Technocrat

Major progress on Skype reverse engineering

Beryllium Sphere(r)
Thu Mar 23 20:31:58 -0800 2006
Security.
manage

The popular voice over IP and instant messaging client Skype has been a mystery. It Just Works, but how it works has been obscured by encrypted protocol streams, obfuscated binaries, and the company's decision not to publish data that would allow cloning.

End users love Skype, but it could drive a network administrator to Zantac and Xanax. For one thing, a key reason that it Just Works is that it includes just about every firewall traversal trick known. Then, once your firewall is opened, you can't run your IDS on the incoming traffic or monitor the outgoing traffic because both are encrypted.

At least that's the way matters stood until last week, when the VON conference heard a presentation by EADS about reverse engineering the Skype binary and protocol

The researchers hacked through an impressive thicket of binary obfuscation, debugger traps, and polymorphic checksumming with the following results:

  • They claim they can conduct a crypto protocol handshake with a Skype peer
  • They found that the crypto was generally well used, except for a defect in the way Skype scrambles its protocol packets. It's a different system from the voice encryption, it's not intended to be as strong, but come on -- using the same RC4 key twice?!
  • As a result, they learned enough about the setup protocol to write (they believe) a firewall rule which can block Skype.
  • They found a new heap overflow vulnerability, though they didn't go on to see what would happen if they tried to turn it into an exploit.
  • They figure that if you can speak the Skype protocol you can put malicious nodes on the network and do man-in-the-middle eavesdropping attacks on the encrypted voice streams.
Major progress on Skype reverse engineering
ziv
Fri Mar 24 04:20:20 -0800 2006
 manage
Interesting.

They figure that if you can speak the Skype protocol you can put malicious nodes on the network and do man-in-the-middle eavesdropping attacks on the encrypted voice streams.

Actually slide 88 says that skype Inc could evesdrop but if other want to evesdrop they have to "Lure your victim into using your modified Skype version". That dosn't seem like much of a hole to me. If an adversary can get their own software on a targets computers it's toast.

I don't trust Skype by default.

J.B. Nicholson-Owens
Fri Mar 24 09:44:52 -0800 2006
 manage

I'd say it's a significant hole because, by default, I don't trust the people at Skype. I wouldn't want to give them the opportunity to spy on my conversations. I don't have this same problem with encrypted conversations going through similarly untrustworthy systems because none of those people can effectively decrypt what I'm passing through their systems. I might have a problem with the person at the other end, particularly if they're using a proprietary OS to decrypt the conversation. However, I'd ostensibly know the person I'm conversing with (regardless of medium: voice, email, something else) and can choose whether to converse with them.

I think that reverse engineering Skype's protocol is a major advance because this will make possible a FLOSS Skype client; a technical approach to create and maintain competition, and make Skype's network nothing special over other means of VOIP that are unencumbered. This work has the potential to drag Skype into being a community resource instead of a proprietary service. Unfortunately it will also mean Skype (a proprietor) will change the protocol and/or encryption in order to throw off compatibility with FLOSS Skype clients (which is also one of the reasons Microsoft changes the file formats used in Microsoft Office). If they haven't already, they'll also become big fans of the idea that this is their "property" where they can dictate what software can be used with the Skype service; a legalistic way to eliminate competition when the technical approach fails.
I don't trust Skype by default.
Kagenin
Sat Mar 25 02:32:08 -0800 2006
 manage
Why so distrustful of skype?  Yah, they're the same folks who made Kazaa, but I have never had the malware issues that Kazaa had with Skype.

I've been using skype for a while now, including SkypeIn/Out.  Unless you have any evidence that they use their software to spy and eavesdrop on conversations, I'd say you're just paranoid and silly.  Skype-to-Skype VoIP calls are Encrypted end-to-end, as are IM sessions.  All this report does is shed some light on the weaknesses of the crypto, and I forsee Skype patching things up to make this report outdated within a month.

