This discussion is archived
1 2 Previous Next 21 Replies Latest reply: Jun 24, 2012 3:43 PM by 898586 Go to original post RSS
  • 15. Re: Self-devised encryption
    802607 Explorer
    Currently Being Moderated
    895583 wrote:
    The net effect of what I describe is intended to be a jumbled (if you like) sequence order that is itself encrypted (via SSL). Assuming that SSL does its job, and protects that ordering, it would appear to be onerous and irksome for an intercept to re-render the packets (VoIP) into a meaningful or intelligible stream.
    Depends. A real-time intercept might be challenging, but someone who is intent on determining strategic intent from the conversations might collect the packets and write software to attempt re-assembling them based on the digital-analog conversion of the voices. While bits in the digital stream of disjointed packets cannot be distinguished from each other, the tone, pitch and audible level of sound can, when it is converted to a wave form. Software could match these properties at the ends/beginnings of each packet, and based on matches, attempt to string them together.
    In practice, this scheme likely wouldn't work particularly well for voice packets, given that they are highly perishable.
    Once again, it depends on the context and/or the people on each side of the conversation. Even if it takes an attacker 10-days of processing to string conversations together, it might give them valuable information on anything that has a shelf-life of longer than 10-days.

    Arshad Noor
    StrongAuth, Inc.
  • 16. Re: Self-devised encryption
    898586 Newbie
    Currently Being Moderated
    Yes, I would agree with all that. It's not true encryption, but it would seem to make capture and processing reasonably difficult at a 'casual' level.
  • 17. Re: Self-devised encryption
    898586 Newbie
    Currently Being Moderated
    There's probably an optimum somewhere - I wondered after I had closed the question, what the scenario would look like if one had, say, 7 sockets open, and, instead of facing the latency involved in re-ordering packets arriving at just one socket, a read-ahead selector would pick up parallel-arrivals across the 7 sockets and 'play' them in the right order instead?
  • 18. Re: Self-devised encryption
    802607 Explorer
    Currently Being Moderated
    As I indicated in my first response, since there is no cryptography question in your use-case, what you really need is to post this to the "performance" forum to get their insight on the best way to design this. I don't want to even hazard a guess since I would be out of my depth in that arena. Good luck.

    Arshad Noor
    StrongAuth, Inc.

    P.S. If the suggestions from the performance forum are good and work well for you, it would be helpful for you to post a link to that thread in this thread. It will provide closure for anyone with a similar problem. Thanks.
  • 19. Re: Self-devised encryption
    898586 Newbie
    Currently Being Moderated
    Sure.
  • 20. Re: Self-devised encryption
    661723 Explorer
    Currently Being Moderated
    895583 wrote:
    Hello, and hope all you fine first class passengers are in good fettle today. Especially EJP if he's around.

    Now I have an operationally acceptable Java VoIP system, I am considering the sagacity of using a randomiser to re-order the packets (since they are UDP, SSL won't help me here) to pseudo-encrypt the stream. I wondered if anyone would like to offer a comment - of any kind - about the pros and cons (if there are any) of implementing such a thing. Thank you gentlemen.
    Have you tried the same with non-linear function(s) with logistic map to improve such?
  • 21. Re: Self-devised encryption
    898586 Newbie
    Currently Being Moderated
    No - haven't even tried my own suggestion yet. What would yours entail?
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points