Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Communications Encryption Google Security IT

Encrypted VoIP Meets Traffic Analysis 98

Posted by CmdrTaco from the i-only-speak-in-binary dept.
Der_Yak writes "Researchers from MIT, Google, UNC Chapel Hill, and Johns Hopkins published a recent paper that presents a method for detecting spoken phrases in encrypted VoIP traffic that has been encoded using variable bitrate codecs. They claim an average accuracy of 50% and as high as 90% for specific phrases."
This discussion has been archived. No new comments can be posted.

Encrypted VoIP Meets Traffic Analysis More

Encrypted VoIP Meets Traffic Analysis

Comments Filter:

  • So...obvious solution then? (Score:5, Interesting)

    by Anthony Mouse ( 1927662 ) on Tuesday March 15, 2011 @11:30AM (#35492122)

    Use fixed-bitrate encoding for VoIP.

  • Re:Bleh (Score:5, Interesting)

    by bennomatic ( 691188 ) on Tuesday March 15, 2011 @11:38AM (#35492246) Homepage
    This reminds me of the guy Colbert interviewed regarding the Large Hadron Collider who thought there was a 50% chance that it would destroy the universe. When questioned as to how he got those odds, he said, "Well, there's two options... either it will happen or it won't happen. 50%."

  • Re:So...obvious solution then? (Score:3, Interesting)

    by bsquizzato ( 413710 ) on Tuesday March 15, 2011 @12:00PM (#35492550)

    Not so obvious --- now you have a much less efficient use of bandwidth to deal with.

    The article describes the method used to detect phrases ...

    At a high level, the success of our technique stems from exploiting the corre-lation between the most basic building blocks of speech—namely, phonemes—and the length of the packets that a VoIP codec outputs when presented with these phonemes. Intuitively, to search for a word or phrase, we first build a model by decomposing the target phrase into its most likely constituent phonemes, and then further decomposing those phonemes into the most likely packet lengths. Next, given a series of packet lengths that correspond to an encrypted VoIP conversation, we simply examine the output stream for a sub-sequence of packet lengths that match our model.

    Essentially, you gather enough information about how a VBR codec could encode a speech phrase you are looking for, then predict where it was spoken by looking at the "data bursts" being sent in the media stream. We'll need to research a way to "scramble" this predictability that's more efficient than using fixed bitrates, which eats up un-needed bandwidth.

  • Re:So...obvious solution then? (Score:5, Interesting)

    by Cthefuture ( 665326 ) on Tuesday March 15, 2011 @12:22PM (#35492852)

    Actually most people are using G.711 these days which is in fact a fixed bitrate (it's the same protocol used on your normal "hard" voice line).

    But most VoIP providers do not offer SRTP or any encryption whatsoever so this whole thing is not even a question. More than likely anyone can listen in on your VoIP calls. We need to put more pressure on VoIP providers to offer encryption.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close