Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hiding Secret Messages In Skype Silences

Posted by samzenpus on from the sound-of-silence dept.

Orome1 writes "A group of researchers from the Institute of Telecommunications of the Warsaw University of Technology have devised a way to send and receive messages hidden in the data packets used to represent silences during a Skype call. After learning that Skype transmits voice data in 130-byte packets and the silences in 70-byte packets, the researchers came upon the idea of using the latter to conceal the sending and receiving of additional messages."

60 of 79 comments (clear)

  1. Go old school rather than packet level? by Keruo · · Score: 3, Funny

    If you talk long conversation, specific pauses might simply work as morse code.

    --
    There are no atheists when recovering from tape backup.
    1. Re:Go old school rather than packet level? by Baloroth · · Score: 1

      True, but the data rate would be much much lower than this can achieve, TFA says they can get almost 1 kilobit/second, good luck getting morse code that fast using pauses. And it would be easily decrypted assuming you didn't use a cipher on top of the Morse code system, while this is (supposedly) undetectable.

      --
      "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
    2. Re:Go old school rather than packet level? by anubi · · Score: 1

      If I could process the digitizer output, I would use the same stenographic techniques used to inject hidden content in image files.

      To the eye, an image with encoded input just looks a bit grainy. To the ear, a voice with encoded input would just sound like a bit of background noise,

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]

    3. Re:Go old school rather than packet level? by Kjella · · Score: 1

      If the people who are talking together wants to have some secret communication, then their whole conversation might be code. Side channel attacks are much more insidious because in any high security environment the source and destinations of traffic are closely monitored. So this looks like Alice is talking to Bob and that is entirely above board and legitimate, but in addition we're piggybacking secret data from Alice's computer that we've compromised to Bob who is our mole on the inside. Secure communication channels are specifically designed to avoid this sort of thing. For example that is why early SSL replaced a random padding with a defined padding, because the "random" padding could be an encrypted version of the session key or some other secret message and you couldn't tell.

      --
      Live today, because you never know what tomorrow brings
    4. Re:Go old school rather than packet level? by anubi · · Score: 1

      err...make that "steganograpic".

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]

  2. Eloquent silence by maxwell+demon · · Score: 2

    I wonder why Skype needs 70 bytes to transmit essentially nothing. Maybe they already do use it for secret data transmission, just to their own servers?

    --
    The Tao of math: The numbers you can count are not the real numbers.
    1. Re:Eloquent silence by Anonymous Coward · · Score: 2, Insightful

      UDP overhead is 28 bytes for ipv4. Add in overhead for the audio codec to represent a timeframe for a sound and 70 bytes become reasonable.

    2. Re:Eloquent silence by icebike · · Score: 1

      Exactly what I was thinking.

      You would think that a packet specifying X seconds of simulated silence could be packed into a few bits, so maybe two bytes should suffice.

      Clearly there is something else going on, or they would not have designed such a large packet to "represent silence".
      That one can distinguish the silence packets from the voice packets doesn't speak too well of the encryption that Skype has always claimed they use.

      --
      Sig Battery depleted. Reverting to safe mode.
    3. Re:Eloquent silence by hawguy · · Score: 3, Interesting

      Exactly what I was thinking.

      You would think that a packet specifying X seconds of simulated silence could be packed into a few bits, so maybe two bytes should suffice.

      Clearly there is something else going on, or they would not have designed such a large packet to "represent silence".
      That one can distinguish the silence packets from the voice packets doesn't speak too well of the encryption that Skype has always claimed they use.

      If the Skype client didn't send packets during 'silence', then the client on the receiving end of an extended silent session wouldn't know whether there was silence on the other end or a network problem. That's why the client keeps sending packets even during "silence" rather than just timing silent sections then sending out a packet at the end of the silence saying "It was silent for the past 10 seconds, so that's why you didn't receive any data from me".

    4. Re:Eloquent silence by vlm · · Score: 1, Interesting

      My guess is they even added in the 38 byte ethernet overhead. Yielding 66 bytes. Add 4 bytes for the codec and its fairly reasonable.

      Of course they probably didn't use the 8021q ethernet overhead which is 42 bytes, or they wouldn't have any payload at all! (I suppose its possible... an empty payload is intuitively about as "silent" as you can get)

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    5. Re:Eloquent silence by Minwee · · Score: 5, Insightful

      Exactly what I was thinking.

