Feeds

Compressed VoIP leaves eavesdropping clues

The Norman Collier effect

Internet Security Threat Report 2014

Eavesdroppers might be able to gain clues about the content of encrypted conversations even without breaking the cryptography.

VoIP services such as Skype encrypt conversations but law enforcement agencies, most notably in Germany, have complained this can hinder law enforcement investigations.

The emerging use of variable bitrate compression for VoIP transmission carries serious potential drawbacks that may play into the hands of those seeking to spy on the content of conversations, for whatever purpose. Variable bitrate compression to VoIP streams minimises the use of bandwidth without reducing audio quality.

But the technique, when applied to encrypted VoIP streams, means that larger packets of scrambled data are associated with complex sounds such as "ow" than simple consonants, such as "c". As a result traffic analysis techniques can be applied to encrypted traffic streams.

Boffins from John Hopkins University in Baltimore, USA have found that the relative size of packets in a VoIP conversation might be used to detect whether words or phrases of interest appear in encrypted conversations. The result might yield a transcript even more unintelligible than from comedian Norman Collier's faulty microphone routine - which might still be a useful result.

Even though the approach is not sophisticated enough to come anywhere near gaining the actual gist of conversations it is be good enough to pick out chosen phrases within encrypted data. By using machine learning techniques the researchers were able to develop systems that "inferred 'hidden' information from encrypted VoIP traffic streams based on observable patterns in packet size and timing of various protocols".

Software developed by the researchers picked out words or short phrases with an average accuracy of 50 per cent, a result that climbed to 90 per cent in the case of longer phrases.

"I think the attack is much more of a threat to calls with some sort of professional jargon where you have lots of big words that string together to make long, relatively predictable phrases," Charles Wright, one of the John Hopkins team, told New Scientist. "Informal conversational speech would be tougher because it's so much more random."

Variable bit rate compression is not widely used in the VoIP world but is likely to be included in future upgrades of a number of services, according to Wright. He added that: "We hope we have caught this threat before it becomes too serious."

The John Hopkins team presented their research at the 2008 IEEE Symposium on Security and Privacy conference in Oakland, California last month. Their paper, Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations can be found here (pdf). ®

Internet Security Threat Report 2014

More from The Register

next story
Mighty Blighty broadbanders beg: Let us lay cable in BT's, er, ducts
Complain to Ofcom that telco has 'effective monopoly'
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.