Luis Sequeira

Luis Sequeira

Luis Sequeira is an IT professional with experience in cloud environments, quality of service and network traffic analysis, who loves looking for solutions to engineering challenges, share knowledge. At work, the main challenge is to integrate different network and software technologies to provide solution in a wide range of areas, e.g., virtual network functions, machine learning, autonomous driving, robotics and augmented reality.

The development of VoIP (Voice over Internet Protocol) technologies have been widely accepted by companies seeking lower costs for voice communications mainly in SMEs (Small and Medium Enterprises) environments. The term VoIP should not be confused with ToIP (Telephony over IP), VoIP refers to the technology required for voice communication over IP, while ToIP is a telephone service for users, which uses VoIP technology to give such service.

VoIP allows voice transmission via an IP network, including those connected to the Internet. It involves digitizing voice signals, via a codec. The bandwidth consumption of such communication is directly related to the codec as shown in Table # 1.

 

Codec

Bit-rate

G.711 56 or 64 Kbps
G.722 48, 56 or 64 Kbps
G.723 bit-rate 5,3 or 6,4 Kbps
G.728 16 Kbps
G.729 8 or 13 Kbps

Tabla # 1: Bandwidth consumption for different codec

 

Furthermore, VoIP uses various types of techniques for call signaling, not having a defined protocol in this field. SIP (Session Initiation Protocol) is one of the protocols used for this purpose, also deployments with H.323 (a recommendation from the ITU Telecommunication Standardization Sector, ITU-T) or IAX (Inter-Asterisk eXchange protocol, native to the Asterisk private branch exchange, PBX) can be found.

SIP is one of the most widespread protocol in the implementation of ToIP. This protocol is responsible for the end-to-end communication signaling, call establishment procedures, communication modification and its termination.For transmitting real-time data, VoIP uses the RTP (Real time Transport Protocol) protocol, which is responsible for transmission control in the multimedia sessions and uses UDP (User Datagram Protocol) as the transport protocol. In Figure # 1, the header distribution for each VoIP packet is observed.

 

Figure # 1: VoIP Packet transmitted by the stations.

Some time ago, I read an interesting article of a "successful attack" against AES, the famous symmetric-key algorithm. Raphael C.-W. Phan [1] presented a seven rounds "impossible differential attack" for AES-192 and AES-256. Someone may ask: what kind of attack is this?, well, it is a crypt-analysis that takes advantage of the differences that are impossible to be, in a data block through encryption, in order to discover the key?. Without going into many details of the method used, below I comment some of the most important results of this study.

The attack involves taking pairs of identical texts in all bytes except one and encrypt these texts, then, analyze the data produced at the outputs of each rounds in order to observe the evolution of the information during the encryption process. With this information, a impossible key's probability (or probability 0) can be assigned.

The attack is based on the algorithm outlined in [1], which is used to break AES-192 and AES-256, it consists in 9 steps and focuses on the key expansion system. The algorithm permits to perform certain calculations and assigns probabilities when some sub-keys have been determined. In summary, the author hopes to determine the key in the seventh round with the mathematical model presented in this study, by observing the movements made by the various transformations.

Summarizing the results obtained in [1], for the case of AES-192, 292 plain texts, 2153 memory words and 2186 encryptions were required, in the case of AES-256, 292.5 plain texts, the same memory space 2153 and 2250.5 encryptions were requiered. The Table # 1 shows a comparison between the results presented by [1] and two earlier attacks with fewer rounds.

 

Table # 1: Comparison of results to attacks on AES [1].

 

Aside from the process itself, and analyzing the results of this attack, we can see that to break the algorithm, the test has needed 2186 and 2250.5 encryptions for AES-192 and AES-256 respectively. Taking into account that an exhaustive search would have taken 2192 and 2256 for each algorithm respectively, we could say that the attack presented by [1] has been successful.

Now, it is important to clarify that this is an attack on reduced-rounds (7 rounds) and AES may have a key length of 128, 192 or 256 bits for an amount of standard rounds: 10, 12 and 14 respectively. This means that despite the successful attack presented, AES maintains a large margin of safety with respect to this study, because there are 5 rounds of difference (for AES-192), and thus, the decoding complexity of an information packet is increased by applying the number of rounds which is defined by the standard.

 

Reference

  1. Raphael CP. Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES). Information Processing Letters (2004) 91: pp. 33-38.

 

 

 

Package managers are tools to automate the process of installing, upgrading, uninstalling or configuring software on Linux. Package managers are part of the operating system and they use a single database for installation and a single packet format, for example: rpm or deb. They are also responsible for checking the digital signature, and dependency resolution for updates.

Page 6 of 11