Trillian Secure IM

Alex Pankratov ap at poneyhot.org
Mon Oct 8 00:15:31 EDT 2007


Hi,

I've been poking around Oscar (ICQ/AIM) protocol parsing 
and had a look at Trillian's SecureIM handshake protocol.

For those who don't know, Trillian is a very popular multi-
protocol instant messanging application for Windows. One of
its notable features, for which is got some rave/positive
reviews, is an ability to encrypt ICQ/AIM IMs exchanged by 
two Trillian instances. AOL made repeated attempts to block 
SecureIM, but eventually stopped them [1].

The protocol is closed, but it was reversed engineered by
some guys over at GAIM project. It appeared to be a Blowfish
encryption of bulk IMs using a key derived from an anonymous 
DH exchange [2]. This was also indirectly confirmed by another
project [3].

Leaving aside the lack of authentication and replay protection,
here's what is even more striking -

SecureIM handshake between two version 3.1 (latest) clients 
takes about .. 48 bytes. That's altogether, 32 bytes in one 
direction, and 16 in another. And that's between the clients 
that have never talked to each other before, so there's no 
"session resuming" business happenning.

If that's DH exchange, then it's 128 bit one. Fertile ground
for some interesting speculation, don't you think ?

Alex

[1]
http://en.wikipedia.org/wiki/Trillian_%28instant_messenger%29#Entry_into_mai
nstream_and_the_.22IM_Wars.22
[2]
http://sourceforge.net/tracker/download.php?group_id=235&atid=300235&file_id
=56799&aid=777300
[3] http://code.google.com/p/joscar/wiki/TrillianSecureIm


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list