On Aug 25, 2013, at 6:28 PM, Perry E. Metzger wrote:
[Commenting on just one minor piece]
> ...Similar techniques may be useful for voice traffic, but that has
> "interesting" latency requirements, and they're hard to fulfill with a
> mix network that might take arbitrary time. There's been some
> interesting work by a number of people (including one of my doctoral
> brothers) on this topic. It probably would require a bunch of
> experimentation to get it right. On the other hand, anything might be
> better than what we have now for voice traffic, which is essentially
> zero privacy from the operators of most of the services.
There's another problem with voice: People have come to expect services beyond
the old point-to-point conversations that the traditional phone network
provided. Group conferences are now very much an expected part of on-line
voice services. These actually require fairly sophisticated processing of the
audio to balance levels, avoid or suppress echoes, and so on. The only
implementation techniques available today require a central server with access
to cleartext voice streams. Not only does the server need to be trusted to
handle the cleartext voice streams, it has to be trusted to do all the
authentication - what comes out of the system doesn't usually match what went
in from any one endpoint.
Multi-way chat has similar, if much simpler, problems.
On the rare occasions these problems (or even multi-party video conferencing)
get mentioned, someone usually suggests using homomorphic cryptography.
Besides being way too expensive to be practical at the moment, it's not even
clear to me that it provides a useful kind of security. What kind of
authentication model could such a system implement? Without it, what's to
prevent a rogue server from inserting its own voice into the conversation?
There are probably a couple of nice PhD dissertations in here....
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
