This is a read-only archive of the Mumble forums.

This website archives and makes accessible historical state. It receives no updates or corrections. It is provided only to keep the information accessible as-is, under their old address.

For up-to-date information please refer to the Mumble website and its linked documentation and other resources. For support please refer to one of our other community/support channels.

Jump to content

CBR to avoid "uncovering" sniffing

Isaac

By Isaac,
in General

 Share

Recommended Posts

Isaac Newbie

Isaac

Posted
Posted

Specialized software can figure out with good certainty what was said over a VBR encrypted stream without decrypting the stream by analyzing the ups/downs in the bitrate.


Paper by some engineering school - http://www.cs.jhu.edu/~cwright/oakland08.pdf


Paper by some other school (university) - http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf


Could an option be added to force the use of CBR (Constant Bit Rate) on the server?


Encryption is nice, but if 90% of the conversation can be figured out by software...it's not very private.


Thanks,

Isaac

Link to comment
Share on other sites
  • 2 weeks later...
 Share
Go to topic listing
×
×
  • Create New...