SlideShare a Scribd company logo
[object Object],[object Object],Crypto Lab (University of Trento) 24 Aug 2010 Fabio Pietrosanti (naif) Email:  [email_address] Blog:  http://infosecurity.ch
Agenda: Mission impossible in 2 hours? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Who am i Fabio Pietrosanti ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object]
[object Object],[object Object]
Once upon a time... ,[object Object],[object Object],[object Object],The need to intercept phone calls
But now... ,[object Object],[object Object],[object Object],[object Object],[object Object],The need to intercept phone calls
An appealing business today ,[object Object],[object Object],The need to intercept phone calls
Subjects interested in other parties communications ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],The need to intercept phone calls
Lawful interception ,[object Object],[object Object],The need to intercept phone calls
Unlawful interception ,[object Object],[object Object],The need to intercept phone calls
Signal Intelligence ,[object Object],[object Object],The need to intercept phone calls
[object Object],[object Object],[object Object]
Tactical Vs. Non-Tactical Interception ,[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Interception targets and approach ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Once upon a time... ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: Mobile interception (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Mobile interception (2) 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach:  GSM Active IMSI-catcher 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM A5/1 passive 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM Semi Active 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: Mobile spyware 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object]
Practical Approach: UMTS? 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Practical Approach: GSM towers uplink ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: ISDN/PSTN Interception ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical approach: Fiber Tapping (voip) ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical approach: DSL copper tapping ,[object Object],[object Object],2 -  Methods to intercept phone calls
Practical Approach: Easy ethernet tapping (voip) ,[object Object],2 -  Methods to intercept phone calls
Practical Approach: What about CDR? 2 -  Methods to intercept phone calls ,[object Object],[object Object],[object Object],[object Object],[object Object]
Everything else is Military SIGINT 2 -  Methods to intercept phone calls
[object Object],[object Object],[object Object]
Quis custodiet ipsos custodes? Who will watch the watchman? ,[object Object],[object Object],3 - The risk of eavesdropping
The human factor: Can we trust all of them together? 3 - The risk of eavesdropping ,[object Object],[object Object],[object Object],[object Object],[object Object]
The human factor: Quiz An employee of a Telco, 1800 USD net salary, working on technical structure is asked by an unknown person to wiretap a certain line. Is given 20k USD in advance. What he will do? 3 - The risk of eavesdropping a) Refuse the offer and report to the authority the request. He has an ethic! b) Accept the offer and execute the taping c) Accept and propose also a list price for phone call logs and details on owners of lines
The technical factor 3 - The risk of eavesdropping ,[object Object],[object Object],[object Object],[object Object]
The political factor and new freedom risks 3 - The risk of eavesdropping ,[object Object],[object Object]
The political factor in unstable countries 3 - The risk of eavesdropping ,[object Object],[object Object]
The need of perfectly enforceable laws on wiretapping ,[object Object],[object Object],3 - The risk of eavesdropping
The need of perfectly enforceable laws on wiretapping ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],3 - The risk of eavesdropping
[object Object],[object Object]
Global interception: Echelon ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
1994 - France: Political spying by Mitterand cause him to loose election 4 -  Real case, Real world, Real risk scenario
1996 - Poland: Plenty of requests by citizens to ombudsman that received illegal transcripts of intercepted phone calls 4 -  Real case, Real world, Real risk scenario
1999 - Turkey: Continuous interception scandals, blackmailing and transcripts of wiretapping ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2000 - UK: Incredible increased interception power and revelation of past activities 4 -  Real case, Real world, Real risk scenario
