Export or edit this event...

Information Leakage from Encrypted Voice over IP: Attacks and Defenses

Portland State University FAB, Room 86-09
1900 SW Fourth Avenue
Portland, Oregon 97201, US (map)

Access Notes

Building is at 4th and College. Room 86-01 is in the basement, take the elevator or stairs down to basement and follow the signs.




In this talk, I describe two side-channel traffic analysis attacks on encrypted voice-over-IP calls and a novel technique for efficiently defending against such attacks. We begin with a review of the basics of speech coding to understand how and why information can leak out of an encrypted VoIP call. We then discuss the techniques for recovering hidden information: first, how to identify the language spoken in the call, and then how to spot particular phrases. Our techniques are completely speaker-independent, and require no recorded examples of the target phrase. Nevertheless, we show that they achieve surprising accuracy on widely-used speech corpora. Finally, we consider methods for limiting this information leakage. Experimental results show that an intelligent, adaptive adversary can convincingly deceive such traffic analyses while incurring much lower overhead than previously expected.