      You would think that a packet specifying X seconds of simulated silence could be packed into a few bits, so maybe two bytes should suffice.

      Were you planning on sending that "two seconds of silence" packet at the _start_ of the pause? If so I know a few theoretical physicists and at least one state lottery commission who would _love_ to see your algorithm.

    6. Re:Eloquent silence by tlhIngan · · Score: 2

      I wonder why Skype needs 70 bytes to transmit essentially nothing. Maybe they already do use it for secret data transmission, just to their own servers?

      Encryption padding, I'd guess. Use something like AES which only works on 128/192/256 bit blocks (depending on key size)(16/24/32 bytes) and if you have a short packet of silence, it has to be padded in order to be encrypted. I'm guessing there might be a header and other stuff that pushes it to 70 bytes.

    7. Re:Eloquent silence by icebike · · Score: 1

      First, I misspoke, and should have been mentioning milliseconds rather than seconds.
      But, still, a keep alive packet arriving once a second should be sufficient, wouldn't you think?

      --
      Sig Battery depleted. Reverting to safe mode.
    8. Re:Eloquent silence by Anonymous Coward · · Score: 2, Insightful

      Btw, Silence is a sound for computers which is represented by a flat line or basically the value of 0. Not getting packets and getting a value of 0 are different things whereas the former can be due to packet lost and broken connection while the latter is an actual value.

    9. Re:Eloquent silence by icebike · · Score: 1

      Why not send them where the current 70 byte packets are sent?
      After all, this decision has already been made and implemented in the Skype protocol, as they are doing one or the other already.

      --
      Sig Battery depleted. Reverting to safe mode.
    10. Re:Eloquent silence by Anonymous Coward · · Score: 2, Informative

      +1

      Skype is far from the first VoIP protocol to do this.

      http://en.wikipedia.org/wiki/Voice_activity_detection
      http://en.wikipedia.org/wiki/Comfort_noise

    11. Re:Eloquent silence by maxwell+demon · · Score: 1

      Since it doesn't contain any information, and it is identifiable as silence packet anyway, then why encrypt it?

      --
      The Tao of math: The numbers you can count are not the real numbers.
    12. Re:Eloquent silence by maxwell+demon · · Score: 1

      Sending two bytes is not the same as sending nothing.
      The point is not that Skype sends packets for silence, but that it sends such big packets, despite obviously detecting the silence as such (otherwise the silence packages would be the same size as non-silence packages).

      --
      The Tao of math: The numbers you can count are not the real numbers.
    13. Re:Eloquent silence by gstoddart · · Score: 1

      I wonder why Skype needs 70 bytes to transmit essentially nothing.

      My assumption was for a keepalive in the protocol.

      Otherwise, packets would stop coming if someone stops talking, and sooner or later the other side would have to assume you've hung up.

      Sending the packet for the silence would be the equivalent to "I'm still here".

      --
      Lost at C:>. Found at C.
    14. Re:Eloquent silence by maxwell+demon · · Score: 2

      It is obvious that Skype uses voice activity detection, or else the silence packets would be as large as the voice packeage. The whole point is why they are still quite large (large enough to send a substantial amount of data).

      The second link is totally irrelevant because it doesn't concern the sender, but the receiver. The noise the receiver generates certainly does not depend on the size of the silence packages the sender sends.

      --
      The Tao of math: The numbers you can count are not the real numbers.
    15. Re:Eloquent silence by X0563511 · · Score: 1

      One word that makes it possible: buffering.

      It wouldn't work with a realtime stream. TCP/UDP don't do realtime streams quite so well.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    16. Re:Eloquent silence by maxwell+demon · · Score: 1

      You don't need 70 bytes for a simple keepalive. That's the point. Nobody argues that no packets should be sent. But why such large packets?

      Taking your analogy, it would be like holding a short monologue just to tell "I'm still here."

      --
      The Tao of math: The numbers you can count are not the real numbers.
    17. Re:Eloquent silence by ottothecow · · Score: 2
      Maybe they found they were having trouble with traffic shaping/QOS type systems.

      Have to keep something decently sized flowing through the connection or it gets de-prioritized and then when real content starts flowing again, it lags? I don't know if this is true, but it sounds like a reasonable explanation considering how skype's design is so heavily focused on being able to punch through hostile networking environments and maintain a workable stream.

