[info] the physics arXiv blog
Eugen Leitl
<eugen at leitl.org> on
Tue Jun 3 20:45:33 UTC 2008
----- Forwarded message from the physics arXiv blog <howdy at arxivblog.com> -----
From: the physics arXiv blog <howdy at arxivblog.com>
Date: Fri, 30 May 2008 12:37:38 -0500 (CDT)
To: eugen at leitl.org
Subject: the physics arXiv blog
Reply-To: the physics arXiv blog <howdy at arxivblog.com>
[1]the physics arXiv blog
[2]VoIP threatened by steganographic attack
Posted: 30 May 2008 12:06 AM CDT
[3]VoIP steganography
Steganography is the art of hiding message when they are sent, in a
process akin to camouflage. In cryptography, on the other hand, no
attempt is made to hide the message, only to conceal its content.
Today, Wojciech Mazurczyk and Krzysztof Szczypiorski of the Warsaw
University of Technology in Poland explain how VoIP services are wide
open to steganographic attack and even measure how much information
can be sent covertly in this way.
VoIP services such as Skype are vulnerable to steganographic attack
because they use such a high bandwidth and that makes it relatively
easy to embed a hidden message in the bit stream in a way that it is
almost impossible to detect.
For precisely this reason, the US Department of Defence specifies in
that any covert channel with a bandwidth higher than 100 bps must be
considered insecure for average security requirements. For high
security requirements, the DoD says the data rate should not exceed 1
bps, making it next to impossible to embed a hidden code without it
being noticed.
So VoIP systems such as Skype, with their much higher data rates, are
difficult to secure.
And to prove it, Mazurczyk and Szczypiorski have tested a number of
steganographic attacks (including two new ones they've developed
themselves) on a VoIP system to determine how much data could be sent.
They say that during an average call (that's 13 minutes long according
to Skype) they were able to covertly transmit as much as 1.3 Mbits of
data.
That should get a number of governments, companies and individuals
thinking. How secure is your VoIP system?
Ref: [4]arxiv.org/abs/0805.2938: Steganography of VoIP streams
[5][arXivblog?i=7GsWD8]
[6][arXivblog?i=6gCGgH] [7][arXivblog?i=llJkBH]
[8][arXivblog?i=zgvvXh] [9][arXivblog?i=bfQyLH]
[10][arXivblog?i=YOdUMh] [11][arXivblog?i=JHlz1H]
[12][arXivblog?i=woJaOh] [13][arXivblog?i=5nGOIH]
You are subscribed to email updates from [14]the physics arXiv blog
To stop receiving these emails, you may [15]unsubscribe now. Email
Delivery powered by FeedBurner
Inbox too full? [16](feed) [17]Subscribe to the feed version of the
physics arXiv blog in a feed reader.
If you prefer to unsubscribe via postal mail, write to: the physics
arXiv blog, c/o FeedBurner, 20 W Kinzie, 9th Floor, Chicago IL USA
60610
References
1. http://arxivblog.com/
2. http://feeds.feedburner.com/~r/arXivblog/~3/301012934/
3. http://arxivblog.com/wp-content/uploads/2008/05/voip-steganography.jpg
4. http://arxiv.org/abs/0805.2938
5. http://feeds.feedburner.com/~a/arXivblog?a=7GsWD8
6. http://feeds.feedburner.com/~f/arXivblog?a=6gCGgH
7. http://feeds.feedburner.com/~f/arXivblog?a=llJkBH
8. http://feeds.feedburner.com/~f/arXivblog?a=zgvvXh
9. http://feeds.feedburner.com/~f/arXivblog?a=bfQyLH
10. http://feeds.feedburner.com/~f/arXivblog?a=YOdUMh
11. http://feeds.feedburner.com/~f/arXivblog?a=JHlz1H
12. http://feeds.feedburner.com/~f/arXivblog?a=woJaOh
13. http://feeds.feedburner.com/~f/arXivblog?a=5nGOIH
14. http://arxivblog.com/
15. http://www.feedburner.com/fb/a/emailunsub?id=8632699&key=kesJ612ZsV
16. http://feeds.feedburner.com/arXivblog
17. http://feeds.feedburner.com/arXivblog
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the info
mailing list