2001 - Finland: Interception scandals, mobile phones intercepted without warrants ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2002 - Netherland: Dutch secret services interception equipment brought from Israel is tapping the interceptors ,[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2005 - Grece: Interception scandals, a bug has been put in Vodafone ICT infrastructure  ,[object Object],[object Object],[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2006 - Italy: Interception scandals, thousands of persons was profiled, intercepted and someone blackmailed. ,[object Object],[object Object],[object Object],[object Object],[object Object],4 -  Real case, Real world, Real risk scenario
2007 - USA: FBI missed to get authorization for interceptions because of too complicated laws 4 -  Real case, Real world, Real risk scenario
2009 - Colombia: Continue the debate and fight on corrupted officials doing wiretapping paid by drug traffickers 4 -  Real case, Real world, Real risk scenario
Conclusion of real world scenarios The tip of the iceberg. 4 -  Real case, Real world, Real risk scenario ,[object Object],[object Object],[object Object]
[object Object],[object Object]
Communication technologies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Authorities for standards ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Result of complexity in technologies and authorities ,[object Object],[object Object],Understanding voice encryption
Digital vs. Analog ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
TLC Communication technologies ,[object Object],Understanding voice encryption Data Transmission Circuit Switched Packet Switched ISDN, GSM,CDMA,UMTS, PSTN, SAT VoIP Quality of service Granted GPRS / EDGE / UMTS Not Granted Coverage Full Only Urban Area Billing Per-second (sender pay) Per-packet (sender/receiver pay) Signaling Outband In-band (over IP)
Different use case and requirements ,[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Different security model ,[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Security of crypto operation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Standards vs Proprietary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
NSA Cryptographic Modernization Program ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
The race to standardization ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
Beware of Snake Oil Crypto ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Understanding voice encryption
[object Object],[object Object]
Security by lobbying and patenting Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2G: GSM encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2.5G: GPRS/EDGE Encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3G: UMTS encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
4G: LTE multiple encryption Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
UMA / GAN Mobile TLC industry ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object]
Intro ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SIGSALY Secure Voice System Circa 1943, SIGSALY provided perfect security for secure voice communication among allies.  Twelve units were built and deployed in Washington, London, Algiers, Brisbane , Paris ….. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Sylvania’s ACP-0 (Advanced Computational Processor) Circa 1966, the ACP-0 was the first programmable digital signal processing computer.  A 12-bit machine, it was used to program modems, voice and error control coders. One unit was built, leading to the ACP-1, a 16-bit machine. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Sylvania’s PSP (Programmable Signal Processor) Circa 1970, the PSP was Sylvania’s third generation programmable digital signal processing computer. A 16-bit machine.  The PSP led to the STU-I. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
STU-I Circa 1979, the STU-I used the PSP digital signal processing computer.  A few hundred units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
Original STU-II Circa 1982, the STU-II provided 2400 and 9600 bps secure voice.  A few thousand units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
First interoperability attempt ,[object Object],[object Object],Government and Military Selex BRENT BRENT And the story repeat again… broken interoperability with European NATO partners! German TopSec-703
But again in the ‘90 STE appeared! ,[object Object],[object Object],Government and Military ,[object Object],[object Object],[object Object],[object Object],[object Object]
