Interesting People mailing list archives
security Challenges for CALEA in Voice over Packet Networks
From: David Farber <dave () farber net>
Date: Mon, 06 Dec 2004 17:09:34 -0500
Begin forwarded message: From: david koontz <david.koontz () alliedtelesyn co nz> Date: December 6, 2004 3:05:35 PM EST To: cryptography () metzdowd com Subject: Security Challenges for CALEA in Voice over Packet Networks "The transmission of voice over packet networks presents new challenges in security for electronic surveillance, which is also known as Communications Assistance for Law Enforcement Act (CALEA). The major challenges are how to intercept the packets from/to the targeting devices and how to interpret and encrypt/decrypt them. It often seems that the goal of CALEA conflicts with the goals of security, yet there is an obvious need for law enforcement to intercept VoIP packets. This white paper, authored by surveys the stated security challenges and presents the technical background to help participants understand the ramifications of these issues. The author presents some solutions to security issues in VoIP networks and discusses how the industry might approach and resolve these concerns in the future." http://focus.ti.com/pdfs/bcg/voip_calea_wp.pdf Sophia Scoggins, PhD Voice over Packet Business Unit, TI (pdf - 886 Kbytes) There's a presumption stated in the paper that intercepting Voice over Packet networks (VoP) is required to 'fight terrorism', and includes a call of 'TIA must publish a new set of specifications for CALEA over Internet'. Other than the obvious use of the war against terrorism as the root password to bypass the scientific method in drawing conclusions, its informative. Either it is impractical, or we are leading to an era of licenses for internet connections, with DRM managed IP stacks and protocols. I don't see why someone can't specify protocols for VoIP phones that interact with a switch/PBX function en clair, while establishing secure communications between endpoints, or even separate secure sessions with the switch/PBX and other endpoints. It isn't apparent if anyone will be 'suitably incentivised' to use protocols where the keys can be recovered from a 'Security Gateway'. In addition to VoIP, there are several legacy voice security software packages available for PCs, and UNIX like workstations. The difference is between having access to a VoIP phone and a laptop. Voynage and the like provide the ability to determine availability of another end point on the internet. It has always been possible to establish communications by depending on out of band information, the equivalent of coming to periscope depth at 5 til midnight, or listening to BBC broadcasts for message indicators. Likewise it isn't clear traffic flow analysis isn't more important that actual intercepts. The whole thing sounds reminiscent of the tortured logic used to explain air port security measures or how Escrowed Encryption would be used to catch dumb criminals.
From a manufacturers point of view, its 'We want to manufacture VoIP
phones that can be tapped, but you'll need to twist the internet into this shape.' NOTICE: This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action in reliance on it. If you have received this message in error please notify Allied Telesyn Research Ltd immediately. Any views expressed in this message are those of the individual sender, except where the sender has the authority to issue and specifically states them to be the views of Allied Telesyn Research. --------------------------------------------------------------------- The Cryptography Mailing ListUnsubscribe by sending "unsubscribe cryptography" to majordomo () metzdowd com
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- security Challenges for CALEA in Voice over Packet Networks David Farber (Dec 06)