Encrypted VoIP Meets Traffic Analysis 98
Der_Yak writes "Researchers from MIT, Google, UNC Chapel Hill, and Johns Hopkins published a recent paper that presents a method for detecting spoken phrases in encrypted VoIP traffic that has been encoded using variable bitrate codecs. They claim an average accuracy of 50% and as high as 90% for specific phrases."
Re:Bleh (Score:5, Informative)
I'm pretty sure that identifying a specific word with 50% accuracy is better than random chance. There are more than two words in the English language.
Re:So...obvious solution then? (Score:5, Informative)
OpenSSH had a similar problem, it would leak information about your login password by the timing/size of the packets:
http://www.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf
I believe their solution was to introduce random NOP packets into the stream. This approach could work here too.