SlideShare a Scribd company logo
1 of 122
Download to read offline
[object Object],[object Object],Crypto Lab (University of Trento) 24 Aug 2010 Fabio Pietrosanti (naif) Email:  [email_address] Blog:  http://infosecurity.ch
Agenda: Mission impossible in 2 hours? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Who am i Fabio Pietrosanti ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object]
[object Object],[object Object]
Once upon a time... ,[object Object],[object Object],[object Object],The need to intercept phone calls
But now... ,[object Object],[object Object],[object Object],[object Object],[object Object],The need to intercept phone calls
An appealing business today ,[object Object],[object Object],The need to intercept phone calls
Subjects interested in other parties communications ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],The need to intercept phone calls
Lawful interception ,[object Object],[object Object],The need to intercept phone calls
Unlawful interception ,[object Object],[object Object],The need to intercept phone calls
Signal Intelligence ,[object Object],[object Object],The need to intercept phone calls
[object Object],[object Object],[object Object]
Tactical Vs. Non-Tactical Interception ,[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Interception targets and approach ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Once upon a time... ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: Mobile interception (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Mobile interception (2) 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach:  GSM Active IMSI-catcher 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM A5/1 passive 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM Semi Active 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: Mobile spyware 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object]
Practical Approach: UMTS? 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM towers uplink ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: ISDN/PSTN Interception ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical approach: Fiber Tapping (voip) ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical approach: DSL copper tapping ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Easy ethernet tapping (voip) ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: What about CDR? 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Everything else is Military SIGINT 2 -  Methods to intercept phone calls
[object Object],[object Object],[object Object]
Quis custodiet ipsos custodes? Who will watch the watchman? ,[object Object],[object Object],3 - The risk of eavesdropping
The human factor: Can we trust all of them together? 3 - The risk of eavesdropping ,[object Object],[object Object],[object Object],[object Object],[object Object]
The human factor: Quiz An employee of a Telco, 1800 USD net salary, working on technical structure is asked by an unknown person to wiretap a certain line. Is given 20k USD in advance. What he will do? 3 - The risk of eavesdropping a) Refuse the offer and report to the authority the request. He has an ethic! b) Accept the offer and execute the taping c) Accept and propose also a list price for phone call logs and details on owners of lines
The technical factor 3 - The risk of eavesdropping ,[object Object],[object Object],[object Object],[object Object]
The political factor and new freedom risks 3 - The risk of eavesdropping ,[object Object],[object Object]
The political factor in unstable countries 3 - The risk of eavesdropping ,[object Object],[object Object]
The need of perfectly enforceable laws on wiretapping ,[object Object],[object Object],3 - The risk of eavesdropping
The need of perfectly enforceable laws on wiretapping ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],3 - The risk of eavesdropping
[object Object],[object Object]
Global interception: Echelon ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
1994 - France: Political spying by Mitterand cause him to loose election 4 -  Real case, Real world, Real risk scenario
1996 - Poland: Plenty of requests by citizens to ombudsman that received illegal transcripts of intercepted phone calls 4 -  Real case, Real world, Real risk scenario
1999 - Turkey: Continuous interception scandals, blackmailing and transcripts of wiretapping ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2000 - UK: Incredible increased interception power and revelation of past activities 4 -  Real case, Real world, Real risk scenario
2001 - Finland: Interception scandals, mobile phones intercepted without warrants ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2002 - Netherland: Dutch secret services interception equipment brought from Israel is tapping the interceptors ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2005 - Grece: Interception scandals, a bug has been put in Vodafone ICT infrastructure  ,[object Object],[object Object],[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2006 - Italy: Interception scandals, thousands of persons was profiled, intercepted and someone blackmailed. ,[object Object],[object Object],[object Object],[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2007 - USA: FBI missed to get authorization for interceptions because of too complicated laws 4 -  Real case, Real world, Real risk scenario
2009 - Colombia: Continue the debate and fight on corrupted officials doing wiretapping paid by drug traffickers 4 -  Real case, Real world, Real risk scenario
Conclusion of real world scenarios The tip of the iceberg. 4 -  Real case, Real world, Real risk scenario ,[object Object],[object Object],[object Object]
[object Object],[object Object]
Communication technologies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Authorities for standards ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Result of complexity in technologies and authorities ,[object Object],[object Object],Understanding voice encryption
Digital vs. Analog ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
TLC Communication technologies ,[object Object],Understanding voice encryption Data Transmission Circuit Switched Packet Switched ISDN, GSM,CDMA,UMTS, PSTN, SAT VoIP Quality of service Granted GPRS / EDGE / UMTS Not Granted Coverage Full Only Urban Area Billing Per-second (sender pay) Per-packet (sender/receiver pay) Signaling Outband In-band (over IP)
Different use case and requirements ,[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Different security model ,[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Security of crypto operation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Standards vs Proprietary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
