Schneier on Security

A blog covering security and security technology.

« Congress Learns How Little Privacy We Have | Main | Schneier Asks to Be Hacked »

June 28, 2006

Applying CALEA to VoIP

"Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP," paper by Steve Bellovin, Matt Blaze, Ernie Brickell, Clint Brooks, Vint Cerf, Whit Diffie, Susan Landau, Jon Peterson, and John Treichler.

Executive Summary
For many people, Voice over Internet Protocol (VoIP) looks like a nimble way of using a computer to make phone calls. Download the software, pick an identifier and then wherever there is an Internet connection, you can make a phone call. From this perspective, it makes perfect sense that anything that can be done with a telephone, including the graceful accommodation of wiretapping, should be able to be done readily with VoIP as well.

The FCC has issued an order for all "interconnected" and all broadband access VoIP services to comply with Communications Assistance for Law Enforcement Act (CALEA) --- without specific regulations on what compliance would mean. The FBI has suggested that CALEA should apply to all forms of VoIP, regardless of the technology involved in the VoIP implementation.

Intercept against a VoIP call made from a fixed location with a fixed IP address directly to a big internet provider's access router is equivalent to wiretapping a normal phone call, and classical PSTN-style CALEA concepts can be applied directly. In fact, these intercept capabilities can be exactly the same in the VoIP case if the ISP properly secures its infrastructure and wiretap control process as the PSTN's central offices are assumed to do.

However, the network architectures of the Internet and the Public Switched Telephone Network (PSTN) are substantially different, and these differences lead to security risks in applying the CALEA to VoIP. VoIP, like most Internet communications, are communications for a mobile environment. The feasibility of applying CALEA to more decentralized VoIP services is quite problematic. Neither the manageability of such a wiretapping regime nor whether it can be made secure against subversion seem clear. The real danger is that a CALEA-type regimen is likely to introduce serious vulnerabilities through its "architected security breach."

Potential problems include the difficulty of determining where the traffic is coming from (the VoIP provider enables the connection but may not provide the services for the actual conversation), the difficulty of ensuring safe transport of the signals to the law-enforcement facility, the risk of introducing new vulnerabilities into Internet communications, and the difficulty of ensuring proper minimization. VOIP implementations vary substantially across the Internet making it impossible to implement CALEA uniformly. Mobility and the ease of creating new identities on the Internet exacerbate the problem.

Building a comprehensive VoIP intercept capability into the Internet appears to require the cooperation of a very large portion of the routing infrastructure, and the fact that packets are carrying voice is largely irrelevant. Indeed, most of the provisions of the wiretap law do not distinguish among different types of electronic communications. Currently the FBI is focused on applying CALEA's design mandates to VoIP, but there is nothing in wiretapping law that would argue against the extension of intercept design mandates to all types of Internet communications. Indeed, the changes necessary to meet CALEA requirements for VoIP would likely have to be implemented in a way that covered all forms of Internet communication.

In order to extend authorized interception much beyond the easy scenario, it is necessary either to eliminate the flexibility that Internet communications allow, or else introduce serious security risks to domestic VoIP implementations. The former would have significant negative effects on U.S. ability to innovate, while the latter is simply dangerous. The current FBI and FCC direction on CALEA applied to VoIP carries great risks.

Posted on June 28, 2006 at 12:01 PM • 10 Comments • View Blog Reactions

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

Folks interested in securing their internet voice communications might be interested in Zfone.
http://www.philzimmermann.com/EN/zfone/

Zfone is an open source application that implements secure peer-to-peer encryption for any voice communication application that uses RTP, which includes most peer-to-peer voice applications (Skype is a notable exception -- it uses its own proprietary and undocumented protocol).

Zfone is highly resistant to evesdropping, and since it does not rely on a carrier to secure your communications, it is not subject to CALEA.

Posted by: Alan at June 28, 2006 01:22 PM

I am trying to determine if this would apply to VoIP PBX systems. If I ran a VoIP PBX at my office and set it up so that employees could use a softphone or IP Handset to connect to the PBX remotely over IP, would I have to be CALEA compliant? Do I have to allow CALEA compliance for a traditional PBX, on calls from one extention to another, so that the Gov't can listen in when the CEO calls the CFO down the hall? Obviously anything that goes out over the PSTN is subject to intercept by law enforcement, but they would do that through the telco, right?

Posted by: Ryan at June 28, 2006 02:12 PM

What a strange article. No mention whatever of encryption/authentication, of the Feds playing man-in-the-middle on-site at the VOIP provider, or of the difficulties of breaking into full-up peer-to-peer authenticated and encrypted solutions like Zfone.

They must imagine the government is trying to catch extremely naive terrorists and criminals.