      --
      Bottles.
    18. Re:Eloquent silence by cheater512 · · Score: 1

      That doesn't make any sense. If they were including Ethernet and TCP/IP then Skype must have the most efficient voice codec ever to transmit voice with 60 bytes.
      Remember it is 70 for silence but only 130 for voice.

      Also how do you get 1kbit/s in the silence with 4 bytes per packet?

      No Skype is definitely sending silence with 70 bytes.

    19. Re:Eloquent silence by tlhIngan · · Score: 1

      Since it doesn't contain any information, and it is identifiable as silence packet anyway, then why encrypt it?

      Because there may be other data besides the ones saying "this is silence". Perhaps some identifier, a size, etc. Maybe there's control information like mouse coordinates (for whiteboard mode), maybe some text chat, etc.

      As for not sending anything - well, Skype needs to send something in order to ensure the STUN is still active.

    20. Re:Eloquent silence by Ungrounded+Lightning · · Score: 1

      If they were talking IPv6, UDP packet overhead is 48 bytes, leaving only 22 for keeping the CODECs synchronized and specifying how much silence is being encoded.

      I note that some carriers deliberately inject what is called "comfort noise" - a small amount of background noise - during silences. This is to keep the user from becoming concerned that the connection has failed.

      While I don't know whether, or how, skype does this, it would be reasonable to either actually send the connection's real background noise at a reduced bit rate, or send some small amount of information to the receiving end in a mechanism for avoiding artifacts (like those I've heard on AT&T cell service) which make it obvious that a noise generator is being switched on and off, or repeating waveforms that sound like a "Max Headroom" style failing connection.

      --
      Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    21. Re:Eloquent silence by makomk · · Score: 1

      VOIP needs to be low latency, though, otherwise people get confused and try to talk over each other.

    22. Re:Eloquent silence by Miamicanes · · Score: 1

      > You would think that a packet specifying X seconds of simulated silence could be packed into a few bits,
      > so maybe two bytes should suffice.

      You're confusing media-encoding with telephony. Media encoding occurs in non-realtime, so you can analyze a big chunk of data and plan ahead for both silence and bursts. Telephony is realtime. The more you delay the audio for analysis, the more annoying it becomes to the people having the conversation. With realtime telephony, you don't HAVE "X seconds" to buffer and delay transmission so you can analyze a chunk of audio that long.

      The supreme irony of video compression is that you can compress pristine HD video down to 320x480 60 field/second VHS-quality with 4:0:0 chroma subsampling and end up with an average bitrate that's barely more than what you'd need for uncompressed (or maybe realtime-compressed, with max. 1ms added latency) audiophile-quality surround sound. Why? Surround sound SEVERELY limits what you can throw away in realtime (it uses phase relationships to encode side/rear/sub channels, which are one of the first things codecs like GSM's throw away and dispense with), and if you're compressing pristine noise-free video using DVD-noncompliant (but usually works anyway) outrageously long GOPs, B-frames, multipass variable-bitrate encoding, and aggressive huffman compression, you can pack the video down to almost nothing -- especially if you're willing to accept a little blockiness.

    23. Re:Eloquent silence by icebike · · Score: 1

      You're confusing media-encoding with telephony. Media encoding occurs in non-realtime, so you can analyze a big chunk of data and plan ahead for both silence and bursts. Telephony is realtime. The more you delay the audio for analysis, the more annoying it becomes to the people having the conversation. With realtime telephony, you don't HAVE "X seconds" to buffer and delay transmission so you can analyze a chunk of audio that long.

      Wait, wait, wait,...

      Skype is already sending silence packets. Its ALREADY made the determination that it has silence, and packaged (something) differently.

      So that pretty much makes the rest of what you said either totally wrong, or non germane.

      --
      Sig Battery depleted. Reverting to safe mode.
  3. There goes that idea by Jeng · · Score: 4, Insightful

    If you are going to hide something, don't let everyone know where you put it.

    Now that the exploit has been discussed it will be watched out for.

    --
    Don't know something? Look it up. Still don't know? Then ask.
    1. Re:There goes that idea by Anonymous Coward · · Score: 2, Informative

      It's not an exploit.

    2. Re:There goes that idea by Anonymous Coward · · Score: 1

      If you are going to hide something, point everyone somewhere else. These guys are really using Youtube, but would prefer their Skype calls are monitored.