Finally standard telephony: FNBDT / SCIP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP: Tech sheet ,[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
NSA EKMS ,[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP: Where are the specification? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
SCIP protocol stack view Government and Military
Some SCIP Manufacturer ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Government and Military
[object Object],[object Object]
From analog scrambler…. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
To TETRA (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
To TETRA (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA encryption algorithms ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA encryption configuration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Public Safety
TETRA BOS digital radio (germany) ,[object Object],[object Object],Public Safety
[object Object]
VoIP basic ,[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
Signaling Encryption: SIP/TLS ,[object Object],IETF VoIP security standards
Media encryption: SRTP  ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
Media encryption: SRTP  IETF VoIP security standards
E2S Key exchange: SDES ,[object Object],[object Object],IETF VoIP security standards
E2S Key exchange: SDES packet IETF VoIP security standards INVITE sips:* [email_address] ;user=phone SIP/2.0 Via: SIP/2.0/TLS 172.20.25.100:2049;branch=z9hG4bK-s5kcqq8jqjv3;rport From: &quot;123&quot; <sips: [email_address] g >;tag=mogkx srhm4 To: <sips:* [email_address] ;user=phone> Call-ID: 3 [email_address] CSeq: 1 INVITE Max-Forwards: 70 Contact: <sip: [email_address] :2049;transport=t ls;line =gyhiepdm> ;reg-id=1 User-Agent: snom360/6.2.2 Accept: application/sdp Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE, PRACK, MESSAGE, INFO Allow-Events: talk, hold, refer Supported: timer, 100rel, replaces, callerid Session-Expires: 3600;refresher=uas Min-SE: 90 Content-Type: application/sdp Content-Length: 477 v=0 o=root 2071608643 2071608643 IN IP4 172.20.25.100 s=call c=IN IP4 172.20.25.100 t=0 0 m=audio 57676 RTP/AVP 0 8 9 2 3 18 4 101 a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbN a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:9 g722/8000 a=rtpmap:2 g726-32/8000 a=rtpmap:3 gsm/8000 a=rtpmap:18 g729/8000 a=rtpmap:4 g723/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-16 a=ptime:20 a=encryption:optional a=sendrecv
E2E/E2S Key exchange: MIKEY ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
End-to-end encryption key exchange for SRTP ,[object Object],[object Object],[object Object],IETF VoIP security standards
E2E key exchange - DTLS ,[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key Exchange: DTLS-SRTP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IETF VoIP security standards
E2E Key exchange: ZRTP (3) IETF VoIP security standards
ZRTP (4) ,[object Object],[object Object],[object Object],IETF VoIP security standards
Comparison of key agreements method of SRTP IETF VoIP security standards Technology SDES SRTP - ZRTP SRTP - MIKEY SRTP - DTLS Require signaling security Yes No Depend Yes (with additional complexity) End-to-Site security Yes No Depend Yes End-to-End security No Yes Depend Yes (it depends) Man in the middle protection No Yes Yes Yes (not always) Different implementation in 2010 Yes Yes not widely diffused No
[object Object],[object Object],[object Object]
Too many technologies Various anti-wiretapping secure phone ,[object Object],[object Object],[object Object],[object Object],[object Object]
A bit of history: clipper, born to fail ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
A bit of history: PGPhone ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
A bit of history: Cryptophone ,[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
ZRTP for CS telephony and Radio ZRTP/S ,[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
ZRTP/S Tech sheet ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
Chocolate grade encryption? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone
PIN to protect local keys? Wrong! ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Various anti-wiretapping secure phone ,[object Object],[object Object]
[object Object]
To summarize ,[object Object],[object Object],[object Object],[object Object],[object Object],Conclusion
[object Object],[object Object],Crypto Lab (University of Trento) 24 Aug 2010 Fabio Pietrosanti (naif) Email:  [email_address] Blog:  http://infosecurity.ch

