Detecting phrases in an encrypted VoIP call
March 25, 2011
Posted by on
Even if you use an encrypted VoIP connection, the content of your call can be picked up by analyzing the timing and size of the encrypted traffic. You must use a Variable Bit Rate (VBR) codec, which just compresses the speech which is said. If you would use encryption on G711 with no Voice Activation Detection (VAD) enabled (just a continous stream of data), this phrase recognition would not be possible.
This shows that it you need to see the “whole” picture when securing your communication.
The full paper is here for more information.
Also a 27 pages presentation here