VoIP-Point

An article in New Scientist reports that ISP’s intentions to use a compression technique to reduce the bandwidth required for VoIP calls could pose a significant eavesdropping threat to users.

The issue lies in the way the ‘sounds’ of a conversation are compressed.

…the sampling rate is kept high for long complex sounds like “ow”, but cut down for simple consonants like “c”. This variable method saves on bandwidth, while maintaining sound quality.

Simply by analysing the encrypted stream for the difference between the sizes of the packets, researchers at John Hopkins university say they can identify entire words with a high degree of accuracy.

The John Hopkins team hope that they have caught this threat in time but I think it will take a good deal of shouting about it for the ISPs to take notice and change their planned deployments.

This entry was posted on Saturday, June 14th, 2008 at 12:17 am and is filed under Networks, News, SIP, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.