P2P based Voip software



Yüklə 445 b.
tarix15.10.2017
ölçüsü445 b.
#5081



P2P based VoIP software

  • P2P based VoIP software

  • Founded by the founders of Kazaa

  • Can be downloaded free at:

    • http://www.skype.com
  • Services

    • Both paid and free services available
    • Free
    • - Instant Messaging
    • - Voice and Video communication (PC to PC)


Hierarchical P2P architecture but involves a central Skype authority for registration and certification services

  • Hierarchical P2P architecture but involves a central Skype authority for registration and certification services



Proprietary and closed source software

  • Proprietary and closed source software

  • Employs countermeasures against reverse engineering

  • However, has undergone some reverse engineering attempts over a couple of years

    • Basis of understanding (part of) Skype security protocol


Almost everything is encrypted, including protocol message headers (except some)

  • Almost everything is encrypted, including protocol message headers (except some)

  • Provides:



User registration



    • User selects a unique username (over the skype domain) and a password
    • Sends username and SHA -1 hash of password to the Skype Login Server, encrypted with the public key of the Skype Server
    • Skype server extracts username, hash of password using its private key
    • Public Key of Skype Server known to client during Skype installation




User registration

  • User registration

    • - Register username at Skype server
  • User login

    • - Get the one time public key for the user certified by Skype Server
  • User to User authentication

  • User to User communication



    • User (client application) generates 1024-bits public and private key pair (KA+, KA-) One time key pair for the user for this login session
    • User generates 256-bits AES symmetric key (K)
    • Encrypts KA+, username and SHA-1 hash of password using K.
    • Encrypts K using public key of Skype Server


    • Encrypted KA+, username and password hash and encrypted session key K are sent to the Skype Server
    • Login Server extracts K using its private key and decrypts username, password hash and KA+ using K.
    • If username and password hash match, user is authenticated. Skype Server signs username and KA+ pair to give certificate (CA).
    • CA sent to user




User registration

  • User registration

    • - Register username at Skype server
  • User login

    • - Get the one time public key for the user certified by Skype Server
  • User to User authentication

  • User to User communication



    • Users Alice (A) and Bob (B) want to authenticate and communicate to each other
    • Users get each other’s certificates
      • - Alice sends Bob her certificate (that she obtained from Skype Server) and vice-versa
    • Each use 8 bytes challenge-response method to authenticate each other




User registration

  • User registration

    • - Register username at Skype server
  • User login

    • - Get the one time public key for the user certified by Skype Server
  • User to User authentication

  • User to User communication



    • After mutual authentication, Alice and Bob establish a 256-bits common session key Ks (AES) for encryption
    • Each side contributes 128-bits for the 256-bits long Ks
    • Each side sends its contribution to the other side, encrypted with the latter’s public key
    • Two 128-bits contributions combined in some way to generate the 256-bits secret session key Ks
    • All traffic (voice, video and text) is encrypted




Some part of Skype security protocol has been deciphered

  • Some part of Skype security protocol has been deciphered

  • Skype uses standard cryptographic techniques:

    • RSA
    • AES
    • SHA-1


1) An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol by S. A. Baset and H. Schulzrine

  • 1) An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol by S. A. Baset and H. Schulzrine

    • http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf
  • 2) Silver Needle in Skype by P. Biondi and F. Desclaux

    • http://www.secdev.org/conf/skype_BHEU06.handout.pdf
  • 3) Skype Security Evaluation by T. Berson

    • http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf


Yüklə 445 b.

Dostları ilə paylaş:




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət

    Ana səhifə