VoIP threatened by steganographic attack

VoIP steganography

Steganography is the art of hiding message when they are sent, in a process akin to camouflage. In cryptography, on the other hand, no attempt is made to hide the message, only to conceal its content.

Today, Wojciech Mazurczyk and Krzysztof Szczypiorski of the Warsaw University of Technology in Poland explain how VoIP services are wide open to steganographic attack and even measure how much information can be sent covertly in this way.

VoIP services such as Skype are vulnerable to steganographic attack because they use such a high bandwidth and that makes it relatively easy to embed a hidden message in the bit stream in a way that it is almost impossible to detect.

For precisely this reason, the US Department of Defence specifies in that any covert channel with a bandwidth higher than 100 bps must be considered insecure for average security requirements. For high security requirements, the DoD says the data rate should not exceed 1 bps, making it next to impossible to embed a hidden code without it being noticed.

So VoIP systems such as Skype, with their much higher data rates, are difficult to secure.

And to prove it, Mazurczyk and Szczypiorski have tested a number of steganographic attacks (including two new ones they’ve developed themselves) on a VoIP system to determine how much data could be sent. They say that during an average call (that’s 13 minutes long according to Skype) they were able to covertly transmit as much as 1.3 Mbits of data.

That should get a number of governments, companies and individuals thinking. How secure is your VoIP system?

Ref: arxiv.org/abs/0805.2938: Steganography of VoIP streams

6 Responses to “VoIP threatened by steganographic attack”

  1. devicerandom says:

    I don’t get it. If the channel can be used for steganography, it doesn’t seem “insecure” for me: it just allows to encode hidden information. This seems pretty neutral to me (and seems also pretty obvious, stego in audio and image files is very old, nothing strange VoIP streams would follow).

    What I mean is: there’s no such thing as a “steganography attack”, unless you think hiding information in a stream is “attacking” you. But maybe I’ve not understood.

  2. Nico says:

    Covert channels mean, for example, that turncoats can reveal your secrets without you noticing or being able to prove it. So if DoD allows its personnel to use VoIP then monitoring what they say is not enough to know whether they are sinking ships.

    See http://en.wikipedia.org/wiki/Covert_channel

  3. devicerandom says:

    Oh well, but this is not an attack.

    This just means there is a channel where information can leak without notice.

    But if this is the case, well, the DoD would probably have a better time simply shutting down the Internet. You can hide stego in every kind of file, or even by using whitespace in email. Whatever. To me, it seems these guys discovered the obvious.

  4. jim shillliday says:

    Devicerandom —

    I had exactly the same thought — this isn’t a bug, it’s a feature!

  5. Nico says:

    Use of low-bandwidth covert channels can be easier to detect from various patterns (e.g., covert channels in DNS). But a high-bandwidth covert channel in a high-bandwidth application is an unmitigated disaster. Every time someone on a call utters any sounds you have the potential for large amounts of data to leak via any covert channel in the voice system. That’s why this covert channel is news (vs. many other covert channels).

  6. “no attempt is made to hide the message, only to conceal its content” sounds more or less same to me.