Slashdot Mirror

← Back to Stories (view on slashdot.org)

Skype Encryption (Partly) Revealed

Posted by timothy on from the skyping-ahead dept.

TSHTF writes "Just weeks after Skype unveiled a public API for the service, a group of cryptographers led by Sean O'Neill have successfully reverse engineered the encryption used by the Skype protocol. Source code is available under a non-commercial license which details Skype's implementation of the RC4 cipher." The linked article cautions, however, that "initial analysis suggests that O'Neill's publication does not mean that Skype's encryption can be considered 'cracked'. Further study will be needed to determine whether key expansion and initialisation vector generation are secure."

29 of 151 comments (clear)

  1. Skype still sucks by Anonymous Coward · · Score: 5, Interesting

    It is proprietary, centralized, bloatwared, closed, and bandwidth intensive. Simply fixing one of this is not an improvement on the situation.

    Unless you happen to be one of the unfortunate souls whose boss requires all communication to be on skype, then maybe a non-crashy linux client will be your savior.

    1. Re:Skype still sucks by Jorl17 · · Score: 3, Interesting

      Usually I used skype to voice-chat. Then I realized that mumble was good outside gaming. Now I use mumble to do everything and have my own little chat app to communicate via text. Skype is dead for me. Mumble is bandwidth-saving in some cases and the quality is so vastly superior. The disadvantange is that of a centralized server, but I manage that just fine by using an available server OR running my local one. Sure, for conferences it might be worse in terms of bandwidth (all data going to the server = me), but for 2-3 people it is great. This isn't good for video, though, but I don't need that anyway, and I've heard of good apps to do so.

      --
      Have you heard about SoylentNews?
    2. Re:Skype still sucks by commodore64_love · · Score: 3, Interesting

      >>>Name a decent alternative?

      I use a calling card which is only 5 cents per minute and will work regardless where I'm at (home, hotel, payphone along the highway). I've looked at Skype and think it's a cool idea, but don't see that it would save me money, or be as convenient.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    3. Re:Skype still sucks by fuzznutz · · Score: 2, Informative

      Pay-phone? Where do you find pay-phones these days? My daughter's brand new high school has no pay-phone anywhere on the premises. In fact, I can't remember the last pay-phone I saw. I work at a University, and there are no pay-phones in any building on campus.

    4. Re:Skype still sucks by caseih · · Score: 4, Informative

      For me Gizmo5 and sipgate.com provide all the VoIP services I used to use skype for. In fact when I combine Google Voice with either Gizmo5 or sipgate.com, and a Linksys 3102 SPA box, I can not only replace skype, but replace my land line as well. I also do most voice communication at home, so I ditched my cell plan and got a T-mobile prepaid plan. Now if I receive a call via GV on my cell phone, the moment I walk in the door I can transfer it to VoIP.

      If I had an asterisk box set up, I could probably do GV-connected outbound calling automagically from my land phone. At the moment I place most calls via the web interface.

      I know Skype can do IM and video chat, but frankly I never needed that. so yes, SIP is a good alternative. And ekiga can do both SIP and video chatting using open protocols. Works quite great, despite SIP's retardedness.

    5. Re:Skype still sucks by westlake · · Score: 2, Informative

      It is proprietary, centralized, bloatwared, closed, and bandwidth intensive.
      maybe a non-crashy linux client will be your savior.

      There are about 500 million Skype accounts.

      40 million or so people using the service on any given day. Skype

      You don't "dial out" to stress-test the technology - you dial out in the hope that someone will be there to answer your call.

  2. C&D by pak9rabid · · Score: 2, Insightful

    Queue the cease and desist in 3...2...1...

  3. Well by Irick · · Score: 2, Interesting

    Hopefully this means we will see some more 3rd party clients, and maybe some Jabber integration.

  4. Wasn't this done years ago? by Wesley+Felter · · Score: 5, Interesting

    On the Wikipedia page http://en.wikipedia.org/wiki/Skype_protocol I see presentations from 2004 and 2006 about reversing Skype, including its encryption. What's new here compared to the previous work?

    1. Re:Wasn't this done years ago? by girlintraining · · Score: 2, Funny

      What's new here compared to the previous work?

      The date.

      --
      #fuckbeta #iamslashdot #dicemustdie
  5. Re:So, if I'm reading this right... by aliquis · · Score: 5, Insightful

    You know what would be neater? Something not based on a proprietary system, and there are plenty. (Though it could be argued whatever things like SIP is as good.)

