[Freeswitch-users] Speex + SRTP.. Think again!

Lucas Cornelisse lucas at johnnyvoip.com
Thu Jun 12 08:51:13 PDT 2008


Instead of padding all packets to be the same size, two solutions come to
mind:

It would be relatively easy to pad them with shorter random length strings,
so that if the average vbr bit rate was n,
and the fully padded constant bitrate would be m, we could achieve a bit
rate of about (n+m)/2,
which is at least better than m..

another option could be to fragment the packets and adjoin them so that they
are all about or equal in size..
intertween some creative packets esp. during periods of silence, and that
should throw anyone off..

Side channel attacks will always exist, and though scary at first, can
usually be engineered around, rather than giving up on the technology..

-lc

On Wed, Jun 11, 2008 at 1:59 PM, jeff sacksteder <jsacksteder at gmail.com>
wrote:

> I don't know if I'd say that, exactly. This is a similar problem to
> anonymous remailers. To prevent traffic analysis, you need to
> continuously emit equal sized messages of encrypted noise so that you
> deny the bad guys information about the time and length of your
> messages hidden within.
>
> You could use VBR codecs but you would have to pad the data stream out
> to a constant size, nullifing the point of using VBR. You could use
> them if compatibility was a concern, for instance. It would not be of
> any bandwidth advantage, however.
>
> > This is very interesting.  That rules out ALL VBR codecs when using
> > SRTP for security reasons.
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20080612/c3446c01/attachment-0002.html 


More information about the FreeSWITCH-users mailing list