Novel solution proposed to improve security on Voice Over Internet
BIRMINGHAM, Alabama: Researchers at the University of Alabama at Birmingham (UAB) have developed a novel method to better protect Crypto Phones from eavesdropping and other forms of man-in-the-middle attacks.
Crypto Phones consist of smartphone apps, mobile devices, personal computer or web-based Voice over Internet Protocol applications that use end-to-end encryption to ensure that only the user and the person they are communicating with can read what is sent. For security, Crypto Phones require users to perform authentication tasks.
“Research has shown that these tasks are prone to human errors, making these VoIP applications and devices highly vulnerable to man-in-the-middle and eavesdropping attacks, said Nitesh Saxena, associate professor in Computer Science.
In a paper published at the Association for Computing Machinery Conference on Computer and Communication Security, Saxena and Ph.D. student Maliheh Shirvanian introduce Closed Captioning Crypto Phones to address the issues in currently deployed Crypto Phones.
“Closed Captioning Crypto Phones remove the human element from the checksum comparison process by utilising speech transcription,” Saxena said.
When a user announces the checksum to the other person CCCP automatically transcribes the spoken code and performs a code or checksum comparison for the user.