  6. implications? by Eil · · Score: 3, Insightful

    None of this harms Skype's existing security in any way. Encryption, if properly implemented, is secure even when all of the mechanisms are known. This is why you can have software like GPG and the zillion open source AES implementations and still use them to reliably protect data from interception.

    What would weaken Skype's security was if someone found a shortcut (by way of a bug or design flaw) to decrypting the data without knowledge of the keys being used. According to TFA, this is what the O'Neill is working on now.

    That said, the source material that O'Neill provided mentions only symmetric ciphers, which means that the keys might be buried in the Skype binaries somewhere. If that's the case, then finding those would break Skype's encryption wide open. But I rather doubt that will happen. We're only seeing part of the story here and I'd bet dollars to donuts that they're using one or more asymmetric ciphers somewhere to transmit keys for the symmetric ciphers.

    1. Re:implications? by 0123456 · · Score: 5, Informative

      None of this harms Skype's existing security in any way. Encryption, if properly implemented, is secure even when all of the mechanisms are known

      ROT13 isn't secure when it's known.

      Like ROT13, RC4 is an antiquated cipher with many known issues; and a modified version of RC4 could be even less secure than the vanilla implementation. No-one should be using it these days when there are much better alternatives available.

    2. Re:implications? by Caledfwlch · · Score: 2, Interesting

      There is a positive implication.... it may count partly towards the transparency that the Indian security agencies want ;-)

      --
      These views express my own personal opinions, not those of the other voices in my head
    3. Re:implications? by Sloppy · · Score: 2, Informative

      None of this harms Skype's existing security in any way

      That depends on what you mean by "security." If "security" means having a monopoly on sales of an implementation of a popular protocol... ;-)

      We're only seeing part of the story here and I'd bet dollars to donuts that they're using one or more asymmetric ciphers somewhere to transmit keys for the symmetric ciphers.

      The big question about Skype has always been: how are the using the asymmetic stuff? How does each client know whose public key it's using?

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    4. Re:implications? by Wesley+Felter · · Score: 2, Insightful

      It's not about security; revealing the protocol hurts Skype's lock-in. For example, the Skype-Asterisk gateway is $66 per channel; imagine if someone created an open source version.

    5. Re:implications? by swillden · · Score: 2, Informative

      None of this harms Skype's existing security in any way. Encryption, if properly implemented, is secure even when all of the mechanisms are known

      ROT13 isn't secure when it's known.

      ROT13 isn't encryption. It's a trivial unkeyed encoding.

      Like ROT13, RC4 is an antiquated cipher with many known issues; and a modified version of RC4 could be even less secure than the vanilla implementation. No-one should be using it these days when there are much better alternatives available.

      RC4 is also a widely-known and deeply-studied cipher. It has some known weaknesses, but workarounds for those weaknesses are also known. It's also very efficient and a stream cipher is the right kind of cipher for this application. I agree that there are better alternatives, but unless they mucked up the implementation, there's every reason to believe that Skype's encryption is secure.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    6. Re:implications? by swillden · · Score: 2, Insightful

      Yes, achieving end-to-end secrecy requires much more than just using a secure encryption algorithm correctly. I was only addressing the cipher.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  7. Re:Reverse Engineered by omnichad · · Score: 2, Insightful

    Oh, this could be used for interoperability - something explicitly allowed under DMCA. It's just like reverse engineering Word's .doc format.

  8. Skype may have better security than you think by DigitAl56K · · Score: 2, Interesting

    Cryptome hosts this 2007 document:

    http://cryptome.org/isp-spy/skype-spy.pdf

    * Skype can provide records showing account creation, financial transaction and use of PSTN interconnections
    * Due to the way by which Skype works, Skype does NOT have any records of user “logins”, “log offs” or other general online/offline status
    * The Skype system is designed in such a way that voicemail is not centrally stored
    * Calls, IMs and other activities between Skype users do not create billing records

    Everything there implies that if you want your communications to be private with respect to what can be provided in response to a subpeona then Skype isn't a bad platform. As to what can be intercepted obviously that is not covered because it's not relevant to that document.

