Industry News Home More stories like this... RSS Feed

Compression causes VoIP security threat

Compression techniques used in VoIP calls are not safe enough, experts from Johns Hopkins University have warned.

According to research conducted by the university, combining standard encryption and compression methods is not enough and can still leave computers at risk of bugging, reports Tech World.

The researchers said VoIP calls which are normally used in programmes such as Skype and other IP telephony are encrypted using a technique that preserves the lengths of voice patterns in the original, unencrypted conversation.

Though difficult to tap into in this version, the researchers discovered that when the variable bitrate (VBR) compression technique is employed information about the conversation is leaked out.

They said in the report: "On average, our method achieves recall of 50 percent and precision of 51 percent for a wide variety of phonetically rich phrases spoken by a diverse collection of speakers.

"We show that this information leakage is far worse than originally thought."

A report from the Voice over IP Security Alliance early this year urged businesses and individuals adopting IP telephony to beware of its security implications.

PC Tools, Experts in online security and trusted by millions worldwide! Visit www.pctools.com to upgrade your protection.