[smb at cs.columbia.edu: Skype security evaluation]

cyphrpunk cyphrpunk at gmail.com
Mon Oct 24 13:50:50 EDT 2005


On 10/23/05, Travis H. <solinym at gmail.com> wrote:
> My understanding of the peer-to-peer key agreement protocol (hereafter
> p2pka) is based on section 3.3 and 3.4.2 and is something like this:
>
> A -> B: N_ab
> B -> A: N_ba
> B -> A: Sign{f(N_ab)}_a
> A -> B: Sign{f(N_ba)}_b
> A -> B: Sign{A, K_a}_SKYPE
> B -> A: Sign{B, K_b}_SKYPE
> A -> B: Sign{R_a}_a
> B -> A: Sign{R_b}_b
>
> Session key SK_AB = g(R_a, R_b)

But what you have shown here has no encryption, hence no secrecy.
Surely RSA encryption must be used somewhere along the line. The
report doesn't say anything about the details of how that is done. In
particular, although it mentions RSA signature padding it says nothing
about RSA encryption padding.

Is it possible that Skype doesn't use RSA encryption? Or if they do,
do they do it without using any padding, and is that safe?

CP

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list