| |
Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP
by noteworthy at 10:32 pm EDT, Jun 15, 2006 |
By: Steven Bellovin, Columbia University; Matt Blaze, University of Pennsylvania; Ernest Brickell, Intel Corporation; Clinton Brooks, NSA (retired); Vinton Cerf, Google; Whitfield Diffie, Sun Microsystems; Susan Landau, Sun Microsystems; Jon Peterson, NeuStar; John Treichler, Applied Signal Technology June 13, 2006 For many people, Voice over Internet Protocol (VoIP) looks like a nimble way of using a computer to make phone calls. Download the software, pick an identifier and then wherever there is an Internet connection, you can make a phone call. From this perspective, it makes perfect sense that anything that can be done with the telephone system -- such as E9111 and the graceful accommodation of wiretapping -- should be able to be done readily with VoIP as well. This simplified view of VoIP misses the point of the new technology. The network architectures of the Internet and the Public Switched Telephone Network (PSTN) are substantially different. Lack of understanding of the implications of the differences has led to some difficult -- and potentially dangerous -- policy decisions. One of these is the recent FBI request to apply the Communications Assistance for Law Enforcement Act (CALEA) to VoIP. The FCC has issued an order for all "interconnected" and all broadband access VoIP services to comply with CALEA (without issuing specific regulations on what that would mean). The FBI has suggested that CALEA should apply to all forms of VoIP, regardless of the technology involved in its implementation[17]. Some cases -- intercept against a VoIP call made from a fixed location with a fixed Internet address2 connecting directly to a big Internet provider’s access router -- are the equivalent to a normal phone call, and such interceptions are relatively easy to do. But if any of these conditions is not met, then the problem of assuring interception is enormously harder. In order to extend authorized interception much beyond the easy scenario outlined above, it is necessary either to eliminate the flexibility that Internet communications allow -- thus making VoIP essentially a copy of the PSTN -- or else introduce serious security risks to domestic VoIP implementations. The former would have significant negative effects on U.S. ability to innovate, while the latter is simply dangerous. The current FBI and FCC direction on CALEA applied to VoIP carries great risks. In this paper, we amplify and expand upon these issues.
|
| |
RE: Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP
by Decius at 4:31 pm EDT, Jun 16, 2006 |
noteworthy wrote: By: Steven Bellovin, Columbia University; Matt Blaze, University of Pennsylvania; Ernest Brickell, Intel Corporation; Clinton Brooks, NSA (retired); Vinton Cerf, Google; Whitfield Diffie, Sun Microsystems; Susan Landau, Sun Microsystems; Jon Peterson, NeuStar; John Treichler, Applied Signal Technology June 13, 2006 For many people, Voice over Internet Protocol (VoIP) looks like a nimble way of using a computer to make phone calls. Download the software, pick an identifier and then wherever there is an Internet connection, you can make a phone call. From this perspective, it makes perfect sense that anything that can be done with the telephone system -- such as E9111 and the graceful accommodation of wiretapping -- should be able to be done readily with VoIP as well.
Thanks for posting this. I've been doing a lot of VoIP work @ work and this is both certainly relevent and not something I've seen elsewhere. Having skimmed it, let me make two observations: 1. My interpretation of the FCC's limit of CALEA to "interconnected" and "broadband" VoIP is to say that CALEA compliance is only required if the VoIP provider is interconnected with the PSTN (which eliminiates the problems described in this paper) or the VoIP provider is also providing their customers with physical internet access (which also eliminates the problems described in this paper). My understanding is that the FBI knows tapping p2p VoIP is hard and they can't easily require it. 2. The reality that Internet CALEA compliance is hard isn't stopping people from trying. And, yes, I think that a single snmp message that configures a tap with nothing more then password protection is insanely insecure. With a designated physical tap network, with carefully crafted packet filters, this could be done, but how many times are people going to get that wrong? A lot... Its worth noting that temporarily, these Cisco routers can't tap IPv6. |
|
|
|
