On Fri, Aug 22, 2014 at 5:50 PM, Andy Isaacson <[email protected]> wrote:
> If I'm understanding their design correctly, they're taking the user's > voice and compressing and encrypting it, then encoding the encrypted > data as audio to send to the far side. > > If so, they'll need to define a modulation to transport their encrypted > data stream over a voice channel. Doing this in a way that will work > reliably over the high latency, multicodec, bizarrely lossy cellphone > network is nontrivial. Getting it to demoable quality is pretty easy, > getting it to work well when the cell signal is fading in and out will > be lots of fun. Another fun engineering challenge for these sorts of compressed/encrypted digital voice systems: avoiding information leakage sidechannels in variable bitrate audio compression: https://www.infsec.cs.uni-saarland.de/teaching/WS08/Seminar/reports/yes-we-can.pdf tl;dr: use CBR I suppose? Is this device using CBR, and is that sufficient to mitigate this attack?
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
