Eavesdropping on Encrypted Compressed Voice
Traffic analysis works even through the encryption:
The new compression technique, called variable bitrate compression produces different size packets of data for different sounds.
That happens because the sampling rate is kept high for long complex sounds like “ow”, but cut down for simple consonants like “c”. This variable method saves on bandwidth, while maintaining sound quality.
VoIP streams are encrypted to prevent eavesdropping. However, a team from John Hopkins University in Baltimore, Maryland, US, has shown that simply measuring the size of packets without decoding them can identify whole words and phrases with a high rate of accuracy.
The technique isn’t good enough to decode entire conversations, but it’s pretty impressive.
Fred • June 19, 2008 7:06 AM
If even one word can be identified, it is not secure.
What would be a way to counter this attack? Maybe playing music in the background?