Skype security

Part of a series on
Skype
Skype Limited
Features of Skype
Skype protocol
Skype security

Skype is a Voice over Internet Protocol (VoIP) system developed by Skype Technologies S.A. It is a peer-to-peer network in which voice calls pass over the Internet rather than through a special purpose network. Skype users search for other users to connect to, enabling them to search other Skype users and send them messages.

Skype uses 256 bit AES encryption to encrypt communication between users,[1][2] complicating the decryption of these communications.[3] Skype's encryption is inherent in the Skype Protocol and is transparent to callers. Because of this integration the communication between users is considered to be private, although several security concerns exist.

Contents

Security policy

The company's Policy includes:

  1. Usernames are unique.
  2. Callers must present a username and password or other authentication credential.
  3. Each caller provides the other with proof of identity and privileges whenever a session is established. Each verifies the other’s proof before the session is allowed to carry messages.
  4. Messages transmitted are encrypted from caller to caller. No intermediate node (router) has access to the meaning of these messages.

Implementation and protocols

Registration

Skype holds registration information both on the caller's computer and on a Skype server. Skype uses this information to authenticate call recipients and to assure that callers seeking authentication are accessing a Skype server rather than an impostor. Skype uses public key encryption as defined by RSA to accomplish this.

The Skype server has a private key, and distributes that key's public counterpart with every copy of the software. As part of user registration, the user selects a desired username and password. Skype locally generates public and private keys. The private key and a hash of the password are stored as securely as possible on the user's computer.

Then a 256-bit AES-encrypted session is established with the Skype server. The client creates a session key using its random number generator.

The Skype server verifies that the selected username is unique and that follows Skype's naming rules. The server stores the username and a hash of the hash of the user's password [H(H(P))] in its database.

The server now forms and signs an identity certificate for the username that binds the username, its verification key and the key identifier.

Peer-to-peer key agreement

For each call, Skype creates a session with a 256-bit session key. This session exists as long as communication continues and for a fixed time afterward. As part of connecting a call, Skype securely transmits the session key to the call recipient. That session key is then used to encrypt messages in both directions.

Session cryptography

All traffic in a session is encrypted using the AES algorithm running in Integer Counter Mode (ICM). Skype encrypts the current counter and a salt with the session key using the 256 bit AES algorithm. This returns the key stream, which is then XORed with the message content. This produces encrypted ciphertext, which is then transmitted to the recipient. Skype sessions contain multiple streams. The ICM counter depends on the stream, and the location within the stream.

Random number generation

Skype uses random numbers for several cryptographic purposes, for instance as a protection against playback attacks, creation of RSA key pairs, and creation of AES key-halves for content encryption. The security of a Skype peer-to-peer session depends significantly on the quality of the random numbers generated by both ends of the Skype session. Random number generation varies by operating system.[4]

Cryptographic primitives

Skype uses standard cryptographic primitives to achieve its security goals. The cryptographic primitives used in Skype are: the AES block cipher, the RSA public-key cryptosystem, the ISO 9796-2 signature padding scheme, the SHA-1 hash function, and the RC4 stream cipher.

Key agreement protocol

Key-agreement is achieved using a proprietary, symmetric protocol. To protect against a playback attack, the peers challenge each other with random 64-bit nonces. The challenge response is to customize the challenge in a proprietary way and returned it signed with the responder’s private key.

The peers exchange Identity Certificates and confirm that these certificates are legitimate. Because an Identity Certificate contains a public key, each end can then confirm signatures created by the other peer. Each peer contributes 128 random bits to the 256-bit session key.

Flaws and potential flaws

While Skype encrypts users' sessions, other traffic including call initiation can be monitored by unauthorized parties.

The other side of security is whether Skype imposes risk on its user's computers and networks. In October 2005 a pair of security flaws were discovered and patched. Those flaws made it possible for hackers to run hostile code on computers running vulnerable versions of Skype. The first security bug affected only Microsoft Windows computers. It allowed the attacker to use a buffer overflow to crash the system or to force it to execute arbitrary code. The attacker could provide a malformed URL using the Skype URI format, and lure the user to request it to execute the attack. The second security bug affected all platforms; it used a heap-based buffer overflow to make the system vulnerable.

