Skype Encryption (Partly) Revealed 151
TSHTF writes "Just weeks after Skype unveiled a public API for the service, a group of cryptographers led by Sean O'Neill have successfully reverse engineered the encryption used by the Skype protocol. Source code is available under a non-commercial license which details Skype's implementation of the RC4 cipher." The linked article cautions, however, that "initial analysis suggests that O'Neill's publication does not mean that Skype's encryption can be considered 'cracked'. Further study will be needed to determine whether key expansion and initialisation vector generation are secure."
Re:Skype still sucks (Score:2, Informative)
Re:Skype still sucks (Score:5, Informative)
For me Gizmo5 and sipgate.com provide all the VoIP services I used to use skype for. In fact when I combine Google Voice with either Gizmo5 or sipgate.com, and a Linksys 3102 SPA box, I can not only replace skype, but replace my land line as well. I also do most voice communication at home, so I ditched my cell plan and got a T-mobile prepaid plan. Now if I receive a call via GV on my cell phone, the moment I walk in the door I can transfer it to VoIP.
If I had an asterisk box set up, I could probably do GV-connected outbound calling automagically from my land phone. At the moment I place most calls via the web interface.
I know Skype can do IM and video chat, but frankly I never needed that. so yes, SIP is a good alternative. And ekiga can do both SIP and video chatting using open protocols. Works quite great, despite SIP's retardedness.
Re:implications? (Score:5, Informative)
None of this harms Skype's existing security in any way. Encryption, if properly implemented, is secure even when all of the mechanisms are known
ROT13 isn't secure when it's known.
Like ROT13, RC4 is an antiquated cipher with many known issues; and a modified version of RC4 could be even less secure than the vanilla implementation. No-one should be using it these days when there are much better alternatives available.
The key scheduling is what's important (Score:5, Informative)
The actual RC4 cipher has bad key scheduling issues. Because the initialization step doesn't mix the key bytes well enough into the S-box, the first bytes of the keystream (which is XOR'd with the plaintext to produce the ciphertext) leak lots of data about the key. This is a major problem with WEP (there are, of course, others). Cryptographers recommend discarding the beginning of the keystream because of this weakness. Nevertheless, RC4 is popular because it is byte-oriented and fast. Even 8-bit machines can implement it trivially.
Ultimately, it comes down to the key scheduling. If Skype has a better key-scheduling algorithm, it may actually improve security over standard RC4.
Re:implications? (Score:3, Informative)
That depends on what you mean by "security." If "security" means having a monopoly on sales of an implementation of a popular protocol... ;-)
The big question about Skype has always been: how are the using the asymmetic stuff? How does each client know whose public key it's using?
Re:Skype still sucks (Score:3, Informative)
It is proprietary, centralized, bloatwared, closed, and bandwidth intensive.
maybe a non-crashy linux client will be your savior.
There are about 500 million Skype accounts.
40 million or so people using the service on any given day. Skype [wikipedia.org]
You don't "dial out" to stress-test the technology - you dial out in the hope that someone will be there to answer your call.
Universal v. Reimerdes (Score:3, Informative)
A C&D for a clean-room reversed engineering of a publicly-available algorithm? Methinks not.
Methinks so. Universal v. Reimerdes.
Re:No other cross platform alternative... (Score:4, Informative)
Re:implications? (Score:3, Informative)
None of this harms Skype's existing security in any way. Encryption, if properly implemented, is secure even when all of the mechanisms are known
ROT13 isn't secure when it's known.
ROT13 isn't encryption. It's a trivial unkeyed encoding.
Like ROT13, RC4 is an antiquated cipher with many known issues; and a modified version of RC4 could be even less secure than the vanilla implementation. No-one should be using it these days when there are much better alternatives available.
RC4 is also a widely-known and deeply-studied cipher. It has some known weaknesses, but workarounds for those weaknesses are also known. It's also very efficient and a stream cipher is the right kind of cipher for this application. I agree that there are better alternatives, but unless they mucked up the implementation, there's every reason to believe that Skype's encryption is secure.
Re:So, if I'm reading this right... (Score:4, Informative)
http://ekiga.org/ [ekiga.org]