Look at the alternatives:  Yahoo, AIM, or MS Messenger.  I'll take the International company over these 3 evils anyday - you're paranoid about eavesdropping?  None of these sport any crypto at all...
I don't trust Skype by default.
J.B. Nicholson-Owens
Sun Mar 26 01:11:27 -0800 2006
 manage

I think I was sufficiently detailed when I wrote the first time, but I'll try to clarify (hopefully the Technocrat site will let me post twice in this thread). Proprietary software is untrustworthy by default; you can't really know what it's doing because you either aren't allowed to decompile it or you have no source code to inspect. Network analysis only tells what it's doing at analysis time. When you have no idea what the program is specified to do, you can't be sure you have no "malware issues" with it because (for all you know) the "malware issues" have already done something you wouldn't want done if you knew about it, or the problems have yet to strike but will strike under certain circumstances. I want my freedom to treat other people as neighbors, not entice them to adopt prohibitions on what they can learn.

Again, please note this has nothing to do with how many people are programmers or whether one must be an expert to properly assess something; I'm talking about something that occurs before one's expertise can come into play: prohibitions on learning.

It is unwise to trusting proprietary encryption. Any proprietary changes made to Skype will be just as untrustworthy as the rest of the program. Proprietary encryption is basically a black box: you're endorsing putting your data into it and hoping everything comes out alright. Trying to reframe the debate to prove that dissenters are merely "paranoid and silly" is shameful; I don't need to wait for bad things to become widely known to see the problems in the design. Lots of people who make encryption software have the best of intentions and poor implementations. You need the ability to fix things, have someone justifiably trustworthy fix them for you, and that means you need software freedom.

As for alternatives, I can pass encrypted messages over a number of protocols which I'm allowed to know using software I have permission to inspect, share, and modify. I can even have my software freedom with the encryption software. If you insist upon live voice chatting, that's available too. Ekiga is free software one could press into service to do encrypted conversations if one wanted to; Zfone (a functional equivalent of PGPfone) is being distributed by Phil Zimmermann and he distributes source code too for a very good reason. Zfone's license might not qualify as a free software license, or Zfone might not be free software for everyone, but even source code inspection is a step closer to what's needed than what proprietary software offers.
I don't trust Skype by default.
Kagenin
Sun Mar 26 10:26:48 -0800 2006
 manage
"Proprietary software is untrustworthy by default"

"It is unwise to trusting [sic] proprietary encryption"

This is actually a situation where I'd prefer there being black box.  Open Source is nice, but when it comes to crypto, I think the less the world knows about a particular algorithm, the stronger that algorithm is.

That said, the options you mentioned are no where near as robust, feature-rich, or as easy to setup as Skype.

Open Source is nice, but in many cases, it's still not ready for prime time.  Believe it or not, Open Source isn't the answer to everything.  I used to think so, too.

I'd love to use something other than Skype, don't get me wrong, its just I don't think there's anything in the consumer VoIP product space that comes close to what it offers.

Again, you don't cite any evidence that the makers of Skype have ever used their network to do anything unethical.  Until I hear otherwise, I'll continue to use Skype, and encourage others to do the same.
I don't trust Skype by default.
archanoid
Mon Mar 27 10:14:40 -0800 2006
 manage
This is actually a situation where I'd prefer there being black box.  Open Source is nice, but when it comes to crypto, I think the less the world knows about a particular algorithm, the stronger that algorithm is.

This is almost always, in almost every case, proven wrong.  Security by obscurity is not security at all.  The process of determining the new AES was entirely out in the open.  The crypto research field is (with a few notable exeptions) very open.  Most closed crypto algorithms are snake oil.  Think peer review.  Without it, crypto is completely untrustworthy.  Crypto is one of those places that open source is MOST valuable.

Fire up a USENET reader and subscribe to sci.crypt.  Or hop over to http://www.schneier.com/ and start reading.
 

Do you have questions about the site? Write to bruce at perens.com . List of all articles we've ever published. Source Code Developer's Documentation RSS XML Sitemap XML News Sitemap Valid XHTML 1.0 Strict Valid CSS! [Valid RSS]