More Related Content

What's hot

Mm wave
Mm waveMm wave
SPREAD SPECTRUM MODULATION.pptx
SPREAD SPECTRUM MODULATION.pptxSPREAD SPECTRUM MODULATION.pptx
SPREAD SPECTRUM MODULATION.pptx
DeepakBaghel50
 
microwave integrated circuit
microwave integrated circuitmicrowave integrated circuit
microwave integrated circuit
Radha Mahalle
 
Pstn (Public Switched Telephone Networks)
Pstn (Public Switched Telephone Networks)Pstn (Public Switched Telephone Networks)
Pstn (Public Switched Telephone Networks)
rahuldaredia21
 
Millimeter wave as the future of 5g
Millimeter wave as the future of 5g Millimeter wave as the future of 5g
Millimeter wave as the future of 5g
Saurabh Verma
 
Lecture 1 introduction and signals analysis
Lecture 1 introduction and signals analysisLecture 1 introduction and signals analysis
Lecture 1 introduction and signals analysis
talhawaqar
 
Dsss final
Dsss finalDsss final
Dsss final
AJAL A J
 
Horn antenna
Horn antenna Horn antenna
Horn antenna
Jiten Thapa
 
Basics of RF
Basics of RFBasics of RF
Unit_5_Lecture-1_introduction, types, parameters of transmission lines
Unit_5_Lecture-1_introduction, types, parameters of transmission linesUnit_5_Lecture-1_introduction, types, parameters of transmission lines
Unit_5_Lecture-1_introduction, types, parameters of transmission lines
Md Khaja Mohiddin
 
Signal & system
Signal & systemSignal & system
Signal & system
Ghulam Shabbir
 
Introduction to spred spectrum and CDMA
Introduction to spred spectrum and CDMAIntroduction to spred spectrum and CDMA
Introduction to spred spectrum and CDMA
Bidhan Ghimire
 
Frequency bands
Frequency bandsFrequency bands
Frequency bands
Leonid Sopizhenko
 
Antenna
AntennaAntenna
Millimeter Waves (mmWaves)
Millimeter Waves (mmWaves)Millimeter Waves (mmWaves)
Millimeter Waves (mmWaves)
Belal Essam ElDiwany
 
waveguides-ppt
waveguides-pptwaveguides-ppt
waveguides-ppt
ATTO RATHORE
 
Fsk modulation and demodulation
Fsk modulation and demodulationFsk modulation and demodulation
Fsk modulation and demodulation
Mafaz Ahmed
 
Imt 2000
Imt 2000Imt 2000
Horn antennas
Horn antennasHorn antennas
Horn antennas
ramalakshmi54
 
Sensor networks
Sensor networksSensor networks
Sensor networks
Marc Pous
 

What's hot (20)

Mm wave
Mm waveMm wave
Mm wave
 
SPREAD SPECTRUM MODULATION.pptx
SPREAD SPECTRUM MODULATION.pptxSPREAD SPECTRUM MODULATION.pptx
SPREAD SPECTRUM MODULATION.pptx
 
microwave integrated circuit
microwave integrated circuitmicrowave integrated circuit
microwave integrated circuit
 
Pstn (Public Switched Telephone Networks)
Pstn (Public Switched Telephone Networks)Pstn (Public Switched Telephone Networks)
Pstn (Public Switched Telephone Networks)
 
Millimeter wave as the future of 5g
Millimeter wave as the future of 5g Millimeter wave as the future of 5g
Millimeter wave as the future of 5g
 
Lecture 1 introduction and signals analysis
Lecture 1 introduction and signals analysisLecture 1 introduction and signals analysis
Lecture 1 introduction and signals analysis
 
Dsss final
Dsss finalDsss final
Dsss final
 
Horn antenna
Horn antenna Horn antenna
Horn antenna
 
Basics of RF
Basics of RFBasics of RF
Basics of RF
 
Unit_5_Lecture-1_introduction, types, parameters of transmission lines
Unit_5_Lecture-1_introduction, types, parameters of transmission linesUnit_5_Lecture-1_introduction, types, parameters of transmission lines
Unit_5_Lecture-1_introduction, types, parameters of transmission lines
 
Signal & system
Signal & systemSignal & system
Signal & system
 
Introduction to spred spectrum and CDMA
Introduction to spred spectrum and CDMAIntroduction to spred spectrum and CDMA
Introduction to spred spectrum and CDMA
 
Frequency bands
Frequency bandsFrequency bands
Frequency bands
 
Antenna
AntennaAntenna
Antenna
 
Millimeter Waves (mmWaves)
Millimeter Waves (mmWaves)Millimeter Waves (mmWaves)
Millimeter Waves (mmWaves)
 
waveguides-ppt
waveguides-pptwaveguides-ppt
waveguides-ppt
 
Fsk modulation and demodulation
Fsk modulation and demodulationFsk modulation and demodulation
Fsk modulation and demodulation
 
Imt 2000
Imt 2000Imt 2000
Imt 2000
 
Horn antennas
Horn antennasHorn antennas
Horn antennas
 
Sensor networks
Sensor networksSensor networks
Sensor networks
 

Viewers also liked

VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEM
Nikhil Ravi
 
Voice recognition security systems
Voice recognition security systemsVoice recognition security systems
Voice recognition security systems
Sandeep Kumar
 
