[messaging] JackPair
Tony Arcieri
bascule at gmail.com
Fri Aug 22 18:00:26 PDT 2014
On Fri, Aug 22, 2014 at 5:50 PM, Andy Isaacson <adi at hexapodia.org> wrote:
> If I'm understanding their design correctly, they're taking the user's
> voice and compressing and encrypting it, then encoding the encrypted
> data as audio to send to the far side.
>
> If so, they'll need to define a modulation to transport their encrypted
> data stream over a voice channel. Doing this in a way that will work
> reliably over the high latency, multicodec, bizarrely lossy cellphone
> network is nontrivial. Getting it to demoable quality is pretty easy,
> getting it to work well when the cell signal is fading in and out will
> be lots of fun.
Another fun engineering challenge for these sorts of compressed/encrypted
digital voice systems: avoiding information leakage sidechannels in
variable bitrate audio compression:
https://www.infsec.cs.uni-saarland.de/teaching/WS08/Seminar/reports/yes-we-can.pdf
tl;dr: use CBR I suppose? Is this device using CBR, and is that sufficient
to mitigate this attack?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140822/fa484fa5/attachment.html>
More information about the Messaging
mailing list