According to the ACLU, the Act is inconsistent with the original intent of the Fourth Amendment to the U.S. Constitution;[26] more recently, the ACLU has expressed the concern that the FCC interpretation of the Act is incorrect.[27][28]

Notes

  1. Silver Needle in the Skype — Philippe Biondi [2]
  2. VoIP and Skype Security - Simson Garfinkel [3]
  3. Skype Security Evaluation — Tom Berson [4]
  4. Skype Official web site — Skype security resource center [5]

References

  1. ^ http://www.ossir.org/windows/supports/2005/2005-11-07/EADS-CCR_Fabrice_Skype.pdf
  2. ^ http://support.skype.com/faq/FA145/What-type-of-encryption-is-used?frompage=search&q=encryption
  3. ^ Lynn Hathaway (June 2003). "National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information" (PDF). Archived from the original on 2008-05-28. http://web.archive.org/web/20080528105849/http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf. Retrieved 2008-11-02. 
  4. ^ Vanilla Skype an overview of skype clients and protocols
  5. ^ Simson Garfinkel - VoIP and Skype Security
  6. ^ a b c d Max, Harry. "Skype: The Definitive Guide". Que Publishing. http://www.amazon.com/dp/032140940X/. Retrieved 2006-08-22. 
  7. ^ [1]
  8. ^ This is similar to the type of granted access that the SETI download applications presented.
  9. ^ a b c d e Biondi, Philippe; DESCLAUX, Fabrice. "Silver Needle in the Skype". blackhat. http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf. Retrieved 2006-03-02. 
  10. ^ pagetable.com » Blog Archive » Skype Reads Your BIOS and Motherboard Serial Number
  11. ^ Skype Security Blog - Skype Extras plug-in manager
  12. ^ The Register » Skype snoop agent reads mobo serial numbers
  13. ^ "Vulnerabilities in Skype". http://www.gnucitizen.org/blog/vulnerabilities-in-skype. Retrieved 2008-01-17. 
  14. ^ Claburn, Thomas. "Skype Addresses Cross-Zone Scripting Vulnerability - Security". InformationWeek. http://www.informationweek.com/news/internet/showArticle.jhtml?articleID=205901683. Retrieved 2010-06-09. 
  15. ^ "Skype File URI Security Bypass Code Execution Vulnerability". Skype.com. http://webcache.googleusercontent.com/search?q=cache:3Pdv83un9rAJ:www.skype.com/intl/ru/security/skype-sb-2008-003/+Skype+File+URI+Security+Bypass+Code+Execution+Vulnerability%22.&hl=en. Retrieved 2010-06-09. 
  16. ^ ZDNet: Interview with Kurt Sauer „Telefonieren übers Internet: Wie sicher ist Skype wirklich?“, February 13, 2007
  17. ^ guli.com: Textfilter in China, 19. April 2006
  18. ^ "heise online - eBays neue Richtlinien in der Kritik". Heise.de. http://www.heise.de/newsticker/meldung/25199/. Retrieved 2010-06-09. 
  19. ^ "Skype-Gespräche unantastbar?". intern.de. 2007-11-23. http://www.intern.de/news/neue--meldungen/--200711232857.html. Retrieved 2010-06-09. 
  20. ^ Biondi P., Desclaux F (2 March 2006 to 3 March 2006). "Silver Needle in the Skype". EADS Corporate Research Center. http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf. Retrieved 26 January 2009. 
  21. ^ Sokolov, David AJ (24 July 2008). "Speculation over back door in Skype". Heise Security UK. http://www.h-online.com/security/Speculation-over-back-door-in-Skype--/news/111170. Retrieved 26 January 2009. 
  22. ^ Leyde, John (24 July 2008). "Austrian official fuels Skype backdoor rumours". The Register UK. http://www.theregister.co.uk/2008/07/25/skype_backdoor_rumours/. Retrieved 29 January 2009. 
  23. ^ Vilde, Boris (27 July 2008). "Skype Has Back Door for Cops' Eavesdropping". Ohmproject. http://www.ohmproject.org/index.php?option=com_content&task=view&id=65&Itemid=28. Retrieved 29 January 2009. 
  24. ^ http://yro.slashdot.org/story/07/08/26/1312256/Skype-Linux-Reads-Password-and-Firefox-Profile
  25. ^ "Skype Secrecy Under Attack Again". VoIP News. 2009-02-24. http://www.voip-news.com/feature/skype-secrecy-attack-022409. Retrieved 2010-10-10. 
  26. ^ "Big Brother in the Wires: Wiretapping in the Digital Age". ACLU. http://www.aclu.org/privacy/spying/15440pub19980301.html. Retrieved 23 March 2009. 
  27. ^ "CALEA feature page". ACLU. http://www.aclu.org/privacy/gen/20223res20050912.html. Retrieved 23 March 2009. 
  28. ^ "German Authorities Raiding Homes To Find Skype Tapping Whistleblower". Techdirt. 18 September 2008. http://www.techdirt.com/articles/20080918/0208152302.shtml. Retrieved 31 March 2009.