[VOIPSEC] Voice or Not -- Fake Voice Packet???

Paine, Richard H richard.h.paine at boeing.com
Wed Oct 5 09:22:47 CDT 2005 

Without something like the Host Identity Protocol (HIP), the
authenticity of the source will always be spoofable.  Take a look at HIP
at http://homebase.htt-consult.com/HIP.html.  There are several
reference implementations of HIP and they are available for download and
testing.  Clients for both Windows and Linux are available.  The Open
Group developed an integration architecture called the Secure Mobile
Architecture (SMA) and Boeing has a prototype implementation of it
within its Intranet.  With SMA, the 
VOIP calls are not spoofable and are protected and encrypted over both
wire and wireless across the Internet.

Richard H. Paine
Success is getting what you want, happiness is liking what you get!
Cell:  206-854-8199
IPPhone:  425-373-8964
Email:  richard.h.paine at boeing.com 



-----Original Message-----
From: Roland Auckenthaler [mailto:rauckenthaler at ubiquitysoftware.com] 
Sent: Tuesday, October 04, 2005 7:46 AM
To: Thomas Howe; Vijay Shyamasundar Shyamasundar; Voipsec at voipsa.org
Subject: Re: [VOIPSEC] Voice or Not -- Fake Voice Packet???

Hi,

A VAD would definitely e an option but what if my spoofed/faked packets
also contain voice? A VAD would still let these packets through.

>From this perspective I think the question is whether somebody can
determine if the received packets are actually from the given source and
not from a different source that tries to send me unsolicited RTP
packets. 

If I would take listen to the RTP stream, I could determine the SSRC and
timestamp of the RTP and then start sending RTP packets with the
subsequent timestamps so that the original packets will be discarded
because my spoofed packets were received earlier.

Is there anything you can do about such a scenario?

roland

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Thomas Howe
Sent: 03 October 2005 19:37
To: Vijay Shyamasundar Shyamasundar; Voipsec at voipsa.org
Subject: Re: [VOIPSEC] Voice or Not -- Fake Voice Packet???


Hi Vijay - 

To a certain (practical) extent, you can.  Many coders have voice
activity detection front ends, and they could be used as a basis for an
algorithm to determine if the uncompressed packets contain stuff that
looks like voice. As I recall (and it's been a while since my DSP days),
they tend to look at energy levels and sinusoidal components.

My question is, why do you care?  If it doesn't have voice, then what's
the big deal?

Tom


-----Original Message-----
From: Voipsec-bounces at voipsa.org on behalf of Vijay Shyamasundar
Shyamasundar
Sent: Mon 10/3/2005 2:09 PM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] Voice or Not -- Fake Voice Packet???
 
Hi All,
 Is there any way to find out if the packets are genuine voice packets
or not. By looking into the Payload Type(PT) field of RTP packet, we can
say if its audio/video.. and the codec used. What if i could generate
some packets with that PT field showing it as audio packet while the
payload contains something else.
 I would like to know if there is a way to find out if the packet really
contains voice or not.
  Regards,
Vijay
 On 9/9/05, Dalton, Ronda L <DaltonR at state.gov> wrote:
>
> NIST has a pretty good VOIP document:
>
csrc.nist.gov/pcig/CHECKLISTS/voip-checklist-073004.doc<http://csrc.nist
.gov/pcig/CHECKLISTS/voip-checklist-073004.doc>
> It a security checklist. Not sure what level your security is but its
a
> good starting point.
>
> RD
>
>
> Date: Thu, 8 Sep 2005 10:52:04 +0100
> From: "Barry Coatesworth" <Barry.Coatesworth at express-gifts.co.uk>
> Subject: [VOIPSEC] VOIP security policy
> To: <Voipsec at voipsa.org>
> Message-ID:
>
<0535CAC7F841F241807D2701024E64B527BCDD at ukclaexc003.express.findel.co.uk
>
>
> Content-Type: text/plain; charset="us-ascii"
>
> I am currently writing some VoIP security policy, it's the first time
I
> have had to write a VoIP one.
>
>
>
> Does anyone have example Security policy/guidelines that I could use
as
> a template? Or what must essential be included would also be helpful.
>
>
>
> thanks
>
> B.
>
>
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org




Information contained in this e-mail and any attachments are intended
for the use of the addressee only, and may contain confidential
information of Ubiquity Software Corporation.  All unauthorized use,
disclosure or distribution is strictly prohibited.  If you are not the
addressee, please notify the sender immediately and destroy all copies
of this email.  Unless otherwise expressly agreed in writing signed by
an officer of Ubiquity Software Corporation, nothing in this
communication shall be deemed to be legally binding.  Thank you.


_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list