Our solution, “ETERNAL: Encrypted Transmission with an Error-correcting, Real-time, Noise-resilient Apparatus on Light-weight devices,” is based on off-the-shelf lightweight hardware components and standard AES encryption, together with sophisticated error correction and software transformations. This solution differs from – and can in some cases augment or replace – hardware solutions (such as vIPer) or purely software solutions (such as RedPhone) because it serves as a software solution that can be run on any COTS device that sits between your comms device and headset.
Our pioneering demonstration is with secure voice chat, which enables it to provide encryption despite packet loss (typically, encryption and packet loss from analog signals do not perform well). However, our technology can go far beyond voice and can be used for multitudes of analog, digital, or possibly RF channels that require real-time security and robustness. Our ETERNAL solution can secure the transfer of data by being installed on standard commercial off-the-shelf (COTS) hardware, which will sit between a user’s headset and phone (and in general, any analog or digital data to be exfiltrated and any communication device and channel). While it can be miniaturized to further reduce SWAP-C requirements, one of the perceived benefits of the solution is that it does not require special hardware that may stand out.
Technical Approach
We are not starting from zero and we already have a working prototype that we plan to expand further. Our main objective was to demonstrate our mathematically provable designs by taking them from theory to prototype, using encrypted voice as an example of analog data to be secured. The initial prototype is able to encode and decode voice communications in real-time between two people using a lightweight, COTS computational device that sits between the headset and the phone. Thus, by the time the signal gets to the computer/phone it is already encrypted, and even if the computer/phone is bugged or compromised, an attacker is powerless to capture any meaningful data.
Our initial voice prototype currently operates at a TRL 5 level, and we have already demonstrated its ability to encrypt and decrypt voice communications in real time between two people using a lightweight computational device (Raspberry Pi RPi 1 Model B+, Raspberry Pi RPi 3 Model B) that sits between the headset and the communication device (Android phone, iOS phone, laptop computer). We tested the prototype to function over several communication channels as well, including popular teleconferencing software such as Skype, WhatsApp, Google Hangouts, and Mumble. We have designs to further extend our solution to take advantage of multiple communication channels (such as mobile networks and wireless LAN networks) to achieve robustness, though these remain to be further explored.
Our overall approach is based on revolutionary data processing ideas that have potential for multiple applications in control over remote physical devices with an efficient, tight feedback loop over noisy channels. We believe our technology has many data exfiltration applications in traditional analog communication as well as in cyber-physical systems. We combine several conceptual software modules into a single software solution that can be run on standard COTS hardware:
Modem. The modem module provides a mechanism for sending and receiving arbitrary digital data over the speech channel. The modem module translates between messages of a fixed number of bits and messages of a fixed number of audio samples. The bit messages are communicated with the error correction module, and the sample messages are rendered and recorded at a fixed rate to and from the audio output and input. This establishes a lossy communication mechanism over the speech channel.
Error Correction. The error correction module provides a mechanism for mitigating possible damage that messages experience when they are transmitted over the speech channel and decoded by the modem module. The error correction module translates between messages of one fixed number of bits to messages of another, larger, fixed number of bits that include error correcting bits. This establishes a mechanism to correct a limited number of damaged bits received from the modem module.
Encryption. The encryption module provides a mechanism for encrypting the messages received from a codec module and decrypting the messages received from the error correction module. Virtually any stream cipher can be employed for encryption; we use the standard AES128 in CTR mode as our base implementation.
Impact (Current and Future)
- Standard communication device compatibility. Our existing prototype is compatible with any communication device that has a standard 3.5mm headphone jack (including Android/iOS phones, laptops, tablets, and more). One potential area of investigation is to enhance this compatibility with other forms of pairing, such as Bluetooth or Wifi.
- Small and lightweight. One strength of our ETERNAL solution is that it is designed to be interoperable with and installable on many lightweight computing devices.
- Supports real-time voice communications. Although not all data needs to be exfiltrated in real time, our initial prototype already demonstrates real-time voice communication (with under 600ms delay) that is secure and robust when transmitted over standard VoIP. Our plan is to further improve our design to accommodate other analog channels and environments.
- Supports various forms of data communications. A key innovation in our solution is that not only does it support real-time voice communication, it can also be used to encode arbitrary digital data into an analog signal with error correction and encryption that is robust to distortion, and therefore can be used to send data over analog channels.
- Low probability of intercept and detection. Our design potentially lends itself to encoding on an arbitrary carrier signal, thus hiding the data in what appears like a noisy ordinary signal (e.g., playing Bach instead of white noise over VoIP while carrying an encrypted conversation on the signal). Finally, the only additional piece of hardware is the ETERNAL device itself, which can be arbitrary COTS hardware including a laptop or a small microcomputer; the use of such inconspicuous hardware further reduces the chances of raising adversaries’ suspicion and inviting detection.
- Communicate in the presence of low bandwidth and interference. Our initial prototype already demonstrates resilience to a certain class of interference, namely that of voice audio filtering on standard VoIP channels.