[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IP] Feds: VoIP a potential haven for terrorists




On Sat, 19 Jun 2004, Daniel Golding wrote:

> Dean,
> 
> An exchange point may be the hardest place to capture VoIP traffic.
>
> For one thing, not too much VoIP traffic goes over exchange points today,
> although that may change in the future. (with ENUM, etc)
> 
> Also, the era of public switch exchange points is long over (LINX and JPIX
> are conspicuous exceptions) - most traffic is handled over OC-48 to OC-192
> private peering links. 

"Exchange points" may have been a bad term to use. Private peering links
tend to happen at places where the feds can easily** install a tap. But
one may or may not have to tap at these points.  All one has to do is
comply with CALEA.  Terrorist traffic is no doubt also the subject of NSA
interest. The NSA operates under different rules. Who knows what they are.

International traffic also goes through closely monitored links at well
known (to feds) locations.  Rumor has long had it that the NSA monitors
_every_ international call with automated voice recognition equipment that
looks for particular words and particular speakers. If they can do that,
then the international internet traffic is a relatively trivial task.  
Encryption may make that harder, but one can only imagine what sort of
technology might have been developed to break it. There is some evidence 
that such technology exists.

One might claim the sky is falling, but in reality, this situation isn't
really any different from the situation of the 1960s--just the equipment,
the companies, and the protocols are different.  The LEAs and the ISPs
will have to mutually adapt.  I think if there is any problem, its that a
lot of ISPs aren't really up to CALEA requirements, and that the LEAs
aren't really up to working in the new environment.

I remember the last "sky is falling" episode when terrorists started using 
PGP and steganography to transmit messages. Then later we heard that some 
Al Quaeda PGP messages were decrypted.  I suspect same goes for VOIP.

> These are concentrated in about a dozen locations worldwide. Either way,
> tapping a 10 gig ethernet span port or putting on an OC192 optical tap
> to a carrier peering router are technically difficult solutions. 

Yes, and the agencies (eg NSA) doing the tapping have approximately
unlimited funding and expertise at performing these sorts of operations.  
The others (FBI and other LEAs) have to rely on vendors and ISPs to 
implement CALEA requirements.


> Aside from the encryption, the sheer volume of traffic is huge. The lack
> of ability to selectively filter at those speeds also complicates
> things. 

> Finally, you would need to tap without service interruption - pretty
> tough if you are putting a tap on an OC-192 link between AT&T and MCI,
> for example.

This isn't that tough**. Expensive perhaps, and beyond the capability of a
hacker, but otherwise, fairly straightforward. Indeed, I'd suspect that
tapping an OC192 is significantly easier than putting up a special
satellite to tap a terrestial microwave link, which was done with
1970s/1980s technology.

** (bend the cable, and photons leak out, which allows the signal to be
captured without interrupting the signal. Now you just have to have OC192
equipment to decode and store or extract the interesting stuff.  The
government has that capability, too.  While quantum mechanics permits the
construction of untapable optical links, this isn't what you purchase 
commercially.

> I suspect that the feds want to capture this stuff as close to the edge as
> possible. It makes for a much more manageable problem.

The closer to the edge, the more points you need to manage.  Telcos
provide tapping facilities from every CO. There are a lot of COs. VOIP
isn't that much different in principle, but the old facilities won't work.  
But CALEA solves this problem.

> As far as the encryption - well, government agencies have been buying lots
> of CPU elements for various supercomputer clusters, both Intel CPUs and
> Apple G5s. There's only a couple real uses for those - breaking encryption,
> simulating bombs, etc. Of course, its all a matter of key length. With
> processing delay, I'm guessing there is a practical limit to encryption key
> length for VoIP without impacting quality?

I used to work for a supercomputer vendor (Kendall Square Research) back
in the early 1990s, have some idea of what can be done with about $50 to
100 million, and I've read about the kind of stuff the NSA does (eg
Bamfords books on the NSA).  Before then, I worked at Draper labs, which
had black projects, and the company worked on projects such as the Navy's
"rescue" submarine, which is rumored to be anything but. Bamford reports
that NSA has its own chip fabrication facilities.  This might be to make
"clean" copies of intel chips (which isn't so silly--think virus in
silicon), but it might also be to make custom chips for cracking codes.

The bomb simulation stuff ran fairly well on Cray XMPs. This level of
performance isn't that impressive anymore.  A linux cluster can outperform
this. Plus, we haven't been building better bombs recently. While I
imagine there is still some research ongoing--I suspect it doesn't have
the funding priorities it used to.  My guess is that they are simulating
other sorts of things. Probably simcity type stuff only with real
political and social profiles.

Also, if you consider the EFFs "Cracking DES" book, which described the
construction of a brute force DES cracker for under $200K (1998 dollars
and technology), and attempt the same on a large super computer, the
special hardware version will probably be cheaper and faster, even given
construction time.  I'd guess that decryption is probably last on the list
of things they are doing with their new clusters.

By the way, the "key length" assertion is (if history is any guide)  
probably wrong.  If you read David Kahn's book "The Codebreakers", he
notes that the every broken cryptosystem's had a "brute force effort", but
that effort was never necessary to break the system. So far as I know, DES
is the only "broken" crypto system that could be broken only brute force.  
A number of books on cryptography seem to suggest suspicions that there
might be ways to break DES without brute force.

On the other hand, if cryptosystems are easy to construct that can't be 
broken, then terrorists will use them with or without VOIP.  So, VOIP 
doesn't matter one way or the other. I think its just another "sky is 
falling" exercise in futility.

		--Dean


--
To unsubscribe send a message to voip-peering-request@psg.com with
the word 'unsubscribe' in a single line as the message text body.
An archive is at <http://psg.com/lists/voip-peering/>.