    3. Re:There goes that idea by maxwell+demon · · Score: 1

      Of course, the opponent could just replace the data in the silence packages himself, thus closing that communication path for you. Normal people would not notice (otherwise that data transmission would not work to begin with).

      --
      The Tao of math: The numbers you can count are not the real numbers.
    4. Re:There goes that idea by Jeng · · Score: 1

      Wrong choice of words, but close enough.

      One would exploit the information

      --
      Don't know something? Look it up. Still don't know? Then ask.
  4. huh by etash · · Score: 1

    but now that they told us what they are going to do, the messages won't be a secret any more ?

    tl;dr: security by obscurity is a bad thing!

    1. Re:huh by hobarrera · · Score: 1

      It really depends, you can still encrypt the hidden message, hence, it'd be almost impossible to tell if it's just plain old silence, or an encrypted message.

    2. Re:huh by Fnord666 · · Score: 1

      tl;dr: security by obscurity is a bad thing!

      Maybe that's why this is an article about steganography rather than security?

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
  5. paranoid mode engaged ! by Anonymous Coward · · Score: 1

    So skype has 1kilobit/sec spare capacity when transmitting silence ? How much data does it actually sent then ? just for silence ?
    This protocol is either very inefficient, or there is reason for this 'waste' of bandwidth. So what does skype use it for ?

    1. Re:paranoid mode engaged ! by hawguy · · Score: 2

      So skype has 1kilobit/sec spare capacity when transmitting silence ? How much data does it actually sent then ? just for silence ?
      This protocol is either very inefficient, or there is reason for this 'waste' of bandwidth. So what does skype use it for ?

      From TFA, it's 70 bytes per packet (560 bits, excluding packet overhead), so less than 2 packets/second gives 1kbit/second of data. That doesn't seem all that inefficient.

    2. Re:paranoid mode engaged ! by maxwell+demon · · Score: 1

      70 bytes to transmit what could be transmitted in one byte (the status "no activity") seems very inefficient.

      --
      The Tao of math: The numbers you can count are not the real numbers.
    3. Re:paranoid mode engaged ! by TheRealMindChild · · Score: 1

      You aren't thinking of the protocol layers involved. At the top there is the "valid voip packet", which encapsulates everything. Next layer down you have an ID layer. Is it silence or is it waveform data? Silence, great. Next layer, for how long? 70 bytes isn't unreasonable.

      --

      "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    4. Re:paranoid mode engaged ! by lamber45 · · Score: 1

      Except that the packet already has at least an 8-byte UDP header, a 20-byte IPv4 (or 40-byte IPv6) header, and a link-layer header of some sort. There's probably some sort of checksum and block padding within those 70 bytes (which may in fact include the UDP or TCP header as well).

      Similarly, VNC tunneled over SSH doesn't use 1-byte and 2-byte packets. For a certain block-size for which I did calculations and watched some real-life traffic, actual packet payloads for the different relevant messages are as follows:

      • SSH CHANNEL_OPEN "direct_tcp": 92 bytes
      • KeyEvent (messagetype=4): 44 bytes
      • PointerEvent (messagetype=5): 28 bytes
      • ClientCutText: at least 44 bytes

      Since there are only about 90 keys on my keyboard, that seems like a lot of wasted space per packet; but remember that just the TCP and IPv4 headers are 40 bytes, so it's only 51.2% of the IP data, and even less of the link-level data.

  6. Bitwise by MMAfrk19BB · · Score: 1

    Are real silence packets identical in payload? If so, a bitwise comparison of silence packets could be easily automated and would detect the altered packets, right? And if this is the case, how is this useful in a government-surveillance scenario? (I'm assuming that's what this is for.)

    1. Re:Bitwise by Art+Challenor · · Score: 1

      Not if you only send zeros:

      http://search.dilbert.com/search?w=database+only+zeros&x=0&y=0

    2. Re:Bitwise by vlm · · Score: 2

      Each side has a very smart bridge.

      If bridge A sees an incoming 130 byte packet from the LAN side thats obviously skype, pass it.
      If bridge A sees an incoming 70 byte packet from the LAN side thats obviously skype, add a 60 byte encrypted / hashed / whateverd back channel of data.

