[cryptography] The NSA and secure VoIP

Nasko Oskov nasko at netsekure.org
Fri Mar 2 00:15:37 EST 2012


On Thu, Mar 01, 2012 at 09:08:54PM -0800, coderman wrote:
> On Thu, Mar 1, 2012 at 7:31 PM, Jeffrey Walton <noloader at gmail.com> wrote:
> >... Interesting. I seem to recall that cascading ciphers is frowned upon
> > on sci.crypt. I wonder if this is mis-information....
> 
> you've got a single cipher suite applied for a given transport layer,
> but two layers of protection applied for defense in depth of the voice
> channel.
> 
> seems pretty sane to me.

They are also two separate protocols, so if one is found to be
vulnerable to an attack, the other one will hopefully not suffer the
exact same problem.

Also, keep in mind that voice can be analyzed statistically, so I
wouldn't be surprised if the second layer is put in to also minimize
possible attacks such as the one against Skype.

--
Nasko Oskov
"A hacker does for love what others would not do for money."



More information about the cryptography mailing list