Security Challenges for CALEA in Voice over Packet Networks

[david koontz]

"The transmission of voice over packet networks presents new challenges
in security for electronic surveillance, which is also known as
Communications Assistance for Law Enforcement Act (CALEA). The major
challenges are how to intercept the packets from/to the targeting
devices and how to interpret and encrypt/decrypt them. It often seems
that the goal of CALEA conflicts with the goals of security, yet there
is an obvious need for law enforcement to intercept VoIP packets.

This white paper, authored by surveys the stated security challenges
and presents the technical background to help participants understand
the ramifications of these issues. The author presents some solutions to
security issues in VoIP networks and discusses how the industry might
approach and resolve these concerns in the future."

http://focus.ti.com/pdfs/bcg/voip_calea_wp.pdf  Sophia Scoggins, PhD 
Voice over Packet Business Unit, TI
(pdf - 886 Kbytes)

There's a presumption stated in the paper that intercepting Voice over
Packet networks (VoP)  is required to 'fight terrorism', and includes a
call of 'TIA must publish a new set of specifications for CALEA over
Internet'.

Other than the obvious use of the war against terrorism as the root
password to bypass the scientific method in drawing conclusions, its
informative.   Either it is impractical, or we are leading to an era of
licenses for internet connections, with DRM managed IP stacks and
protocols.  I don't see why someone can't specify protocols for VoIP
phones that interact with a switch/PBX function en clair, while
establishing secure communications between endpoints, or even separate
secure sessions with the switch/PBX and other endpoints.  It isn't
apparent if anyone will be 'suitably incentivised' to use protocols
where the keys can be recovered from a 'Security Gateway'.

In addition to VoIP, there are several legacy voice security software
packages available for PCs, and UNIX like workstations.  The difference
is between having access to a VoIP phone and a laptop.  Voynage and the
like provide the ability to determine availability of another end point
on the internet.  It has always been possible to establish
communications by depending on out of band information, the equivalent
of coming to periscope depth at 5 til midnight, or listening to BBC
broadcasts for message indicators. Likewise it isn't clear traffic flow
analysis isn't more important that actual intercepts.  The whole thing
sounds reminiscent of the tortured logic used to explain air port
security measures or how Escrowed Encryption would be used to catch dumb
criminals.

>From a manufacturers point of view, its 'We want to manufacture VoIP
phones that can be tapped,  but you'll need to twist the internet into
this shape.'



       








NOTICE: This message contains privileged and confidential
information intended only for the use of the addressee
named above. If you are not the intended recipient of
this message you are hereby notified that you must not
disseminate, copy or take any action in reliance on it.
If you have received this message in error please
notify Allied Telesyn Research Ltd immediately.
Any views expressed in this message are those of the
individual sender, except where the sender has the
authority to issue and specifically states them to
be the views of Allied Telesyn Research.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com