CBR to avoid "uncovering" sniffing

Mumble about Mumble

CBR to avoid "uncovering" sniffing

Postby Isaac » Sat Dec 06, 2014 12:14 am

Specialized software can figure out with good certainty what was said over a VBR encrypted stream without decrypting the stream by analyzing the ups/downs in the bitrate.

Paper by some engineering school - http://www.cs.jhu.edu/~cwright/oakland08.pdf

Paper by some other school (university) - http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf

Could an option be added to force the use of CBR (Constant Bit Rate) on the server?

Encryption is nice, but if 90% of the conversation can be figured out by software...it's not very private.

Thanks,
Isaac
Isaac
 
Posts: 2
Joined: Fri Dec 05, 2014 11:44 pm

Re: CBR to avoid "uncovering" sniffing

Postby hacst » Sun Dec 14, 2014 2:52 pm

We are aware of this and for Opus we are using CBR.
hacst
Team member
Team member
 
Posts: 339
Joined: Wed Sep 23, 2009 4:28 pm


Return to General

Who is online

Users browsing this forum: No registered users and 3 guests

cron