TMCnet News

Secret messages could be hidden in net phone calls
[May 30, 2008]

Secret messages could be hidden in net phone calls


(New Scientist Via Acquire Media NewsEdge) THE next time your internet (VoIP) phone call sounds a bit fuzzy, it might not be your ISP that's to blame. Someone could be trying to squeeze a secret message between the packets of data carrying the caller's voice.



Wojciech Mazurczyk and Krzysztof Szczypiorski, information scientists at the Institute of Telecommunications in Warsaw, Poland, revealed last week that they are developing a "steganographic" system for VoIP networks (www.arxiv.org/abs/0805.2938). Steganography is the art of hiding messages by embedding them in ordinary communications. For example, a message can be encoded as a string of numbers which are used to modify the brightness and colour of an image. The effect is too subtle to be noticed by unwitting observers but the message can be deciphered with appropriate software by anyone who knows it's there.

Now the Polish researchers have worked out how to use internet phone calls rather than images as the carrier. "The idea is simple," says Mazurczyk: you replace some of the voice data packets that you are sending with the hidden message. This is possible because VoIP uses a data transmission routine called the User Datagram Protocol (UDP). Unlike the more familiar TCP, which delivers web pages and emails, UDP does not guarantee that packets will arrive in the same order they were sent: they may arrive out of order, be duplicated or simply go missing. The fact that the voice message can survive when VoIP packets are lost means that some of them can be used for another message - the hidden one.


"We intentionally hold on to secret message packets for some time before sending them. This means when they are received they will not be treated as voice packets but as lost ones," explains Mazurczyk. The researchers are trying to minimise the number of packets used to avoid degradation of audio quality - which could be a giveaway to any eavesdropper who suspects there is a message hidden in the call.

"It's an interesting proposal: it makes sense to hide data in a VoIP payload," says Tyler Moore, a computer security engineer at the University of Cambridge. However, he warns that while the message may be hidden, the identities of the callers aren't - and that's often all a snooper needs to know.

Copyright ? 2008 Reed Business Information - UK. All Rights Reserved.

[ Back To TMCnet.com's Homepage ]