How to intercept Skype calls

Powered by SC Magazine
 

Linguists bypass encryption and rebuild conversations base on speech patterns.

Researchers have discovered a trick that allows encrypted VoIP calls like Skype to be deciphered without the need to crack encryption.

The method, dubbed "Phonotactic Reconstruction", exploited the Linear Predictive Filter, a system used by Voice over Internet Protocol platforms to transmit conversations by creating data sets from spoken English.

Data sets were used to rebuild Skype conversations because they resemble the fragments of spoken words, or phonemes, on which they were modelled.

Linguists were helped further because the scripts and file sizes of the data sets, even after encryption, matched phonemes. Rules of spoken language mean that phonemes have a strict placement within words, which helped linguists reconstruct conversations.

While the exploit meant the University of North Carolina linguists did not need to crack encryption –an expensive process of complex mathematics and onerous compute resources – it could produce high-quality reconstructed conversations.

“Our results show that the quality of the recovered transcripts is far better in many cases than one would expect,” the researchers wrote in a paper (pdf).

“While the generalised performance is not as strong as we would have liked … one would hope that such recovery would not be at all possible since VoIP audio is encrypted precisely to prevent such breaches of privacy.”

“It is our belief that with advances in computational linguistics, reconstructions of the type presented will only improve.”

While Linear Predictive Filtering weakens cryptography because encrypted data bears a statistical relationship to the source data, it is used by VoIP systems because it provides the best type of compression.

But while reconstruction is possible, the researchers said Skype cannot be considered safe. “No reconstruction, even a partial one, should be possible; indeed, any cryptographic system that leaked as much information as shown here would immediately be deemed insecure.

Copyright © SC Magazine, Australia


How to intercept Skype calls
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 810

Vote