NSA Cryptographic Modernization Program ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
The race to standardization ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Beware of Snake Oil Crypto ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
[object Object],[object Object]
Security by lobbying and patenting Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2G: GSM encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2.5G: GPRS/EDGE Encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3G: UMTS encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
4G: LTE multiple encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
UMA / GAN Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object]
Intro ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SIGSALY Secure Voice System Circa 1943, SIGSALY provided perfect security for secure voice communication among allies.  Twelve units were built and deployed in Washington, London, Algiers, Brisbane , Paris ….. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Sylvania’s ACP-0 (Advanced Computational Processor) Circa 1966, the ACP-0 was the first programmable digital signal processing computer.  A 12-bit machine, it was used to program modems, voice and error control coders. One unit was built, leading to the ACP-1, a 16-bit machine. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Sylvania’s PSP (Programmable Signal Processor) Circa 1970, the PSP was Sylvania’s third generation programmable digital signal processing computer. A 16-bit machine.  The PSP led to the STU-I. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
STU-I Circa 1979, the STU-I used the PSP digital signal processing computer.  A few hundred units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Original STU-II Circa 1982, the STU-II provided 2400 and 9600 bps secure voice.  A few thousand units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
First interoperability attempt ,[object Object],[object Object],Government and Military Selex BRENT BRENT And the story repeat again… broken interoperability with European NATO partners! German TopSec-703
But again in the ‘90 STE appeared! ,[object Object],[object Object],Government and Military ,[object Object],[object Object],[object Object],[object Object],[object Object]
Finally standard telephony: FNBDT / SCIP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP: Tech sheet ,[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
NSA EKMS ,[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP: Where are the specification? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP protocol stack view Government and Military
Some SCIP Manufacturer ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
[object Object],[object Object]
From analog scrambler…. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
To TETRA (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
To TETRA (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA encryption algorithms ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA encryption configuration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA BOS digital radio (germany) ,[object Object],[object Object],Public Safety
[object Object]
VoIP basic ,[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
Signaling Encryption: SIP/TLS ,[object Object],IETF VoIP security standards
Media encryption: SRTP  ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
Media encryption: SRTP  IETF VoIP security standards
E2S Key exchange: SDES ,[object Object],[object Object],IETF VoIP security standards
E2S Key exchange: SDES packet IETF VoIP security standards INVITE sips:* [email_address] ;user=phone SIP/2.0 Via: SIP/2.0/TLS 172.20.25.100:2049;branch=z9hG4bK-s5kcqq8jqjv3;rport From: &quot;123&quot; <sips: [email_address] g >;tag=mogkx srhm4 To: <sips:* [email_address] ;user=phone> Call-ID: 3 [email_address] CSeq: 1 INVITE Max-Forwards: 70 Contact: <sip: [email_address] :2049;transport=t ls;line =gyhiepdm> ;reg-id=1 User-Agent: snom360/6.2.2 Accept: application/sdp Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE, PRACK, MESSAGE, INFO Allow-Events: talk, hold, refer Supported: timer, 100rel, replaces, callerid Session-Expires: 3600;refresher=uas Min-SE: 90 Content-Type: application/sdp Content-Length: 477 v=0 o=root 2071608643 2071608643 IN IP4 172.20.25.100 s=call c=IN IP4 172.20.25.100 t=0 0 m=audio 57676 RTP/AVP 0 8 9 2 3 18 4 101 a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbN a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:9 g722/8000 a=rtpmap:2 g726-32/8000 a=rtpmap:3 gsm/8000 a=rtpmap:18 g729/8000 a=rtpmap:4 g723/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-16 a=ptime:20 a=encryption:optional a=sendrecv
E2E/E2S Key exchange: MIKEY ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
End-to-end encryption key exchange for SRTP ,[object Object],[object Object],[object Object],IETF VoIP security standards
E2E key exchange - DTLS ,[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key Exchange: DTLS-SRTP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (3) IETF VoIP security standards
ZRTP (4) ,[object Object],[object Object],[object Object],IETF VoIP security standards
Comparison of key agreements method of SRTP IETF VoIP security standards Technology SDES SRTP - ZRTP SRTP - MIKEY SRTP - DTLS Require signaling security Yes No Depend Yes (with additional complexity) End-to-Site security Yes No Depend Yes End-to-End security No Yes Depend Yes (it depends) Man in the middle protection No Yes Yes Yes (not always) Different implementation in 2010 Yes Yes not widely diffused No
[object Object],[object Object],[object Object]
Too many technologies Various anti-wiretapping secure phone ,[object Object],[object Object],[object Object],[object Object],[object Object]
A bit of history: clipper, born to fail ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
A bit of history: PGPhone ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
A bit of history: Cryptophone ,[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
ZRTP for CS telephony and Radio ZRTP/S ,[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
ZRTP/S Tech sheet ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
Chocolate grade encryption? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
PIN to protect local keys? Wrong! ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone ,[object Object],[object Object]
[object Object]
To summarize ,[object Object],[object Object],[object Object],[object Object],[object Object],Conclusion
[object Object],[object Object],Crypto Lab (University of Trento) 24 Aug 2010 Fabio Pietrosanti (naif) Email:  [email_address] Blog:  http://infosecurity.ch

