Evil Codecs

Today at Spring VON Europe in Stockholm, one of the panel sessions covered the issue of the proliferation of codecs, both for video and voice.  Industy veteran Henry Sinnreich of Adobe rasied an interesting topic for the panel regarding compromised or evil codecs.  An evil codec could provide a stream of audio designed in such a way to crash or destabilize an endpoint, with the aim of putting the endpoint in a mode where the conversation could then be monitored.  Some researchers have already shown that such attacks are in principle possible.

So the question is what to do about this, and how to test systems to prevent this kind of attack?  There were no real answers were forthcoming today, but I shall certainly revisit the topic in my panel session tomorrow,  The Real Risks of VoIP Security, and see if my experts fare better.

From my own point of view, I think it could be a nightmare to have to scan every RTP stream in real time for ‘evil’ signatures, much like in email scanners.  The CPU required to do this for all audio could be disabling.  If the codec software can be ‘hardened’ and made robust enough to withstand such an attack, this would seem a better solution.