[VOIPSEC] article on vulnerability of compressed audio

Lee Dilkie lee_dilkie at mitel.com
Mon Jun 23 16:51:08 CDT 2008 

Not sure what audio VBR codec they are referring to, certainly none of 
the common RTP codecs I've come across are VBR so it's hard to see what 
the issue is.


-lee

William Rippon wrote:
> Hello,
>
> I saw a couple article references to the following. Was curious to see  
> what the impression of the
> voipsec community was regarding this.
>
> Thanks,
> Bill
>
> -------------------------------------------------------------------------------------------------------------------
>
> Subject: Compressed web phone calls are easy to bug  (fwd)
>
>
> http://technology.newscientist.com/article/dn14124-compressed-web-phone-calls-are-easy-to-bug.html
>
> Compressed web phone calls are easy to bug
>
>
> Plans to compress internet (VoIP) phone calls so they use less  
> bandwidth could
> make them vulnerable to eavesdropping. Most networks are currently  
> safe, but
> many service providers are due to implement the flawed compression  
> technology.
>
> The new compression technique, called variable bitrate compression  
> produces
> different size packets of data for different sounds.
>
> That happens because the sampling rate is kept high for long complex  
> sounds
> like "ow", but cut down for simple consonants like "c". This variable  
> method
> saves on bandwidth, while maintaining sound quality.
>
> VoIP streams are encrypted to prevent eavesdropping. However, a team  
> from John
> Hopkins University in Baltimore, Maryland, US, has shown that simply  
> measuring
> the size of packets without decoding them can identify whole words and  
> phrases
> with a high rate of accuracy.
>
> VoIP systems accessed via a computer like Skype have become popular in  
> recent
> years, and internet-based phone systems are increasingly appearing in  
> homes and
> offices too to connect conventional telephones. Matching packets
>
> Only a few services currently employ the vulnerable compression  
> method, but
> more networks had hoped to include it in future VoIP upgrades, says  
> Charles
> Wright, a member of the John Hopkins team. "We hope we have caught  
> this threat
> before it becomes too serious."
>
> Eavesdropping software the team has developed cannot yet decode an  
> entire
> conversation, but it can search for chosen phrases within the  
> encrypted data.
> This could still allow a criminal to find important financial  
> information
> conveyed in the call, says Fabian Monrose, another team member.
>
> The software breaks down a typed phrase to be listened for into its  
> constituent
> sounds using a phonetic dictionary. A version of the phrase is then  
> pasted
> together from audio clips of phonemes taken from a library of example
> conversations, before finally being made into a stream of VoIP-style  
> packets.
>
> That gives an idea of what the phrase would look like in a real VoIP  
> stream.
> When a close match is found in a real call, the software alerts the
> eavesdropper. Jargon catcher
>
> In tests on example conversations, the software correctly identified  
> phrases
> with an average accuracy of about 50%. But that jumped to 90% for  
> longer, more
> complicated words.
>
> Wright thinks these phrases may be the most important. "I think the  
> attack is
> much more of a threat to calls with some sort of professional jargon  
> where you
> have lots of big words that string together to make long, relatively
> predictable phrases," he says. "Informal conversational speech would  
> be tougher
> because it's so much more random."
>
> Philip Zimmermann, the founder of the Zfone VoIP security project,  
> says the
> compression schemes lesson no longer seem like a good idea.
>
> "I'd suggest looking for other alternatives," he says. Networks could  
> solve the
> problem by padding out the data packets to an equal length, he adds,  
> although
> this would reduce the extent of the compression.
>
> A paper on the Johns Hopkins team's work was presented at the 2008 IEEE
> Symposium on Security and Privacy, in Oakland, California, US, last  
> month
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>

More information about the Voipsec mailing list