Encrypted Voice … !!!
Hey There !
Welcome back to read my post. Today I was trying to read a mail that one of my friends had sent me yesterday. The email was encrypted with a very well known encryption. — PGP. Those who know this terminology, are well aware of what PGP is. However, let me explain in brief to those who are unaware of PGP. PGP or Pretty Good Privacy, is an encryption standard that is widely used for encrypting your emails. Such that only the sender and receiver knows the content inside the mail. Even if the mail is sniffed on its way from source to destination, its contents could not be read.
Thanks to the technology of asymmetric cryptography, where a message is encrypted with receiver’s public key, sent to the destination, and the receiver then decrypts it with his private key. This, and many more ways exists to encrypt the text messages across Internet.
But have you ever thought about your voice ??? What if I happen to do a bit of shoulder surfing and listen to what you are talking over the phone to other person ??? Or what if I manage to hear what two people are talking over phone from a third line ??!!! Many of us must have come across this kind of a situation. Well…. This is all what we are going to discuss today.
When we talk of PGP, a name comes to everybody’s mind… A name of a person who is the father of this new technology. Mr. Philip Zimmermann. He was the one who brought PGP into being. And now, he is coming with yet another project – Voice Encryption. Recently in first week of this month, he released a free Windows software program, Zfone, that encrypts a computer-to-computer voice conversation so both parties can be confident that no one is listening in. It became available earlier this year to Macintosh and Linux users of the system known as voice-over-Internet protocol, or VoIP. Zfone does not require a web of computers to hold the keys, or long numbers, used in most encryption schemes. Instead, it performs the key exchange inside the digital voice channel while the call is being set up, so no third party has the keys.
Zfone can automatically encrypt any call between users of freely available VoIP software programs like X-Lite, Gizmo or SJphone. For anyone who is interested in using this latest stuff, a free beta version can be downloaded from here.
But this concept of voice encryption, is not new. Let me first just brief you how a secure voice communication is made. A digital secure voice usually includes two components, a digitizer to convert between speech and digital signals and an encryption system to provide confidentiality. What makes ciphony difficult in practice is a need to send the encrypted signal over the same circuits used to transmit unencrypted voice, e.g. telephones or mobile radios. This has led to the use of Voice Coders or Vocoders to achieve tight bandwidth compression of the speech signals. In practice there are many systems & protocols currently used for transmitting secure voice over existing voice circuits. A few such examples of this could be National Security Agency (NSA)’s STU-III, KY-57 and SCIP.
All these standards and protocols were introduced wayback in 80’s !! The latest standard for securing digital voice, accepted by the US Department of Defense, is known as MELPe or Enhanced Mixed Excitation Linear Prediction. This coding scheme is mainly used in military communication and satellite applications. Its development was led and supported by NSA and NATO.
I would rather avoid getting into more technical know-hows of this technology, as I guess it could be quite monotonous post. Instead, I’m giving a link to another website, that would give more technical stuff on voice encryption, to those who are interested. Click here to jump to that site !
I hope this was a worth reading. I would appreciate any comments / suggestions / feedback from you all.
Enjoy !
Similar Posts you might be interested in:
Cryptography | Ne0 | September 27, 2008
Zfone seems to be a promising software for voice encryption. Voip communication should be encrypted. Cain Abel can re-construct recorded audio out from sniffef Voip packets in combination with MITM attack.
Thanks w0lf for your suggestive input. I’ll also try and search more on Cain & Abel….
You are welcome Ne0. A new generation Voip sniffer is said to be released very soon. This tool named UCSniff, has two settings.
One is a learning mode, sniffing all the IP traffic then mapping telephone
extensions to specific addresses. By default, it is capturing all the
calls and saving them to wave files.
The other setting is targeting conversations. After
learning the IP addresses of the phone system, someone using UCSniff can
listen to all the VoIP, or voice over Internet Protocol, conversations
made by a specific user, say the CEO. That’s user mode. A second mode,
conversation mode, allows someone to monitor calls made exclusively between two extensions, say only when the CEO calls the CFO.
This sounds much like automated MITM ARP poisoning attack used here to achieve this.
Again a suggestive one !!! You seem to be master of all… w0lf !!
Thanks !