CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through

Crypto Phones aim to establish end-to-end secure voice (and text) communications based on human-centric (usually) short checksum validation. They require end users to perform: (1) checksum comparison to detect traditional data-based man-in-the-middle (data MITM) attacks, and, optionally, (2) speaker verification to detect sophisticated voice-based man-in-the-middle (voice MITM) attacks. However, research shows that both tasks are prone to human errors making Crypto Phones highly vulnerable to MITM attacks, especially to data MITM given the prominence of these attacks. Further, human errors under benign settings undermine usability since legitimate calls would often need to be rejected. We introduce Closed Captioning Crypto Phones (CCCP), that remove the human user from the loop of checksum comparison by utilizing speech transcription. CCCP simply requires the user to announce the checksum to the other party--the system automatically transcribes the spoken checksum and performs the comparison. Automating checksum comparisons offers many key advantages over traditional designs: (1) the chances of data MITM due to human errors and "click-through" could be highly reduced (even eliminated); (2) longer checksums can be utilized, which increases the protocol security against data MITM; (3) users' cognitive burden is reduced due to the need to perform only a single task, thereby lowering the potential of human errors. As a main component of CCCP, we first design and implement an automated checksum comparison tool based on standard Speech to Text engines. To evaluate the security and usability benefits of CCCP, we then design and conduct an online user study that mimics a realistic VoIP scenario, and collect and transcribe a comprehensive data set spoken by a wide variety of speakers in real-life conditions. Our study results demonstrate that, by using our automated checksum comparison, CCCP can completely resist data MITM, while significantly reducing human errors in the benign case compared to the traditional approach. They also show that CCCP may help reduce the likelihood of voice MITM. Finally, we discuss how CCCP can be improved by designing specialized transcribers and carefully selected checksum dictionaries, and how it can be integrated with existing Crypto Phones to bolster their security and usability.