Posted by: Carlo Graziani at June 28, 2006 02:57 PM

while i feel the agoninzing pain of it all, nevertheless, internet transmissions of almost any sort, are (succedaneous to a myriad of U.S. court rulings), beyond the "pale" of that worrisome "search and seizure" paragraph.

So, I should say, that the "solution" is, not that one should lament the loss of what one never had, but, rather, that one should recognize the current legal landscape for what it is.

Clearly, the "way out" is to write a few programs (easily installable, C++) that send random "encrypted" messages whenever one is not at the console.

Just simply information overkill for the monitors. . . . the observors.

I'm quite serious here. One should have an e-mail add-on that will send latest-version PGP e-mails as often as possible . . . . which include encrypted "doo-doo" words . . . like . . . well, you figure it out.

Just send to randomly generated addresses . . .

The internet is a "royal jungle". They (the royalty, the monarch, sovereign power [whether legitimately constituted, or not, of the will of the people] have the means, legal and technical, to monitor. End of discussion. One must just get over that angst.

The interim solution is to flood them with mega-billions of bits sent into the ethosphere, that suggest almost anything, and, finally, imply everything.

Posted by: amalafrida at June 28, 2006 04:20 PM

Something I'm wondering about... how'd you make sure that the only calls wiretapped are the ones the FBI has the authority to wiretap? I'm not from the USA, and I'd like to be able to be sure that when I talk to my friends or family (who're also not from the USA) on Skype, for example, that the FBI cannot just listen in whenever it wants without even so much as having to get an OK from a local court...

Posted by: Shura at June 28, 2006 04:40 PM

Imagine trying to enforce this rule at a law firm. Many of them use VoIP. I know this because I install VoIP systems for a living. They won't do it. Why? It is a little something they like to call Attorney-Client privliege. I imagine, with lesser success, that the medical industry will cry HIPAA. Wall Street will cry fudiciary responsiblity & Sarbanes-Oxley.

I think the VoIP genie is out of the bottle and one cannot put it back in. So far the FCC's attempts to regulate VoIP have met with as much success as they've had trying to regulate the Internet.

Posted by: Steven at June 28, 2006 04:49 PM

CALEA is supposed to apply upstream from the location if it is a private network (though this court decision and recent FCC decrees have fuzzed the definition of "private network"), much as it always has been, so (presuming that the intra-office VoIP doesn't fall subject to CALEA) the upstream provider, which can be AT&T, Verizon, or whomever handles the connection to the PTSN, is responsible for the tap capability. This has always been there, and law firms are, on rare occasion, tapped when malfeasance seems to be provable and wiretap evidence is sought as clinching proof. Judges are loath to do this, though, because of the odds of it being overturned on appeal.

Posted by: Jarrod Frates at June 29, 2006 12:09 AM

@Carlo Graziani

"They must imagine the government is trying to catch extremely naive terrorists and criminals."

No the U.S. TLA's tend to adopt a grab it all mentallity which CALEA enforces.

Basically the NSA amongst others gather so much data that is not possible for the plaintext to be analysed in any way shape or form unless there is a very speciffic reason.

Post 9/11 this enabled various agencies to wind back events to try and get back to the principles. This was of limmited success due to many (mainly beuracratic) issues. The result was various ideas and other leftovers where lumped together into the Patriot act etc.

The thing that makes CALEA such a pain is the authorities can require prety much any type of survalence on data (voice video etc etc) and stick the telecom operator with fines that are so large for failier that some pundits warned it could cause the telcos to go bankrupt...

Posted by: Clive Robinson at June 29, 2006 05:28 AM

Quite a bit of CALEA on both in TDM and in the IP world was subsidized from the tax payers a few years go. All the work to encode and reduce the size of the voice packet is already done by the conversation endpoints so the technology is capture and store. Even if you don't have the last leg, analysis or data mining, you at least have the raw data.

Encryption is your only tool in this matter as the first poster indicated.

Posted by: 4whomever at June 29, 2006 03:31 PM

Can't believe some of the normally sane folks will say something like

" ... VoIP, like most Internet communications, are communications for a mobile environment. ... "

Are they all in lala land or just starting inhaling and found the bliss .. 99% of VOIP is STATIC.

IMS .. the biggest thing for IP telephony is quiet ways from deployment .. and mobile networks already have to comply with CALEA .. dah !!!

Have these folks lost their mind totally or politically .. I know a couple of these guys .. and I always thought they were sane .. but this is just plain junk.

Saying something is "not clear" or we are "concerned" about something is like claiming I am concerned about global warming .. SHOW ME where is the issue.

Here political inclinations far outweigh their technical insight .. clearly when 10 guys author a paper like this .. .. the intent is ALWAYS political .. for techical papers they will kill each other to keep them off.

Bruce keeps making political statements... keep doing it and only person reading this blog will be howard dean.

Posted by: winsnomore at June 29, 2006 09:44 PM