Simson Garfinkel analyses Skype - Open Society Institute

Adam Shostack adam at homeport.org
Fri Jan 28 12:48:56 EST 2005 

On Thu, Jan 27, 2005 at 03:22:09PM -0800, David Wagner wrote:
| Adam Shostack <adam at homeport.org> writes:
| >On Mon, Jan 10, 2005 at 08:33:41PM -0800, David Wagner wrote:
| >| In article <41E07994.5060004 at systemics.com> you write:
| >| >Voice Over Internet Protocol and Skype Security
| >| >Is Skype secure?
| >| 
| >| The answer appears to be, "no one knows".  The report accurately reports
| >| that because the security mechanisms in Skype are secret, it is impossible
| >| to analyze meaningfully its security.  Most of the discussion of the
| >| potential risks and questions seems quite good to me.
| >| 
| >| But in one or two places the report says things like "A conversation on
| >| Skype is vastly more private than a traditional analog or ISDN telephone"
| >| and "Skype is more secure than today's VoIP systems".  I don't see any
| >| basis for statements like this.  Unfortunately, I guess these sorts of
| >| statements have to be viewed as blind guesswork.  Those claims probably
| >| should have been omitted from the report, in my opinion -- there is
| >| really no evidence either way.  Fortunately, these statements are the
| >| exception and only appear in one or two places in the report.
| >
| >The basis for these statements is what the other systems don't do.  My
| >Vonage VOIP phone has exactly zero security.  It uses the SIP-TLS
| >port, without encryption.  It doesn't encrypt anything.  So, its easy
| >to be more secure than that.  So, while it may be bad cryptography, it
| >is still better than the alternatives.  Unfortunately.
| 
| I don't buy it.  How do you know that Skype is "more secure", let alone
| "vastly more private"?  Maybe Skype is just as insecure as those other
| systems.  For all we know, maybe Skype is doing the moral equivalent
| of encrypting with the all-zeros key, or using a repeating xor with a
| many-time pad, or somesuch.  Without more information, we just don't know.

The 'vastly more secure' is not my claim.  My claim is that it is
somewhat better.  Even if it's using an RC4 key of all-zeros, it is
somewhat better than what I have today, because today, my voip calls
don't even have that, and as far as I can see, I can use asterisk's
codec translator API to turn tcpdump captured streams into mp3.
(http://www.asterisk.org/index.php?menu=architecture).  The effort to
get skype data is slightly higher.  Until shown otherwise, I expect a
grad student could do it in a weekend.  However, that same grad
student could build me a wiretap for VOIP in an hour.  (By which
metric, Skype is nearly 50x as secure!!!!  :)

| I'm sorry to pick nits, but I have to stand by my statement.  No matter
| how atrociously bad other systems may be, I don't see any basis for saying
| that Skype is any better.  It might be better, or it might be just as bad.
| We don't know.

I hate arguing by analogy, but:  VOIP is a perfectly smooth system.
It's lack of security features mean there isn't even a ridge to trip
you up as you wiretap.  Skype has some ridge.  It may turn out that
it's very very low, but its there.   Even if that's just the addition
of an openssl decrypt line to a reconstruct shell script.

In that case, the value of 'better' is vanishingly small, but it will
still take an attacker at least 5 minutes to figure that out.  That
was my claim.  Similarly, I'd put VOIP above a POTs line, because I've
tapped POTS lines with aligator clips and mis-functioning cordless
phones.  We agree that its not 'interesting' or 'useful' security.

Adam

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list