Title: Looking into the Skype Protocol
Author: Alex Kirk
Published: March 21, 2006

---

# Looking into the Skype Protocol

March 21, 2006

As you all know, [Skype](http://www.skype.com/) is a very popular Voice-over-IP 
software. Skype also claims that all its communication is encrypted (which raised
some discussion whether you should [considered a criminal](http://arstechnica.com/news.ars/post/20060217-6206.html)(
[digged also](http://www.digg.com/technology/Encrypting_Your_Communication_Means_You_Must_Be_a_Criminal))
if you “hide away” from eavesdropping).

Philippe Biondi and Fabrice Desclaux from EADS [held a talk](http://www.secdev.org/conf/skype_BHEU06.handout.pdf)
at Blackhat Europe conference where they show their latest discoveries.

The talk is rather technical and might be hard to understand. I picked some of the
most interesting points:

 * **Almost everything is obfuscated (looks almost random)**
    This is a sign for
   good use of encryption.
 * **Automatically reuse proxy credentials**
    When Skype gets to know how to use
   your proxy, it will hand on the information to other Skypes.
 * **Traffic even when the software is not used (pings, relaying).**
    I heard quite
   a few times of some office PCs being promoted to Supernodes, generating enormous
   traffic.
 * **No clear identification of the destination peer**
    The destination IP is not
   disclosed to a firewall for example, network administrators can’t block certain
   IPs.
 * **Many protections, antidebugging tricks, and ciphered code**
    This is an attempt
   to protect themselves from spies (i.e. hackers, government) but it might also
   hide away secret backdoors or them spying. This is often a problem of closed 
   software. Using this techniques also hinders open source or simply 3rd party 
   software from building compatible clients.

In [Skype’s FAQ](http://www.skype.com/help/faq/privacy.html) they state that they
use AES encryption. This seems to be proved and seems a good thing, but they embed
the data into a proprietary protocol which may have its drawbacks and is incompatible
to others. It’s their right to do so, but this gives much power to those who know
about the inner workings (this does not necessarily only include Skype).

They give as a conclusion:

 * **Impossible to protect from attacks (which would be obfuscated)**
    It basically
   means that we have to trust Skype that they keep up their secrets. There are 
   very many users which makes the Skype audience an interesting target.
 * **Total blackbox. Lack of transparency. No way to know if there is/will be a 
   backdoor**
 * **Skype was made by clever people; Good use of cryptography**
    They admit that
   it was built in a good way. But it’s like the government that may be suspicious
   if you encrypt all your communication. Skype encrypts everything and itself. 
   Should we be suspicious?

Further readings: [Skype network structure](http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf),
[Skype’s Guide for Network Administrators](http://www.skype.com/security/guide-for-network-admins.pdf)

skype, protocol, analysis

[digg it](http://digg.com/security/Looking_into_the_Skype_Protocol)

[Web](https://alex.kirk.at/category/web/)

Read this next

[Delicious Interface Updates](https://alex.kirk.at/2006/03/09/delicious-interface-updates/)

### Leave a Reply 󠀁[Cancel reply](https://alex.kirk.at/2006/03/21/looking-into-the-skype-protocol/?output_format=md#respond)󠁿

Only people in [my network](https://alex.kirk.at/friends/) can comment.

This site uses Akismet to reduce spam. [Learn how your comment data is processed.](https://akismet.com/privacy/)