Privacy, Secrecy, and Security

Download this as a white paper View Presentation

Privacy, Secrecy, and Security

Aside from features that will be appealing to users, there are fundamental requirements of Privacy, Secrecy, and Security that are seldom discussed openly with regard to VoIP.  But they are serious issues, and need to be fully considered by users, corporations, telecommunications carriers, VoIP carriers, law enforcement agencies, and federal and state governments.  As we all know, the Internet is a lawless frontier, where nothing is safe and secure, and reliability is always one step away from calamity. 

Security and Vulnerability

World War II Poster

VoIP does little to protect the interests of these individuals and organizations, not to mention protecting the security of the United States.  We suffer untold numbers of hacker attacks DAILY, systems broken into, identities stolen.  The entire worldwide DNS system was brought to its knees by hackers.  In August, 2008, Russia launched a cyber attack against Georgia two days before its ground attack. In previous wars, aircraft were sent in first to destroy radar installations and command centers to “blind” the enemy.  This time, aircraft were not necessary. The Russians paralyzed the Georgian government and civilian infrastructures alike with massive Denial of Service (DoS) attacks and other tactics.  Cyber warfare is real, and any technology that is susceptible to it is at risk.

Fundamentally, no one can guarantee that Internet communications cannot be intercepted and monitored.  We all need to ask: Is this what we want for our telecommunications system?

Follow the link above to read the White Paper at the following headlines, which discusses this topic in much more detail:

Defining the Problem... How can we achieve multimedia telecommunications and still accommodate nation securituy needs and maintain the tradition integrity and reliability that we all expect?

Problems: VoIP Technology Presents Security Risks at Several Levels:

DNS - a History of Exposures and Attacks

VoIP Shares All the Risks of the Internet

The Architecture of the Internet Itself Is The Flaw

Problems: VoIP Technology Presents Business Risks to Telephone Carriers

Read the above references to learn VoIP can ‘t be fixed, and why you are at risk simply because the other party uses VoIP!

Privacy, Secrecy, and Legal Requirements

While not commonly addressed (at least, until the lawsuits start), in addition to the obvious (protection from snooping) there are at least three requirements that need to be met: unlisted numbers, legal call trace, and legal wiretapping.

There are two aspects to unlisted numbers: the obvious is that the number is not published, and so the number is effectively secret; but with equal importance, you can call someone from an unlisted number and not only is it practically impossible for the called party to discover the phone number of the caller (since the number is not displayed on Caller-ID), but also the called party can’t tell the location from where the call was placed.  In support of this requirement, any Internet telephony technology must prevent IP tracing software from revealing the geographic locale of calling parties for legal and security matters such as protecting battered spouses and people in witness protection programs.  Consider the scenario of a battered spouse, in hiding at her sister’s house in St. Louis.  If her husband learns she is in St. Louis, he knows where to find her.  If she calls to check on the kids using a VoIP phone, and he does a packet trace, bingo – he knows where she is at.  This is trivial to accomplish on the Internet. 

By contrast, here’s how Privacy, Secrecy, and Security are achieved in the Next Generation of Telecommunications.  Figure 1 illustrates that Internet data does not transit directly between calling and called devices. Instead, those connections are sent through proxy servers which are controlled by SS7 messages, and do not respond to ping and traceroute queries.  They might be randomly selected, so a proxy server in New York City will be selected on one call, but a proxy server in Washington D.C. might be selected on the next call from the same phone.

The proxy servers set up pairs of IP addresses, with one pair carrying data from the calling to called party, and the other pair carrying data in the reverse direction.  It would be virtually impossible for someone of ill intent to be able to associate those two pairs together. Encryption is the solution to prevent others from monitoring data being transmitted between two locations.  There are two basic methods: Public Key and Secret Key (a key is simply a very big number).  Public Key assumes that the key is transmitted in the open and is therefore susceptible to attack; the encryption methodology is very rigorous. Public key encryption is very effective, and has not been known to be broken. However, it is computationally intensive, and is not practical for real-time requirements such as communications.  For secret key, think of a courier carrying an attaché cases handcuffed to his wrist.  The secret key assumes that the key cannot be discovered, and with that assumption, secret key encryption offers essentially the same level of protection as public key.  It has the significant advantage that it is computationally modest, and can encrypt and decrypt in real-time. 

Secret key is not acceptable for general Internet usage, because there is no way to prevent snooping.  However, in the Next Generation environment, the keys are transmitted across a secure network – offering a very high degree of security for the keys.  Furthermore, there can be separate keys for each half (direction) of the conversation.

 

Privacy, Secrecy, and Security in Next Generation Telecommunications

• Supports unlisted numbers and IP addresses
• Privacy, secrecy, and security of MultiMedia Communications are:
• Absolute!
• Impenetrable!
• But still permits legal call trace and wiretapping