More Related Content

What's hot

Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...3G4G
 
4G LTE Man in the Middle Attack with a Hacked Femtocell
4G LTE Man in the Middle Attack with a Hacked Femtocell4G LTE Man in the Middle Attack with a Hacked Femtocell
4G LTE Man in the Middle Attack with a Hacked Femtocell3G4G
 
Expanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystemExpanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystemQualcomm Research
 
rrc-procedures-in-lte
rrc-procedures-in-lterrc-procedures-in-lte
rrc-procedures-in-lteMorg
 
How Mobile Technology Works
How Mobile Technology WorksHow Mobile Technology Works
How Mobile Technology Works3G4G
 
AT&T View on LTE to 5G Network Migration
AT&T View on LTE to 5G Network Migration AT&T View on LTE to 5G Network Migration
AT&T View on LTE to 5G Network Migration Eiko Seidel
 
Oea000000 lte principle fundamental issue 1.01
Oea000000 lte principle fundamental issue 1.01Oea000000 lte principle fundamental issue 1.01
Oea000000 lte principle fundamental issue 1.01Ndukwe Amandi
 
5G Technology Tutorial
5G Technology Tutorial5G Technology Tutorial
5G Technology TutorialAPNIC
 
Lte Presentation.Ppt
Lte Presentation.PptLte Presentation.Ppt
Lte Presentation.Pptvaimalik
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)Netwax Lab
 
Beginners: Fixed Wireless Access (FWA)
Beginners: Fixed Wireless Access (FWA)Beginners: Fixed Wireless Access (FWA)
Beginners: Fixed Wireless Access (FWA)3G4G
 
Leading the path towards 5G with LTE Advanced Pro
Leading the path towards 5G with LTE Advanced ProLeading the path towards 5G with LTE Advanced Pro
Leading the path towards 5G with LTE Advanced ProQualcomm Research
 
Philippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsPhilippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsP1Security
 
volte ims network architecture
volte ims network architecturevolte ims network architecture
volte ims network architectureVikas Shokeen
 
Advanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive StateAdvanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive State3G4G
 

What's hot (20)

5G Network Overview
 5G Network Overview 5G Network Overview
5G Network Overview
 
Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...
 
