Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations
作者: Charles V. Wright , Lucas Ballard , Scott E. Coull , Fabian Monrose , Gerald M. Masson
DOI: 10.1109/SP.2008.21
关键词:
摘要: Despite the rapid adoption of Voice over IP (VoIP), its security implications are not yet fully understood. Since VoIP calls may traverse untrusted networks, packets should be encrypted to ensure confidentiality. However, we show that when audio is encoded using variable bit rate codecs, lengths can used identify phrases spoken within a call. Our results indicate passive observer from standard speech corpus with an average accuracy 50%, and greater than 90% for some phrases. Clearly, such attack into question efficacy current encryption standards. In addition, examine impact various features underlying on our performance discuss methods mitigation.
computer.org
ieeecomputersociety.org
jhu.edu 参考文章(40)
Fabian Monrose, Charles V. Wright, Lucas Ballard, Gerald M. Masson, Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob? usenix security symposium. pp. 4- ,(2007)
G.J. Simmons, D. Holdridge, Forward search as a cryptanalytic tool against a public key privacy channel ,(1982)
William Gardner, Paul Jacobs, Chong Lee, QCELP: A Variable Rate Speech Coder for CDMA Digital Cellular Springer, Boston, MA. pp. 85- 92 ,(1993) , 10.1007/978-1-4615-3232-3_12
Baugher, The Secure Real-Time Transport Protocol draft-ietf-avt-srtp-09.txt. ,(2003)
Wai C. Chu, Speech Coding Algorithms: Foundation and Evolution of Standardized Coders ,(2003)
Frederick Jelinek, Statistical methods for speech recognition ,(1997)
Roger Dingledine, Nick Mathewson, Paul Syverson, Tor: the second-generation onion router usenix security symposium. pp. 21- 21 ,(2004) , 10.21236/ADA465464
Peter Saint-Andre, Extensible Messaging and Presence Protocol (XMPP): Core RFC. ,vol. 3920, pp. 1- 211 ,(2004)
Qixiang Sun, D.R. Simon, Yi-Min Wang, W. Russell, V.N. Padmanabhan, Lili Qiu, Statistical identification of encrypted Web browsing traffic ieee symposium on security and privacy. pp. 19- 30 ,(2002) , 10.1109/SECPRI.2002.1004359
David Wagner, Dawn Xiaodong Song, Xuqing Tian, Timing analysis of keystrokes and timing attacks on SSH usenix security symposium. pp. 25- 25 ,(2001)