Simson Garfinkel analyses Skype - Open Society Institute

Joseph Ashwood ashwood at msn.com
Wed Jan 12 02:48:47 EST 2005


----- Original Message ----- 
From: "David Wagner" <daw at cs.berkeley.edu>
Subject: Simson Garfinkel analyses Skype - Open Society Institute


> In article <41E07994.5060004 at systemics.com> you write:
>>Is Skype secure?
>
> The answer appears to be, "no one knows".  The report accurately reports
> that because the security mechanisms in Skype are secret, it is impossible
> to analyze meaningfully its security.

Actually that is not entirely true. While Skype has been getting more than 
it's fair share of publicity lately surrounding it's security the truth is 
that shortly after it's first release I personally had a discussion in their 
forums (should still be there if you find something by holomntn that's the 
correct one, I haven't discussed anything since). In that discussion it was 
shown that they clearly did not have a solid grasp on security, nor 
apparently had anyone of them read the SIP specification. During that 
conversation, and some future private ones, it has been revealed to me that 
Skype's security is questionable at best, and that they are in fact 
basically relying on security through obscurity. It is likely that this will 
work for quite some time simply because most IM conversations, and most 
phone conversations for that matter are simply not worth listening to.

With that said, in their favor they do have substantial qualities. Because 
they effectively form a routed network an intermediate evesdropping attempt 
will have to sort through a substantial amount of undesired traffic (see 
Rivest on Wheat and Chaff for explaination of the security offered), this is 
possible because although there are security holes, the end stream is 
difficult to determine from random (AES/CBC). This creates a substantial 
boost in the amount of effort required to acquire a stream of significance 
unless the endpoints are known. The other big thing in their favor is that 
apparently very few people want to be bothered by analysing the security, 
basically if no one is looking it is secure. Additionally, in version 1.1 
Skype appears to have begun providing a moving target for a break, between 
version 1.0 and 1.1 Skype performed some changes to the protocol, while I do 
not know the exact nature of these, even a simple investigation of the GUI 
shows some changes (IM someone with a different version you will be 
cautioned about protocol changes even though security is not listed), this 
moving target creates the possibility to generate some security through 
obscurity, and the ability to upgrade the security at a moments notice.

Working against them. The biggest thing working against them is that a 
growing number of teenagers are using Skype (a significant portion of 
Gunderson High School in San Jose, Ca actually uses Skype during class, and 
has been busted by me for it). This poses a substantial risk for common 
hacking to occur. This is something that I am unclear on whether or not 
Skype has prepared. As the general populus begins to use Skype more the 
security question becomes of greater importance (reference the attacks on 
Windows that go on every day).

With all that said it is important to note that I have no access to the 
current Skype protocol and I only briefly had limited access to an early 
one, so my analysis may be substantially off.
                    Joe 


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list