LoRa and NB-IoT
LoRa and NB-IoT LoRa and NB-IoT
LoRa and NB-IoT
 
4G LTE Man in the Middle Attack with a Hacked Femtocell
4G LTE Man in the Middle Attack with a Hacked Femtocell4G LTE Man in the Middle Attack with a Hacked Femtocell
4G LTE Man in the Middle Attack with a Hacked Femtocell
 
VoLTE flows - basics
VoLTE flows - basicsVoLTE flows - basics
VoLTE flows - basics
 
Expanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystemExpanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystem
 
rrc-procedures-in-lte
rrc-procedures-in-lterrc-procedures-in-lte
rrc-procedures-in-lte
 
How Mobile Technology Works
How Mobile Technology WorksHow Mobile Technology Works
How Mobile Technology Works
 
AT&T View on LTE to 5G Network Migration
AT&T View on LTE to 5G Network Migration AT&T View on LTE to 5G Network Migration
AT&T View on LTE to 5G Network Migration
 
Introduction to LTE
Introduction to LTEIntroduction to LTE
Introduction to LTE
 
Introduction to LTE-M
Introduction to LTE-MIntroduction to LTE-M
Introduction to LTE-M
 
Oea000000 lte principle fundamental issue 1.01
Oea000000 lte principle fundamental issue 1.01Oea000000 lte principle fundamental issue 1.01
Oea000000 lte principle fundamental issue 1.01
 
5G Technology Tutorial
5G Technology Tutorial5G Technology Tutorial
5G Technology Tutorial
 
Lte Presentation.Ppt
Lte Presentation.PptLte Presentation.Ppt
Lte Presentation.Ppt
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
 
Beginners: Fixed Wireless Access (FWA)
Beginners: Fixed Wireless Access (FWA)Beginners: Fixed Wireless Access (FWA)
Beginners: Fixed Wireless Access (FWA)
 
Leading the path towards 5G with LTE Advanced Pro
Leading the path towards 5G with LTE Advanced ProLeading the path towards 5G with LTE Advanced Pro
Leading the path towards 5G with LTE Advanced Pro
 
Philippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsPhilippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elements
 
volte ims network architecture
volte ims network architecturevolte ims network architecture
volte ims network architecture
 
Advanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive StateAdvanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive State
 

Viewers also liked

VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMNikhil Ravi
 
Voice recognition security systems
Voice recognition security systemsVoice recognition security systems
Voice recognition security systemsSandeep Kumar
 
Texto inglês para iniciante
Texto inglês para inicianteTexto inglês para iniciante
Texto inglês para inicianterayxasantos22
 
Generic Voice Security Issues
Generic Voice Security IssuesGeneric Voice Security Issues
Generic Voice Security Issuesjasondewar
 
Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010Prashant Tickoo
 
Satellite Interception
Satellite InterceptionSatellite Interception
Satellite InterceptionFiroze Hussain
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithmKomal Singh
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmVinayak Raja
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmIndra97065
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshareprachi
 
Leaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shapingLeaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shapingVimal Dewangan
 

Viewers also liked (19)

VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEM
 
Voice recognition security systems
Voice recognition security systemsVoice recognition security systems
Voice recognition security systems
 
Texto inglês para iniciante
Texto inglês para inicianteTexto inglês para iniciante
Texto inglês para iniciante
 
Generic Voice Security Issues
Generic Voice Security IssuesGeneric Voice Security Issues
Generic Voice Security Issues
 
