Chapel Hill Computational Linguists Crack Skype Calls 156
mikejuk writes "You might think of linguistics as being interesting but not really useful. Now computational linguistics [PDF of original paper] has been used to crack Skype encryption and reconstruct what is being said in a VoIP call. What is surprising is that though they are encrypted, the frames that make up a Skype call contain clues about what phonemes are being spoken."
Re:Side channel attack (Score:2, Interesting)
The simple description is: By looking at the size of the encrypted data packets you can guess what phonemes were spoken. Yes, that's all there is to it. They are just looking at how much data is sent and guessing what might be said that reasonably fits in that size.
An obvious simple fix would be to vary the length of the packets with random padding (using a cryptographically secure random algorithm to determine the length). It would add overhead but probably not that much considering how small these packets are in the first place (they typically don't use the full allotted bandwidth).
Fsck You, Slashdot (Score:3, Interesting)
Re:Side channel attack (Score:5, Interesting)