Texto inglês para iniciante
Texto inglês para inicianteTexto inglês para iniciante
Texto inglês para iniciante
rayxasantos22
 
Generic Voice Security Issues
Generic Voice Security IssuesGeneric Voice Security Issues
Generic Voice Security Issues
jasondewar
 
SIP iPBX
SIP iPBXSIP iPBX
SIP iPBX
i_Ashima
 
Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010
Prashant Tickoo
 
Satellite Interception
Satellite InterceptionSatellite Interception
Satellite Interception
Firoze Hussain
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
Jim Geovedi
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Sathish Kumar
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
Komal Singh
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA Algorithm
Vinayak Raja
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
Arpana shree
 
Rsa Algorithm
Rsa AlgorithmRsa Algorithm
Rsa Algorithm
Ashik Iqbal
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
Indra97065
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Shashank Shetty
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshare
prachi
 
Bio-metrics Technology
Bio-metrics TechnologyBio-metrics Technology
Bio-metrics Technology
Avanitrambadiya
 
Leaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shapingLeaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shaping
Vimal Dewangan
 

Viewers also liked (19)

VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEM
 
Voice recognition security systems
Voice recognition security systemsVoice recognition security systems
Voice recognition security systems
 
Texto inglês para iniciante
Texto inglês para inicianteTexto inglês para iniciante
Texto inglês para iniciante
 
Generic Voice Security Issues
Generic Voice Security IssuesGeneric Voice Security Issues
Generic Voice Security Issues
 
SIP iPBX
SIP iPBXSIP iPBX
SIP iPBX
 
Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010Presentation on aviation industry 13 sept 2010
Presentation on aviation industry 13 sept 2010
 
Satellite Interception
Satellite InterceptionSatellite Interception
Satellite Interception
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA Algorithm
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Rsa Algorithm
Rsa AlgorithmRsa Algorithm
Rsa Algorithm
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Biometric slideshare
Biometric slideshareBiometric slideshare
Biometric slideshare
 
Bio-metrics Technology
Bio-metrics TechnologyBio-metrics Technology
Bio-metrics Technology
 
Leaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shapingLeaky Bucket & Tocken Bucket - Traffic shaping
Leaky Bucket & Tocken Bucket - Traffic shaping
 

Similar to Voice communication security

2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)
Fabio Pietrosanti
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06
johnhewitt_cpp
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution
Tech and Law Center
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
Finbarr Ring
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
Finbarr Ring
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
Hamilton Turner
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999
TomParker
 
Test
TestTest
V3I6-0108
V3I6-0108V3I6-0108
V3I6-0108
Bhavana Sahni
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholders
kevinwetzel
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
Fabio Pietrosanti
 
2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk
James Atkinson
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System Secure
Digium
 
Voice security and privacy - Today’s solutions and technologies
Voice security and privacy - Today’s solutions and  technologiesVoice security and privacy - Today’s solutions and  technologies
Voice security and privacy - Today’s solutions and technologies
PrivateWave Italia SpA
 
Crime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.pptCrime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.ppt
Olusegun Mosugu
 
Dubai 2
Dubai 2Dubai 2
Dubai 2
mmavis
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
Droidcon Berlin
 
mobile jammer ppt.pptx
mobile jammer ppt.pptxmobile jammer ppt.pptx
mobile jammer ppt.pptx
ManojMudhiraj3
 
B010331019
B010331019B010331019
B010331019
IOSR Journals
 
Intercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT HackingIntercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT Hacking
📡 Sebastien Dudek
 

Similar to Voice communication security (20)

2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
 
Eisfor marketing research
Eisfor marketing researchEisfor marketing research
Eisfor marketing research
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999
 
Test
TestTest
Test
 
V3I6-0108
V3I6-0108V3I6-0108
V3I6-0108
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholders
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk2009 05 18 sdp bbn talk
2009 05 18 sdp bbn talk
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System Secure
 
