We present an approach to scalable, secure voice over IP (VoIP) teleconferencing on commodity mobile devices and data networks with end-to-end homomorphic encryption. We assume an honest-but-curious threat model where an adversary, despite observing all communications between participants and having access to teleconferencing servers, is unable to obtain unencrypted data and subsequently listen to the conversation. Prior secure VoIP teleconferencing services have relied on: 1) teleconferencing clients to maintain point-to-point encrypted links with other clients or 2) a teleconferencing server which can access and manipulate VoIP streams unencrypted. Our approach mixes VoIP data streams at a single teleconferencing server only while encrypted. Data streams are never decrypted at the teleconferencing server. Innovation comes from an efficient VoIP encoding to reduce circuit depth for homomorphic mixing of encrypted VoIP data, parameterization for low bandwidth usage and integration into an existing open-source VoIP infrastructure. We experimentally evaluate on commodity iPhones, mixing at the VoIP servers on lowest cost Amazon AWS cloud server instances and communicating on commercial data networks and 802.11n access points.
|Number of pages
|IEEE Transactions on Information Forensics and Security
|Published - May 2017
All Science Journal Classification (ASJC) codes
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- communication security