Encrypted VoIP Meets Traffic Analysis
Der_Yak writes "Researchers from MIT, Google, UNC Chapel Hill, and Johns Hopkins published a recent paper that presents a method for detecting spoken phrases in encrypted VoIP traffic that has been encoded using variable bitrate codecs. They claim an average accuracy of 50% and as high as 90% for specific phrases."
Once they discover a method to wire trap encrypted video calls, that would open a new era in porn scene.
They claim an average accuracy of 50% and as high as 90% for specific phrases."
So on average that can't do any better than chance. Wow such great results!
Better stick to a constant bitrate then :)
Use fixed-bitrate encoding for VoIP.
Teh Recognisining.
"I'd like to order pizza, with pepperoni, pineapple, mushroom and an Iludium Pu-36 space modulator delivered to Hall of Justice."
A feeling of having made the same mistake before: Deja Foobar
When you want to secure something, you must think carefully about how you might be leaking information. You can't just slap some encryption on and call it a day.
fuck you. die. all moderators.
http://portal.acm.org/citation.cfm?id=1397759.1398055&coll=DL&dl=GUIDE&CFID=13816718&CFTOKEN=31717594
Written by the same authors, 2 years ago. Article at the same publication.
I keep reading the white papers, and upgrading my crypto.
First it was telnet.
Then SSH.
Then iptables, soon port-knocking...
Encrypted VPN tunnels...
The list is endless.
Just stacking more layers of security on top of each other. *sigh* Gotta keep my conversations safe SOMEHOW.
The conference version of the paper appeared in IEEE S&P 2008.
http://cs.unc.edu/~fabian/papers/oakland08.pdf
Skype lets you set a SOCKS proxy. If that links to a dynamic ssh proxy, then at least your local traffic is encrypted. That protects from casual eavesdropping on the LAN segment (prevent firesheep and similar attacks). That gets the packets "further along" to their destination, but if the warrantless-wiretapping cases show, you don't have to be a conspiracy nut to question whether Skype freely routes all of their traffic to the NSA. Okay, maybe you have to be a bit paranoid to think that.
You mean when you vary a quality of your signal (in this case bitrate) based on content, people can read information about the content from those variations??? OMFG!
No it does not work like that (Wire tapping encrypted video calls).
It does not tap the signal, but increases your odds when guessing whether something was communicated in a specific manner.
Hivemind harvest in progress..
The definition (somewhere in the 'net archives) of encryption quality is how distinguishable the encrypted message is from random noise. Clearly setting bitrates, or any other parameter, based on the input, is not random.
Pick a better algorithm and/or suck it up and waste a little bandwidth.
https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
Google is involved in this? Perhaps encryption could help them improve the accuracy of transcription in Google Voice...
I'm hoping it's best at picking up obvious spy phrases, like "the eagle has landed", "the moon fish squicks wickedly at midnight", "long is the gap between cacti"... Somehow I think it's probably best at "hello".
It would be interesting to see how well their algorithm performs on conversational speech, something like Switchboard or CallHome. There is a lot more pronunciation variation in in conversational speech than in read speech.
Did you note that they specified variable bit rate? In this case, I'll bet it had more to do with the timing and flow of the packets and bytes than with the actual content of the bytes. When there's a pause in a person's speech, there is a pause in the network traffic. Imagine someone trying to send morse code through an encrypted voice channel. Someone watching a bandwidth graph that had a high enough frequency would know exactly what coded message you sent regardless of the compression or encryption algorithm used (as long as the compression is variable bit rate). Due to the way voice data is compressed, increases or decreases in traffic could imply certain changes in tone, pitch, volume, inflection, etc. Tracked at a very high frequency, changes in the flow of bytes could give plenty of clues as to what is being said whether the traffic is encrypted or not. In general, encryption algorithms don't change the number or flow of bytes, just the content of the bytes.
A few solutions...
Add some number of pad bytes to each packet to fill in blanks.
Tweak existing high complexity codecs (ilbc, speex..etc) to maintain a persistant bitrate by dynamically scaling quality to even out the per packet bits.
Use a fixed bitrate codec (most of these really suck from bw effeciency vs quality perspective)
Switch variability to the time domain adding jitter to mask the signal and control latency/security tradeoff.
SRTP scares me because it was invented for a single narrow purpose. Would much prefer the use of DTLS to secure RTP streams which being very similar to TLS has received much more scrutiny than SRTP likely ever will.
Is this another advert for yet another pay-to-read-and-see-its-bullshit "science" paper ?
This is why science is going all funny as of late and people don't trust "research" much. "Researchers" write papers to make money apparently, so they will write any old crap and call it an amazing discovery !
Researchers, show us something interesting for once, and don't make us pay for it. Information is free you know ?
First of all, statements like "50% accuracy" are nearly useless; you need to know both precision and recall. And to the degree that "50% accuracy" tells you anything, it tells you that the system is pretty bad.
Finally, the countermeasure for this is the same as the countermeasure for other automated speech analysis techniques: play some singing or theater in the background.
Thus you increase latency, which is the single most important thing in a phonecall.
Nexidia has been selling proprietary tech to do this for years
On any digital signal, comparing a random source of bits should get you 50% accuracy.
-fb Everything not expressly forbidden is now mandatory.
I'm sure there's a mathematical/statistical reason why 50% accuracy is better than guessing in this case, but that would be very counter-intuitive. Same with as high as 90% under certain conditions. I could get to 90% accuracy if I could select out everything that reduced my accuracy as well. I don't doubt the full article explains better though. I'm not suggesting MIT, Google, etc scientists are stupid.
Like any that include the word, 'WINNING!'.
Seems that I started to detect a pattern between the current TFA and this one.
Now, DHS, I know I'm not at MIT, but other cases showed I don't need to... So, just where is my grant for advanced research of the subject?
Questions raise, answers kill. Raise questions to stay alive.
Unscrewing molds
is the core business of Intertech (Taiwan). With world level technology,
Intertech enjoys a very good reputation for making Injection Mold and
Plastic Moldsfor their worldwide customers.