[Linphone-developers] Default to non-VBR and non-VAD audio codecs when using SRTP/ZRTP encryption

[Liviu Andronic]

Dear devels,
It has recently come to my attention that there are certain (generic)
types of attacks on secure calls that make a mockery of encryption:
http://security.stackexchange.com/questions/33460/what-are-the-vulnerabilities-of-voip-specific-security-protocols/33497#33497
https://silentcircle.com/faq-zrtp (22. Does Silent Phone use Variable
Bit Rate (VBR) codecs? Don’t they leak information?)

Namely if any of the following audio encoding techniques are used:
 - VAD (Voice activity detection) - Speaker Recognition in Encrypted
Voice Streams
 - VBR (Variable bit recording)

Then it's technically feasible to infer the content of the discussion,
notwithstanding the encryption method in use. For this reason Silent
Circle (which uses ZRTP) explicitly states: "Silent Phone does not use
VBR codecs." ( https://silentcircle.com/faq-zrtp )

To ensure genuine secure calls for Linphone users (and not just
checking a "secure calls" checkbox for the marketing department), I
would suggest the following:
When a user selects either SRTP or ZRTP encryption, by default
Linphone should disable all VAD audio codecs (e.g. AMR or G.722) and
all those with VBR enabled (e.g. `speex vbr=on`).

This could come in the form of a checkbox that allows to "Disable VAD
and VBR codecs" when SRTP/ZRTP encryption was selected.

Please let me know if you would consider implementing this tweak in Linphone.

Regards,
Liviu


-- 
Do you think you know what math is?
http://www.ideasroadshow.com/issues/ian-stewart-2013-08-02
Or what it means to be intelligent?
http://www.ideasroadshow.com/issues/john-duncan-2013-08-30
Think again:
http://www.ideasroadshow.com/library