SIP iPBX
SIP iPBXSIP iPBX
SIP iPBX
 
Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010
 
Satellite Interception
Satellite InterceptionSatellite Interception
Satellite Interception
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA Algorithm
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Rsa Algorithm
Rsa AlgorithmRsa Algorithm
Rsa Algorithm
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshare
 
Bio-metrics Technology
Bio-metrics TechnologyBio-metrics Technology
Bio-metrics Technology
 
Leaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shapingLeaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shaping
 

Similar to Voice communication security

2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06johnhewitt_cpp
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolutionTech and Law Center
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing researchFinbarr Ring
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing researchFinbarr Ring
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentHamilton Turner
 
The Session Initiation Protocol Sip
The Session Initiation Protocol SipThe Session Initiation Protocol Sip
The Session Initiation Protocol SipAbby Johnson
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999TomParker
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholderskevinwetzel
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talkJames Atkinson
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System SecureDigium
 
Voice security and privacy - Today’s solutions and technologies
Voice security and privacy - Today’s solutions and  technologiesVoice security and privacy - Today’s solutions and  technologies
Voice security and privacy - Today’s solutions and technologiesPrivateWave Italia SpA
 
Crime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.pptCrime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.pptOlusegun Mosugu
 
Dubai 2
Dubai 2Dubai 2
Dubai 2mmavis
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseDroidcon Berlin
 
The Importance Of Wireless Systems
The Importance Of Wireless SystemsThe Importance Of Wireless Systems
The Importance Of Wireless SystemsJennifer Baker
 
mobile jammer ppt.pptx
mobile jammer ppt.pptxmobile jammer ppt.pptx
mobile jammer ppt.pptxManojMudhiraj3
 

Similar to Voice communication security (20)

2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
 
The Session Initiation Protocol Sip
The Session Initiation Protocol SipThe Session Initiation Protocol Sip
The Session Initiation Protocol Sip
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999
 
Test
TestTest
Test
 
V3I6-0108
V3I6-0108V3I6-0108
V3I6-0108
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholders
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System Secure
 
Voice security and privacy - Today’s solutions and technologies
Voice security and privacy - Today’s solutions and  technologiesVoice security and privacy - Today’s solutions and  technologies
Voice security and privacy - Today’s solutions and technologies
 
Crime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.pptCrime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.ppt
 
Dubai 2
Dubai 2Dubai 2
Dubai 2
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
 
The Importance Of Wireless Systems
The Importance Of Wireless SystemsThe Importance Of Wireless Systems
The Importance Of Wireless Systems
 
mobile jammer ppt.pptx
mobile jammer ppt.pptxmobile jammer ppt.pptx
mobile jammer ppt.pptx
 

More from Fabio Pietrosanti

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overviewFabio Pietrosanti
 
2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)securityFabio Pietrosanti
 
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)Fabio Pietrosanti
 
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...Fabio Pietrosanti
 
2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E OmbreFabio Pietrosanti
 
2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.OrgFabio Pietrosanti
 
2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)securityFabio Pietrosanti
 
2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)securityFabio Pietrosanti
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous CommunicationFabio Pietrosanti
 

More from Fabio Pietrosanti (10)

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview
 
2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security
 
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
 
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
 
2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre
 
2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org
 
2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security
 
2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
 

Recently uploaded

Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum ComputingGDSC PJATK
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 

Recently uploaded (20)

Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum Computing
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 

