Signaling Vulnerabilities in Wiretapping Systems
11 October 2005; revised 30 November 2005
In a research paper appearing in the
November/December 2005 issue of IEEE Security
and Privacy, we analyzed publicly available information and
materials to evaluate the reliability of the telephone wiretapping
technologies used by US law enforcement agencies. The analysis found
vulnerabilities in widely fielded interception technologies that are
used for both "pen register" and "full audio" (Title III / FISA) taps.
The vulnerabilities allow a party to a wiretapped call to disable
content recording and call monitoring and to manipulate the logs of
dialed digits and call activity. These countermeasures do not require
cooperation with the called party, elaborate equipment, or special
skill. Preliminary drafts of the paper have been made available to
the law enforcement community; contact the authors at the above email
We found exploitable vulnerabilities present in virtually all analog
"loop extender" wiretap systems and in at least some systems based on
the newer J-STD-025A CALEA interfaces. The vulnerabilities arise from
the use of unsecured "in-band" signals that can be spoofed or
manipulated by an interception target via his or her own telephone
In the most serious countermeasures we discovered, a wiretap subject
superimposes a continuous low-amplitude "C-tone" audio signal over
normal call audio on the monitored line. The tone is misinterpreted
by the wiretap system as an "on-hook" signal, which mutes monitored
call audio and suspends audio recording. Virtually all conventional
analog loop extender interception systems appear to be vulnerable to
this countermeasure. CALEA systems that implement backward
compatibility features requested by the Justice Department in 1999 are
vulnerable as well. Audio examples (in MP3 format) of a wiretap
subject employing C-tone countermeasures can be found below.
Loop extender systems are susceptible to other countermeasures as
well. In particular, a subject can employ a simple computer-aided
dialing procedure (which we call "confusion/evasion dialing") that
prevents the dialed outgoing telephone numbers from being recorded
accurately by the tap. Wiretap subjects can also falsely indicate the
ending times for calls they make and receive and can inject false
records of outgoing and incoming calls (appearing to be to or from any
numbers they choose) into pen register logs.
Our analysis was based entirely on information obtained from published
sources and equipment purchased openly in the retail and surplus
markets. It is therefore possible (and perhaps even likely) that
similar countermeasures have already been discovered and actively
employed by motivated wiretap targets, e.g., in organized crime.
Currently fielded telephone interception systems should be evaluated
with respect to these vulnerabilities and re-configured or modified
where possible to reduce their susceptibility. In addition, the
possibility of these or similar countermeasures should be considered
in analyzing previously collected wiretap evidence and intelligence.
A detailed technical analysis of the vulnerabilities and their
implications can be found in the full paper at http://www.crypto.com/papers/wiretap.pdf.
There is unfortunately little room to make conventional loop extender
interception systems more robust against these countermeasures within
their design constraints; the vulnerabilities arise from inherent
properties of their architecture and design.
Some CALEA systems, on the other hand, may be able to be made more
robust against these countermeasures with relatively modest
configuration changes. In particular, CALEA equipment that processes
call audio may have features that control recording via in-band C-tone
(sometimes called "continuity tone") signals on "Call Content Channel"
(CCC) audio streams. These features should be disabled.
Instead, these systems should be configured to rely exclusively on
"Call Data Channel" (CDC) messages to determine when recording
commences and stops. Telephone companies and law enforcement agencies
should confirm the configuration and behavior of their CALEA delivery
and collection systems with their vendors.
Wiretap evidence, whether collected by loop extender or CALEA systems,
should be evaluated for signs of signaling countermeasures. In
particular, records of dialed numbers and call times should be
examined for discrepancies against telephone company call detail
records. This reconciliation should be performed routinely and as
soon as possible after the records become available.
We strongly urge that J-STD-025A and other interception standards and
practices be evaluated critically against countermeasures such as
those described in our paper and, more generally, against a broad
threat model. Our analysis was by design limited in scope, with no
attempt made to be comprehensive or exhaustive, and yet easily
exploitable weaknesses were quickly found. It appears that a
systematic search for vulnerabilities under a threat model that
includes subject-initiated countermeasures was not a part of the
development process for either the J-STD-025A standard or many of the
systems that implement it. We suggest that the law enforcement
community develop and articulate security and assurance requirements
for interception systems, against which existing and future standards
and technologies can be measured.
In these MP3 audio captures, Alice and Bob are suspected of illegal
activity and are the subjects of a full audio Title III wiretap
interception on Alice's line. Alice uses C-tone spoofing to
selectively suppress recording of part of the conversation. The
recordings were created in our laboratory on a simulated telephone
network with various wiretapping products.
Use the browser "back" button to return here after
visiting these links:
- This link [observed.mp3] gives
the audio stream as captured and recorded by a Recall
Technologies NGNR-2000 law enforcement loop extender wiretap
system connected to Alice's line. Note the C-tone burst at the
end of the recording (which ordinarily indicates that the tapped
party has hung up and which causes recording to terminate). To
the law enforcement agency, this appears to be a normal
recording of a brief call.
- This link [unobservered.mp3]
gives the full conversation between Alice and Bob, as captured
by an inexpensive, consumer-grade telephone recorder interface
(sold by Radio Shack) connected to Alice's line.
The full version of our research paper can be found online (PDF
format, 500KB file) at http://www.crypto.com/papers/wiretap.pdf,
and appears in the November/December 2005 issue of IEEE Security
Crypto.com home page here.