Excerpted from the “VoIP Phone Hardening – Part 2” white paper. Download the complete paper from our Knowledge Center.
Within Cisco implementation of Public Key Infrastructure (PKI) there are multiple PKI roots that each phone must trust. The phone keeps a list of all of the PKI roots that should be trusted called the Cisco Certificate Trust List (CTL).
The CTL is created by a CTL client that is obtained as a plug-in on the CUCM server. The CTL application has a list of trusted devices, which is the data in this case. The data is passed off to the security token. The security token is a USB device that is a mini computer that acts like a CA. It has a private and a public key and a certificate, and is capable of signing data. The data is passed from the CTL client to the security token where it is signed, and the data is passed back to the CTL client. The private key never leaves the security token. This process requires two security keys as one is used for backup in the event something happens to the first one.
After the CTL list is created by the CTL client, the phones will obtain this CTL during their next reboot. The first download of the CTL is not secure and must be done on a trusted network to insure the CTL list has not been falsified by an attacker. The problem only exists during the first download of a CTL list because an IP phone will accept any CTL list. However, any updated list will have to be verified by using the correct key pairs.
The phone uses the CTL list for the following situations.
- Encrypted Signaling – The IP phone verifies the certificate received by the CUCM using the CTL list to authenticate the CUCM.
- LSC Enrollment – The IP Phone will request to be enrolled with the CAPF and receive a certificate from the CAPF service. This certificate is verified against the CTL to authenticate the CAPF service.
- Signed IP Phone Configuration Files – The TFTP server will sign the configuration files with its private key. The phone will need to look in the CTL for the public key to decrypt the configuration file.
- Signed CTL Files – The CTL is signed by the CTL client, and the phone must verify the new CTL certificate with the previous CTL to authenticate the updated CTL. If the phone does not have a CTL, it will accept any CTL the first time. Therefore, a trusted network must be used for first-time