Voice security and privacy - Today’s solutions and technologies
Voice security and privacy - Today’s solutions and  technologiesVoice security and privacy - Today’s solutions and  technologies
Voice security and privacy - Today’s solutions and technologies
 
Crime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.pptCrime Crime and Cyber crime Investigation.ppt
Crime Crime and Cyber crime Investigation.ppt
 
Dubai 2
Dubai 2Dubai 2
Dubai 2
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
 
mobile jammer ppt.pptx
mobile jammer ppt.pptxmobile jammer ppt.pptx
mobile jammer ppt.pptx
 
B010331019
B010331019B010331019
B010331019
 
Intercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT HackingIntercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT Hacking
 

More from Fabio Pietrosanti

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
Fabio Pietrosanti
 
2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview
Fabio Pietrosanti
 
2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)securityFabio Pietrosanti
 
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
Fabio Pietrosanti
 
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...Fabio Pietrosanti
 
2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E OmbreFabio Pietrosanti
 
2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.OrgFabio Pietrosanti
 
2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)securityFabio Pietrosanti
 
2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)securityFabio Pietrosanti
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
Fabio Pietrosanti
 

More from Fabio Pietrosanti (10)

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview2010: Mobile Security - Intense overview
2010: Mobile Security - Intense overview
 
2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security2003 CNR Security Task Force: Wireless (In)security
2003 CNR Security Task Force: Wireless (In)security
 
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)2007: Infosecurity Italy: Voice Privacy Security (flash talk)
2007: Infosecurity Italy: Voice Privacy Security (flash talk)
 
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
2006: Infosecurity Italy: Tecnologie di Firma Digitale e Tutela della Riserva...
 
2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre2005: E-privacy 2005: Pgp Luci E Ombre
2005: E-privacy 2005: Pgp Luci E Ombre
 
2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org2004: Webbit Padova 04: Presentazione Sikurezza.Org
2004: Webbit Padova 04: Presentazione Sikurezza.Org
 
2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security2002: SMAU ITBH: Wireless (in)security
2002: SMAU ITBH: Wireless (in)security
 
2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security2004: Webbit Padova 04: Wireless (in)security
2004: Webbit Padova 04: Wireless (in)security
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
 

Recently uploaded

Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Fwdays
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
christinelarrosa
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
UiPathCommunity
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
Sease
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
Fwdays
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - MydbopsMySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
Mydbops
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
FilipTomaszewski5
 
A Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's ArchitectureA Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's Architecture
ScyllaDB
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
LizaNolte
 
Containers & AI - Beauty and the Beast!?!
Containers & AI - Beauty and the Beast!?!Containers & AI - Beauty and the Beast!?!
Containers & AI - Beauty and the Beast!?!
Tobias Schneck
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
Fwdays
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
HarpalGohil4
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Ukraine
 

Recently uploaded (20)

Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - MydbopsMySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
 
A Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's ArchitectureA Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's Architecture
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
 
Containers & AI - Beauty and the Beast!?!
Containers & AI - Beauty and the Beast!?!Containers & AI - Beauty and the Beast!?!
Containers & AI - Beauty and the Beast!?!
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
 

