Broadband Advisor

Compression lets attackers tap VoIP calls

New research suggests current encryption and compression methods are inadequate

Matthew Broersma (Techworld) 18/06/2008 09:07:26

More by Matthew Broersma

iPhone Centre

Find out all about the iPhone at our iPhone Centre. News, reviews, how-tos and video - all in one location.

+

Google touts iPhone, Chrome browser 05/09/2008 08:50:00
Google heaps praise on the iPhone, Chrome and their cloud potential at the Office 2.0 Conference.

A Google executive Thursday heaped praise on Apple's iPhone, even with his company set to challenge Apple in this same space with its Android mobile computing platform.
+

Disgruntled customer files second iPhone 3G class-action lawsuit 04/09/2008 10:29:00

An iPhone 3G customer has filed the second lawsuit against Apple and US telecommunications provider AT&T over the popular phone. This one, by William J. Gillis Jr., was filed in San Diego, California and charges that the two companies deliberately misrepresented what users could expect in terms of 3G connectivity and performance, according to blogger Justin McLachlan who first broke the news on Tuesday.
+

iPhone imitators prepping for their close-ups 01/09/2008 08:22:00

It may be too early, or too presumptuous, to call Apple's iPhone a technology icon, but all the other major equipment makers in the emerging smart phone realm are looking to create their own "iconic" device.

More >

Freshtel subsidiary launches WiFi mobile telephony service

Additional Resources

Newsletter Subscription

GoodGearGuide GearDaily Newsletter [Daily]

Each day the GearDaily Newsletter covers the latest from the last week in a specific category. Monday is "Computing, Small Office and Home Office", Tuesday is "On the Move", Wednesday is "Digital Cameras, Video and Imaging", Thursday is "Mobile Phones and Communications" and Friday is "Home Entertainment".

GoodGearGuide GearShop Newsletter [Weekly]

See the latest products and comparison prices added to GearShop each week.

GoodGearGuide Pre-Register

The GoodGearGuide portfolio of services is rapidly expanding. By joining this list you will be pre-registered for any new email services we launch so you won't miss out on any of our independent product guidance and purchasing information. You will be automatically subscribed and receive the new service(s) but dont worry, should you wish to unsubscribe you can do so with only one click.

A common compression technique can make internet telephone calls significantly more susceptible to bugging, according to recent research from Johns Hopkins University.

Internet telephony has become widely used through consumer-centric applications such as Skype, and is becoming more common in enterprises.

The new research suggests, however, that standard encryption and compression methods, when used together, are not sufficiently secure.

VoIP calls are commonly encrypted using a technique that preserves the lengths of voice patterns in the original, unencrypted conversation, the researchers said.

Such calls are relatively difficult to listen in on, they said. But when length-preserving encryption is used with the variable bitrate (VBR) compression technique, the combination leaks a significant amount of information about the conversation, they found.

"Previous work has shown that combining VBR compression with length-preserving encryption leaks information about VoIP conversations," the researchers said in the report. "We show that this information leakage is far worse than originally thought."

In such conversations, particular phrases could be identified within encrypted VoIP calls with more than 90 percent accuracy. Even in decoding entire conversations, accuracy was significant, the research found.

"On average, our method achieves recall of 50 percent and precision of 51 percent for a wide variety of phonetically rich phrases spoken by a diverse collection of speakers," the researchers said.

The problem arises because VBR compression alters the compression rate based on the type of sound being compressed, using higher compression for simpler sounds and lower compression for more complex sounds.

The resulting audio stream makes spoken sounds easy to identify based on bit patterns, and these patterns are preserved in length-preserving encryption.

The researchers used a dictionary of spoken sounds to reconstruct the original conversation without the need to crack its encryption. The reconstructed conversation could then be analyzed as a full conversation or automatically scanned for particular keywords.

The technique could, for instance, be particularly effective in identifying certain predictable phrases used in professional business conversations, the researchers said.

The research analyzed the impact of noise, dictionary size and word variation on the performance of the technique.

"The results of our study show that an attacker can spot a variety of phrases in a number of realistic settings," the researchers said in the paper.

For mitigating such attacks, padding could be used to make the bit patterns less recognizable, the researchers argued.

However, none of the default encryption transforms of the Secure Real-time Transport Protocol, a standard for secure VoIP calls, specify the use of padding, the researchers pointed out.

"Although padding could introduce inefficiencies into real-time protocols, our analysis indicates that it offers significant confidentiality benefits for VoIP calls," added the researchers.

The paper (PDF), called "Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations", was presented by five Johns Hopkins researchers last month at the 2008 IEEE Symposium on Security and Privacy in Oakland, California.

Market Place