Voice communication security

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30. Everything else is Military SIGINT 2 - Methods to intercept phone calls
  • 31.
  • 32.
  • 33.
  • 34. The human factor: Quiz An employee of a Telco, 1800 USD net salary, working on technical structure is asked by an unknown person to wiretap a certain line. Is given 20k USD in advance. What he will do? 3 - The risk of eavesdropping a) Refuse the offer and report to the authority the request. He has an ethic! b) Accept the offer and execute the taping c) Accept and propose also a list price for phone call logs and details on owners of lines
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42. 1994 - France: Political spying by Mitterand cause him to loose election 4 - Real case, Real world, Real risk scenario
  • 43. 1996 - Poland: Plenty of requests by citizens to ombudsman that received illegal transcripts of intercepted phone calls 4 - Real case, Real world, Real risk scenario
  • 44.
  • 45. 2000 - UK: Incredible increased interception power and revelation of past activities 4 - Real case, Real world, Real risk scenario
  • 46.
  • 47.
  • 48.
  • 49.
  • 50. 2007 - USA: FBI missed to get authorization for interceptions because of too complicated laws 4 - Real case, Real world, Real risk scenario
  • 51. 2009 - Colombia: Continue the debate and fight on corrupted officials doing wiretapping paid by drug traffickers 4 - Real case, Real world, Real risk scenario
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75. SIGSALY Secure Voice System Circa 1943, SIGSALY provided perfect security for secure voice communication among allies. Twelve units were built and deployed in Washington, London, Algiers, Brisbane , Paris ….. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 76. Sylvania’s ACP-0 (Advanced Computational Processor) Circa 1966, the ACP-0 was the first programmable digital signal processing computer. A 12-bit machine, it was used to program modems, voice and error control coders. One unit was built, leading to the ACP-1, a 16-bit machine. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 77. Sylvania’s PSP (Programmable Signal Processor) Circa 1970, the PSP was Sylvania’s third generation programmable digital signal processing computer. A 16-bit machine. The PSP led to the STU-I. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 78. STU-I Circa 1979, the STU-I used the PSP digital signal processing computer. A few hundred units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 79. Original STU-II Circa 1982, the STU-II provided 2400 and 9600 bps secure voice. A few thousand units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 85.
  • 86. SCIP protocol stack view Government and Military
  • 87.
  • 88.
  • 89.
  • 90.
  • 91.
  • 92.
  • 93.
  • 94.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99. Media encryption: SRTP IETF VoIP security standards
  • 100.
  • 101. E2S Key exchange: SDES packet IETF VoIP security standards INVITE sips:* [email_address] ;user=phone SIP/2.0 Via: SIP/2.0/TLS 172.20.25.100:2049;branch=z9hG4bK-s5kcqq8jqjv3;rport From: &quot;123&quot; <sips: [email_address] g >;tag=mogkx srhm4 To: <sips:* [email_address] ;user=phone> Call-ID: 3 [email_address] CSeq: 1 INVITE Max-Forwards: 70 Contact: <sip: [email_address] :2049;transport=t ls;line =gyhiepdm> ;reg-id=1 User-Agent: snom360/6.2.2 Accept: application/sdp Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE, PRACK, MESSAGE, INFO Allow-Events: talk, hold, refer Supported: timer, 100rel, replaces, callerid Session-Expires: 3600;refresher=uas Min-SE: 90 Content-Type: application/sdp Content-Length: 477 v=0 o=root 2071608643 2071608643 IN IP4 172.20.25.100 s=call c=IN IP4 172.20.25.100 t=0 0 m=audio 57676 RTP/AVP 0 8 9 2 3 18 4 101 a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbN a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:9 g722/8000 a=rtpmap:2 g726-32/8000 a=rtpmap:3 gsm/8000 a=rtpmap:18 g729/8000 a=rtpmap:4 g723/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-16 a=ptime:20 a=encryption:optional a=sendrecv
  • 102.
  • 103.
  • 104.
  • 105.
  • 106.
  • 107.
  • 108. E2E Key exchange: ZRTP (3) IETF VoIP security standards
  • 109.
  • 110. Comparison of key agreements method of SRTP IETF VoIP security standards Technology SDES SRTP - ZRTP SRTP - MIKEY SRTP - DTLS Require signaling security Yes No Depend Yes (with additional complexity) End-to-Site security Yes No Depend Yes End-to-End security No Yes Depend Yes (it depends) Man in the middle protection No Yes Yes Yes (not always) Different implementation in 2010 Yes Yes not widely diffused No
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.

Editor's Notes

  1. http://www.gsm-security.net
  2. http://gsmsecurity.blogspot.com/2009/05/a53-or-kasumi-encryption.html