Wiretap-proof: what they hear is not what you speak, and what you speak they do not hear

  • Authors:

  • Hemant Sengar;Haining Wang;Seyed Amir Iranmanesh

  • Affiliations:

  • VoDaSec Solutions, Fairfax, VA, USA;College of William and Mary, Williamsburg, VA, USA;College of William and Mary, Williamsburg, VA, USA

  • Venue:
  • Proceedings of the 4th ACM conference on Data and application security and privacy
  • Year:
  • 2014

Quantified Score

Hi-index 0.00

Visualization

Abstract

It has long been believed that once the voice media between caller and callee is captured or sniffed from the wire, either legally by law enforcement agencies or illegally by hackers through eavesdropping on communication channels, it is easy to listen into their conversation. In this paper, we show that this common perception is not always true. Our real-world experiments demonstrate that it is feasible to create a hidden telephonic conversation within an explicit telephone call. In particular, we propose a real-time covert communication channel within two-way media streams established between caller and callee. The real-time covert channel is created over the media stream that may possibly be monitored by eavesdroppers. However, the properly encoded media stream acts as a cover (or decoy) carrying bogus media such as an earlier recorded voice conversation. This spurious content will be heard if the media stream is intercepted and properly decoded. However, the calling and called parties protected by the covert communication channel can still directly talk to each other in privacy and real-time, just like any other normal phone calls. This work provides an additional security layer against media interception attacks, however it also exposes a serious security concern to CALEA (Communications Assistance for Law Enforcement Act) wiretapping and its infrastructure.