This is a read-only archive of the Mumble forums.

This website archives and makes accessible historical state. It receives no updates or corrections. It is provided only to keep the information accessible as-is, under their old address.

For up-to-date information please refer to the Mumble website and its linked documentation and other resources. For support please refer to one of our other community/support channels.

Jump to content

CBR to avoid "uncovering" sniffing


Isaac
 Share

Recommended Posts

Specialized software can figure out with good certainty what was said over a VBR encrypted stream without decrypting the stream by analyzing the ups/downs in the bitrate.


Paper by some engineering school - http://www.cs.jhu.edu/~cwright/oakland08.pdf


Paper by some other school (university) - http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf


Could an option be added to force the use of CBR (Constant Bit Rate) on the server?


Encryption is nice, but if 90% of the conversation can be figured out by software...it's not very private.


Thanks,

Isaac

Link to comment
Share on other sites

  • 2 weeks later...
 Share

×
×
  • Create New...