Voice communication security

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30. Everything else is Military SIGINT 2 - Methods to intercept phone calls
  • 31.
  • 32.
  • 33.
  • 34. The human factor: Quiz An employee of a Telco, 1800 USD net salary, working on technical structure is asked by an unknown person to wiretap a certain line. Is given 20k USD in advance. What he will do? 3 - The risk of eavesdropping a) Refuse the offer and report to the authority the request. He has an ethic! b) Accept the offer and execute the taping c) Accept and propose also a list price for phone call logs and details on owners of lines
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42. 1994 - France: Political spying by Mitterand cause him to loose election 4 - Real case, Real world, Real risk scenario
  • 43. 1996 - Poland: Plenty of requests by citizens to ombudsman that received illegal transcripts of intercepted phone calls 4 - Real case, Real world, Real risk scenario
  • 44.
  • 45. 2000 - UK: Incredible increased interception power and revelation of past activities 4 - Real case, Real world, Real risk scenario
  • 46.
  • 47.
  • 48.
  • 49.
  • 50. 2007 - USA: FBI missed to get authorization for interceptions because of too complicated laws 4 - Real case, Real world, Real risk scenario
  • 51. 2009 - Colombia: Continue the debate and fight on corrupted officials doing wiretapping paid by drug traffickers 4 - Real case, Real world, Real risk scenario
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75. SIGSALY Secure Voice System Circa 1943, SIGSALY provided perfect security for secure voice communication among allies. Twelve units were built and deployed in Washington, London, Algiers, Brisbane , Paris ….. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 76. Sylvania’s ACP-0 (Advanced Computational Processor) Circa 1966, the ACP-0 was the first programmable digital signal processing computer. A 12-bit machine, it was used to program modems, voice and error control coders. One unit was built, leading to the ACP-1, a 16-bit machine. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 77. Sylvania’s PSP (Programmable Signal Processor) Circa 1970, the PSP was Sylvania’s third generation programmable digital signal processing computer. A 16-bit machine. The PSP led to the STU-I. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 78. STU-I Circa 1979, the STU-I used the PSP digital signal processing computer. A few hundred units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 79. Original STU-II Circa 1982, the STU-II provided 2400 and 9600 bps secure voice. A few thousand units were eventually deployed. Reference: SCIP, Objective, History and Future Development: Veselin Tselkov Government and Military
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 85.
  • 86. SCIP protocol stack view Government and Military
  • 87.
  • 88.
  • 89.
  • 90.
  • 91.
  • 92.
  • 93.
  • 94.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99. Media encryption: SRTP IETF VoIP security standards
  • 100.
  • 101. E2S Key exchange: SDES packet IETF VoIP security standards INVITE sips:* [email_address] ;user=phone SIP/2.0 Via: SIP/2.0/TLS 172.20.25.100:2049;branch=z9hG4bK-s5kcqq8jqjv3;rport From: &quot;123&quot; <sips: [email_address] g >;tag=mogkx srhm4 To: <sips:* [email_address] ;user=phone> Call-ID: 3 [email_address] CSeq: 1 INVITE Max-Forwards: 70 Contact: <sip: [email_address] :2049;transport=t ls;line =gyhiepdm> ;reg-id=1 User-Agent: snom360/6.2.2 Accept: application/sdp Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE, PRACK, MESSAGE, INFO Allow-Events: talk, hold, refer Supported: timer, 100rel, replaces, callerid Session-Expires: 3600;refresher=uas Min-SE: 90 Content-Type: application/sdp Content-Length: 477 v=0 o=root 2071608643 2071608643 IN IP4 172.20.25.100 s=call c=IN IP4 172.20.25.100 t=0 0 m=audio 57676 RTP/AVP 0 8 9 2 3 18 4 101 a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbN a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:9 g722/8000 a=rtpmap:2 g726-32/8000 a=rtpmap:3 gsm/8000 a=rtpmap:18 g729/8000 a=rtpmap:4 g723/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-16 a=ptime:20 a=encryption:optional a=sendrecv
  • 102.
  • 103.
  • 104.
  • 105.
  • 106.
  • 107.
  • 108. E2E Key exchange: ZRTP (3) IETF VoIP security standards
  • 109.
  • 110. Comparison of key agreements method of SRTP IETF VoIP security standards Technology SDES SRTP - ZRTP SRTP - MIKEY SRTP - DTLS Require signaling security Yes No Depend Yes (with additional complexity) End-to-Site security Yes No Depend Yes End-to-End security No Yes Depend Yes (it depends) Man in the middle protection No Yes Yes Yes (not always) Different implementation in 2010 Yes Yes not widely diffused No
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.

Editor's Notes

  1. http://www.gsm-security.net
  2. http://gsmsecurity.blogspot.com/2009/05/a53-or-kasumi-encryption.html