Category Archives: Cryptography

VoIP Phreaking in the Desert

On the Infoworld Zero Day Security page, Garza talks a little about the VoIP Phreaking session at the Black Hat conference, which is on right now in Las Vegas.  I’m looking forward to the promised podcast with The Grugg, who led that class.

On the Black Hat website is an archive of presentations from previous conferences, and the ones from the current conference should pop-up there in the coming weeks. 

Do You Expect Me To Talk, Goldfinger?

Skype and Sandisk recently made a joint announcement about shipping USB flash drives preloaded with Skype.  The idea behind it is that you can carry the stick in your pocket, and then wherever you go, plug it into an available PC, and be able to make calls with Skype, with all your contacts at your fingertips.  Great idea, very convenient, but of course a security nightmare.

First of all, corporate security people don’t like these flash disks anyway, bringing as they do risks of walking in unwanted stuff, like Trojans, and allowing people to carry out large amounts of data copied from internal servers.

Secondly, some of these devices are bootable and therefore vulnerable to carrying viruses.  A  friend of mine has a USB key smaller than the top part of a thumb, which he carries around on a key ring.  When he plugs it in, it boots the PC for Linux and allows him to remote control his machines back at work from wherever he happens to be.  Now security managers can also worry about strangers coming in, poking in their Sandisk sticks and Skypeing out from the corporate net, regardless of what the policy on Skype might be.

But losing data on flash drives must be a major security concern, since the devices are so small and light, and easy to lose.  Periodically, in the UK, we hear stories about government employees or even people in the security services, who lose their laptop, or have it stolen while they are out of the office.  In the old days, taking data out of the office just wasn’t allowed.  For example there’s the story about Malcolm Williamson, who worked for GCHQ (one of the intelligence departments in the UK), in the 1970’s.  Then the rule was that no materials could be taken out of GCHQ, and nothing about work should be written down while people were outside of work.  Incredibly, Williamson thought up an algorithm for secure key exchange over dinner without making any notes.  This algorithm is now known as Diffie Hellman.

These days, James Bond and all his chums can take their laptops home.  God forbid that they should be given flash drives as well.  These would be sure to fall out of your pockets while you parachuted, scuba-dived and karate-kicked your way through the day job.  It would be bad news to find out that you’ve dropped your Sandisk key, containing the Skype details of all your fellow field officers.

Microsoft + Yahoo! == 350 Million New VoIP Users?

It would seem that Microsoft and Yahoo! have decided to work together and create an inter-operable messaging platform that will support both the Microsoft Live Messenger and Yahoo Instant Messanger clients and protocols, and combining their separate user-bases into one that is close to 350 million users strong, easily eclipsing the 100 million that Skype boasts.

With a clear road map to VoIP services and to adding IM services to mobile phones, both of which Yahoo!’s service already offers via it’s service, as well as the ability to make PC to PSTN calls via Yahoo!’s “Phone Out” service, it’s clear that the target is being drawn squarely on Skype. It will be interesting to see if the security aspect of Skype’s closed product approach or the apparent lack of strong encryption in the Microsoft or Yahoo! protocols (at least in their default configurations) will play any part in the upcoming shootout for subscribers.

The new unified platform is currently in beta and is available for trial.

Perfectly Secret

In VoIP Security it seems we owe a double debt to Claude Shannon.  Shannon is probably best known for the Nyquist-Shannon sampling theorem, which underlies the whole of digital sampling of analog signals.  The elevator version of this idea is that when you sample something into digital form, you have to do this at least twice the frequency of the highest frequency that you want to reproduce.  This is why CDs only have an audible frequency range of 22kHz (due to the 44 kHz sampling rate), which comfortably covers the range of frequencies that I can now hear, although perhaps not my childrens’. 

But Claude Shannon also coined the term perfect secrecy, as he did a lot of work related to cryptography.  In a nutshell, perfect secrecy means that you have no more information about the plaintext after seeing the ciphered version than you did before seeing it, i.e. it’s perfectly secret if the ciphered text gives you no clues and all plaintexts are equally probable.  I would highly recommend reading Shannon’s biography at the Wikipedia site.

Actually, reading this page made me think about Richard Feynmann (also  biog’ed at Wikipedia), one of my great heroes. 

The two men were about the same age: Shannon combined a serious academic career with juggling, unicycling and with roulette weekends in Las Vegas;  Feynmann, a brilliant physicist and educator, had hobbies of bongo drumming, painting and safe cracking.  I wonder if the two of them ever met?

Skype to Address User-Identification Concerns

In an interestingly eerie parallel to a discussion that has recently cropped up on the VoIPSec forum regarding peer-entity authentication vs. data-origin authentication, Skype announced yesterday that it intends to address the issue of user-identification within their VoIP service.

Part of Skype’s “wish list” for further expansion into the business market is to enhance username authentication for business customers, the voice over Internet Protocol company said Wednesday.

Skype’s system currently automatically authenticates users itself, based on certificates from it’s own encrypted Public Key Infrastructure (PKI). Because it does this automatically and transparently to the user, the users themselves have no way of authenticating the identity of the person they are communicating with.

“Skype is a public key infrastructure, which means nothing if you don’t know who you are identifying at the other end,” Sauer said.

You can read more detail at News.com.com.

Cryptography and VoIP: A guest article by Hank Cohen

Hank Cohen of Hifn sent along this article taking a look at cryptography in VoIP both for signalling and for voice. He explains the various proposals (including TLS/SSL, IPSec and Datagram TLS) and provides his view of the advantages and disadvantages of each proposal. Here is a brief taste of the longer article:

I believe that we first need to divide the VoIP cryptography problem into two parts; signalling security and media security. The requirements for these two areas are quite distinct so we need to be careful not to lump them together. Signalling connections may be persistent for long intervals but they tend to carry only a few short messages. Furthermore although signalling messages must be delivered in a timely manner they are not real time in the sense that their value degrades if latency or jitter increases, assuming that they are delivered soon enough that a connection can be created in a reasonable amount of time. Media on the other hand has stringent real time constraints. If media packets are not delivered within strict limits of latency and jitter their value can decrease to the point where call quality will be better if they are discarded rather than delivered late.

There is an interesting analogy between signalling security in the PSTN and VoIP. In the PSTN in-band signalling was found to be vulnerable to all sorts of hacks through your namesake BlueBoxes. The final solution to the Phone Phreak problem was for the PSTN carriers to create a completely separate signalling network inaccessible from the media network: thus was SS7 born. In the world of VoIP signalling is inherently in-band but we can use cryptographic VPN technology to build a virtual private signalling network with the same technology that enterprises have been using for years now to build virtual private data networks.

There are three proposals floating around the VoIP world for signalling VPNs; SSL or TLS secured signalling tunnels, IPsec secured signalling tunnels and most recently Datagram TLS secured signalling tunnels. I would like to offer some pros and cons for each method.

Follow the link below to read Hank’s full article and if you have a different view (and I expect some will) on the different proposals, please do feel free to leave a comment to this article.

We thank Hank for providing this article and please do know that we are always open to publishing guest articles such as this. Just contact me or one of the other weblog authors if you would like to have an article appear.

Continue reading