[cryptography] attacks on packet length may be surprisingly good: Hookt on fon-iks

ianG iang at iang.org
Sat Oct 24 13:52:21 EDT 2015

Phonotactic Reconstruction of Encrypted VoIP Conversations:
             Hookt on fon-iks

In this work, we unveil new privacy threats against Voice-over-IP (VoIP) 
communications. Although prior work has shown that the interaction of 
variable bit-rate codecs and length-preserving stream ciphers leaks 
information, we show that the threat is more serious than previously 
thought. In particular, we derive *approximate transcripts* of encrypted 
VoIP conversations by segmenting an observed packet stream into 
subsequences representing individual phonemes and classifying those 
subsequences by the phonemes they encode. Drawing on insights from the 
computational linguistics and speech recognition communities, we apply 
novel techniques for unmasking parts of the conversation. We believe our 
ability to do so underscores the importance of designing secure (yet 
efficient) ways to protect the confidentiality of VoIP conversations.


My emphasis - I'd love to see some examples... iang

More information about the cryptography mailing list