Emergent Bits of Security: Analyzing Binaries, Code
- If you think that an application is more secure because it’s undocumented, you should read Salman A. Baset and Henning Schulzrinne’s “An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol.” (Thanks, DM)
- Network Computing also discusses the idea, in the context of How Dangerous Was The Cisco Code Theft?.
- Gunnar Peterson mentions a Richard Clark interview, in which he discusses the inevitability of failure, and secure coding issues.
Shouldn’t that be ‘if you think your application is more secure because it’s using encrypted network protocols’? 🙂
All Baset & Schulzrinne’s paper really did was document the over-the-wire communications that take place between the Skype client and various servers, super-nodes, etc.
A much more interesting analysis came from Simson Garfinkel who observed (among other points):
“Skype claims that its system uses the RSA encryption algorithm for key exchange and 256-bit AES as its bulk encryption algorithm. However, Skype does not publish its key exchange algorithm or its over-the-wire protocol and, despite repeated requests, refused to explain the underlying design of its certificates, its authentication system, or its encryption implementation. Therefore it is impossible to validate the company’s claims regarding encryption. It is entirely possible that the data is both encrypted and not secure.”
(emphasis mine)
Also, many significant pieces of Skype’s traffic are not encrypted. This could lead to exposure of information about who’s being called, directory lookups, etc. The voice may be encrypted (regardless of how effectively) but many other, almost-as-significant pieces of the call set-up are not adequately protected.
Emergent Bits of Security: Analyzing Binaries, Code
Good piece on Skype and security:…