Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypted VoIP Meets Traffic Analysis

Posted by CmdrTaco on from the i-only-speak-in-binary dept.

Der_Yak writes "Researchers from MIT, Google, UNC Chapel Hill, and Johns Hopkins published a recent paper that presents a method for detecting spoken phrases in encrypted VoIP traffic that has been encoded using variable bitrate codecs. They claim an average accuracy of 50% and as high as 90% for specific phrases."

9 of 98 comments (clear)

  1. Re:Bleh by Anthony+Mouse · · Score: 5, Informative

    I'm pretty sure that identifying a specific word with 50% accuracy is better than random chance. There are more than two words in the English language.

  2. So...obvious solution then? by Anthony+Mouse · · Score: 4, Interesting

    Use fixed-bitrate encoding for VoIP.

    1. Re:So...obvious solution then? by Anonymous Coward · · Score: 5, Informative

      OpenSSH had a similar problem, it would leak information about your login password by the timing/size of the packets:

      http://www.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf

      I believe their solution was to introduce random NOP packets into the stream. This approach could work here too.

    2. Re:So...obvious solution then? by Cthefuture · · Score: 4, Interesting

      Actually most people are using G.711 these days which is in fact a fixed bitrate (it's the same protocol used on your normal "hard" voice line).

      But most VoIP providers do not offer SRTP or any encryption whatsoever so this whole thing is not even a question. More than likely anyone can listen in on your VoIP calls. We need to put more pressure on VoIP providers to offer encryption.

      --
      The ratio of people to cake is too big
  3. Re:Bleh by batquux · · Score: 4, Funny

    Come on, 50% is better than most unencrypted voice recognition!

  4. Re:Bleh by bennomatic · · Score: 4, Interesting

    This reminds me of the guy Colbert interviewed regarding the Large Hadron Collider who thought there was a 50% chance that it would destroy the universe. When questioned as to how he got those odds, he said, "Well, there's two options... either it will happen or it won't happen. 50%."

    --
    The CB App. What's your 20?
  5. Re:Bleh by zill · · Score: 4, Funny

    A'LA'IH

  6. Re:Bleh by Chrisq · · Score: 5, Funny

    Once they discover a method to wire trap encrypted video calls, that would open a new era in porn scene.

    ...

    I'm pretty sure that identifying a specific word with 50% accuracy is better than random chance. There are more than two words in the English language.

    Maybe he's talking about the porn film.90% seem to be "oh" or "yes" (or so i am told)

  7. Re:Bleh by ciderbrew · · Score: 4, Funny

    The pitch is the main thing in the art form.
    A low German voice - "ooohhh yaaaaa", over and over. then you have the high pitched Japanese squeak sound - "ii, ii, ii, kimochi". Which really gets annoying these days. It took a few years; but it IS annoying.