwhile, editors of X.ticsc would appreciate any closer collaboration with the IETF STIR to share the ideas and enhance the quality of X.ticsc. Just for mention, a new LS/o (TD 1782) has been sent out to IETF STIR by ITU-T SG17 on April of this year. Any further discussion would be welcome! Zhang & Deng Expires January 7, 2016 [Page 4] Internet-Draft STIR scenario issue July 2015 Authors' Addresses Chen Zhang (editor) China Mobile Group Design Institute A16, Danleng Street Beijing China Email: zhangchen@cmdi.chinamobile.com Hui Deng China Mobile Research Institute Xuanwumenxi Ave. No.32 Beijing 100053 China Email: denghui@chinamobile.com Zhang & Deng Expires January 7, 2016 [Page 5]