  9. The key scheduling is what's important by bk2204 · · Score: 5, Informative

    The actual RC4 cipher has bad key scheduling issues. Because the initialization step doesn't mix the key bytes well enough into the S-box, the first bytes of the keystream (which is XOR'd with the plaintext to produce the ciphertext) leak lots of data about the key. This is a major problem with WEP (there are, of course, others). Cryptographers recommend discarding the beginning of the keystream because of this weakness. Nevertheless, RC4 is popular because it is byte-oriented and fast. Even 8-bit machines can implement it trivially.

    Ultimately, it comes down to the key scheduling. If Skype has a better key-scheduling algorithm, it may actually improve security over standard RC4.

    1. Re:The key scheduling is what's important by swillden · · Score: 4, Insightful

      Ultimately, it comes down to the key scheduling. If Skype has a better key-scheduling algorithm, it may actually improve security over standard RC4.

      I would hope they didn't create a custom key scheduling algorithm. Odds are good that what they created would be worse. It would be much better to use the standard key schedule and discard the first 2 KB of the keystream -- which is what cryptographers suggest when using RC4.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  10. No other cross platform alternative... by Anonymous Coward · · Score: 4, Insightful

    ...for *video* calls. I use Linux, my daughter uses Apple and my son uses Windows. Skype allows high quality video chat, telephone interconnect/transfer and IP voice calls on all three platforms.

    They may be proprietary and bandwith hogs, but the Skype folks certainly offer a free product with great user appeal. Maybe that's why it's so popular?

    1. Re:No other cross platform alternative... by jrumney · · Score: 3, Informative

      SIP based videophone clients are available for all those platforms. They may not be the same client, but because SIP is an open standard they don't have to be to interoperate. Also H.323 clients should be available for all platforms, one even comes with Windows by default (netmeeting) though it doesn't get an icon in the start menu these days.

    2. Re:No other cross platform alternative... by FriendlyLurker · · Score: 4, Insightful

      I kinda get annoyed when people say "Use SIP" to the "I want to replace Skype with open source/non proprietary" question. Ok so SIP exists and clients are out there, I have even tried a few out with tech orientated friends. Now show me where all my __non tech friends__ can download AND install a sleek simple easy to use SIP client in around three clicks, and be chatting a minute later with no configuration? (the minimum bar that Skype has set). AFAIK such a SIP client does not yet exist - the SIP community has failed to cater even remotely to the only crowd that will actually make SIP relevant on the desktop (and so by extension, other areas).

      Key in Open Source S... and google will show you just how popular it is to search for Skype alternatives - the demand is there. Clicking through the search shows just how sorry the state of SIP actually is. Top listed "Top ten" lists from 2007, half baked solutions. Hardly comparable to Skype's prominent big download button, about three click install and your talking (over an encrypted link, no less).

      I so wish I was wrong about this and there did exist a SIP client where I could email to my non-techy friends and have them chatting in minutes. Maybe one day hopefully, when someone (anyone, please!) in the SIP community get their act together. I'd love nothing more than if someone replied to prove I am wrong here...

    3. Re:No other cross platform alternative... by wrook · · Score: 3, Interesting

      Writing a good, easy to use, high quality SIP client is quite easy these days. Half decent free SIP and RTP libraries exist. Decent free codecs exist. You basically just have to write UI (and not even a complicated UI at that).

      The problem is NAT. To make it work 100% of the time you must always have one leg (or an intermediary carrying the traffic) that isn't behind NAT. If you are behind NAT, Skype routes your call through someone who isn't. In other words, you will be using somebody else's bandwidth for your call. And that someone probably doesn't know you are doing it. Up until this point, there has been no free software author willing to do what Skype has done. Basically, because it is unethical in many people's minds. And free software authors tend to work based on ethics.

      With current routers and UPnP, a lot of the problems can be avoided, but you are still going to run into some situations which you can't really solve point to point. It has occurred to me to have a voluntary bandwidth usage. This should work reasonably well if the software were popular enough and you could limit the amount of bandwidth used.

      I have the skills to write such a thing, but alas I'm busy with other things at the moment. Maybe later...

  11. Universal v. Reimerdes by tepples · · Score: 2, Informative

    A C&D for a clean-room reversed engineering of a publicly-available algorithm? Methinks not.

    Methinks so. Universal v. Reimerdes.

  12. Re:So, if I'm reading this right... by LordVader717 · · Score: 3, Informative

    http://ekiga.org/

  13. Re:Facetime by TheRaven64 · · Score: 2, Insightful

    Facetime is a proprietary standard that Apple has claimed it will open at some point in the future.

    --
    I am TheRaven on Soylent News