      If bridge B sees an incoming 130 byte packet from the LAN side thats obviously skype, ram it thru the decrypt / dehash / whateverd thing and see if the last 60 bytes decodes to a valid back channel data packet. To a crude first approximation your bit error rate will approximate your magic number or header or whatever length, so requiring the decrypted packet data to begin with 0x1234 means you'll only false positive about once in 2**32 decodes, probably good enough for text, maybe not so good for DVD iso transfer.

      This simple idea is pretty simple to traffic analyze. Are the conversation patterns more like speech or embedded text? A slightly intelligent algo on the TX side could fix that (perhaps only the first silence packet after normal speech gets special data, or it only sends special data in a vaguely normal conversational (very) random pattern). You can come up with traffic analysis systems all day.. my rev-2 design could be caught by displaying a histogram of how long each stretch of silence is, how odd that this convo 1 packet long silences match the typical graph for 2 packet long silences instead of typical 1 packet long...

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  7. Move Along by Anonymous Coward · · Score: 5, Funny

    Nothing to see hear.

  8. Re:Waste of time by hawguy · · Score: 2

    There are a million ways to communicate in secret, and this ranks among the stupidest.

    Which ways are less stupid than hiding your packets in a stream that's believed to be innocuous and even if the voice packets are monitored, your hidden data would presumably remain hidden?

  9. Whitespace! by Vlad_the_Inhaler · · Score: 4, Funny

    C may currently have overtaken Java as the most popular language but Whitespace is going to overtake them all!

    --
    Mielipiteet omiani - Opinions personal, facts suspect.
    1. Re:Whitespace! by maxwell+demon · · Score: 1

      You seem to have posted to the wrong story.
      But never mind, worse things happen at C.

      --
      The Tao of math: The numbers you can count are not the real numbers.
  10. I've seen this before by Anonymous Coward · · Score: 1

    I've had a lot of chats with silences with hidden messages... mostly with women.

  11. Obviously... by Brickwall · · Score: 1
    "A group of researchers from the Institute of Telecommunications of the Warsaw University of Technology have devised a way to send and receive messages hidden in the data packets

    Using Reverse Polish Encryption, no doubt.

    --
    What was once true, is no longer so
  12. skype update in by dutchwhizzman · · Score: 2

    3

    2

    1

    Because MicroSoft will have none of this, obviously.

    --
    I was promised a flying car. Where is my flying car?
  13. The quiet ones ... by PPH · · Score: 2

    ... have the loudest minds.

    --
    Have gnu, will travel.
  14. Side channel communications is not news. by Frobnicator · · Score: 2

    Side channel attacks are old-school but any security researcher worth their title knows about them.

    This was a popular attack in the 60's and 70's for governments.

    Decades ago CS programs taught about how spies once leaked data from secret-privileged machines by emitting communications through CPU load, or through disk usage, or through various other timing attacks.

    --
    //TODO: Think of witty sig statement
  15. But Can China Read It? by TheNinjaroach · · Score: 1

    Since the Chinese government has access to wiretap all Skype calls, I wonder if they would be able to access the silent bits of information as well.

    --
    I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
  16. Beep by Kittenman · · Score: 1

    James Blish.

    'Nuff said.

    --
    "The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
  17. Old news by sootman · · Score: 1

    Believe me, there are HUGE amounts of secret data transmitted in the silences in conversations... with your significant other, at least.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  18. Re:Waste of time by gmhowell · · Score: 1

    There are a million ways to communicate in secret, and this ranks among the stupidest.

    Which ways are less stupid than hiding your packets in a stream that's believed to be innocuous and even if the voice packets are monitored, your hidden data would presumably remain hidden?

    Posting as AC to slashdot where you will be moderated -1, Troll, and your message will never be read by the unknowing yet will be transmitted within a seemingly innocent data stream to thousands of people, thus providing you a covert data channel where it's not known who is the real recipient of the data and it's not possible to prove the covert message was received.

    That's as good an explanation for apk as any, I suppose.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  19. If you play Skype calls in reverse... by RedHackTea · · Score: 1

    You can hear the song "Here's to My Sweet Satan."

    --
    The G
  20. Or not by Keychain · · Score: 1

    Hidden shmidden. If they didn't encrypt it, Skype could simply inspect the silence packet and get everything they are transmitting. It's only secret to someone who has a microphone in your room