Skype Transport-Layer Security


Transport layer is a term defined by the Open Systems Interconnection (OSI) standard, which is a reference model that speaks to the end-to-end transfer of data between users and systems in a network. Transport-layer security is a concept that speaks to the degree to which network traffic between such systems is protected by some sort of cryptographic model.

Skype's use of supernodes and relay hosts as part of its network architecture creates a requirement for robust transport-layer security, because under certain circumstances, Skype network traffic may travel through computers that are not party to a call, text chat, or file-transfer session.

Transport-layer security is important to consumers who are concerned about privacy. This type of security prevents anybody who may have access to a Skype supernode or relay host from interfering with or capturing any part of a Skype communication, even if they somehow manage to collect or sniff network data packets.

For businesses that are concerned about competitive intelligence gathering, strong security is a basic requirement. Working in concert with Skype's supernode-based P2P architecture, the security model prevents a competitor from installing a computer on the Internet in the path of incoming and outgoing calls for the purpose of eavesdropping.

To understand how Skype's security works, first you must understand how the authentication of a Skype user is validated, how a session is established, and how encryption is handled.

Note

For the purpose of clarity, the following discussion will not make any distinction between voice calls, instant messages (IMs), and file transfers. It will simply refer to caller and recipient to prevent any confusion. Please note that any time you see the word caller, it could mean that the Skype user wants to initiate any kind of communication supported by Skype, regardless of whether it is a voice call, IM, or file transfer.


Skype User Authentication

Skype employs the public-key cryptographic model with signed digital credentials to validate the authenticity of Skype users, as well as to reduce the need for centralized infrastructure.

With public-key/private-key cryptography, one of the keys is made public (meaning that it can be broadly distributed), and the other key remains secret. Although the two keys are related, they are independent. There is no way to use one of the keys to determine the other key, and both are needed to complete the transaction.

When an end user signs in using a valid Skype Name and password, the user's Skype application connects to a centralized server for authentication. When the connection is validated, the user's Skype application receives a signed digital credential from the Skype authentication server. This digital credential is signed using a private key that is maintained at Skype Technologies.

The public key required to verify another user's digital credential is stored in each Skype application and must be used to validate the digital credential. Signed digital credentials are valid for only a certain period and are renewed periodically by Skype Technologies to enhance security further.

When the Skype application receives a signed digital credential and validates its authenticity, that credential can be presented to other Skype applications on behalf of a given user who is trying to establish contact. When the authentication process is complete, there is no need for any recipient to check in with any centralized infrastructure to verify a caller's authenticity.

Note

To the Skype network, a Skype user is a simply a Skype Name that has been authenticated properly to the network. Although a Skype user typically runs only one Skype application instance, an individual can have multiple Skype accounts with unique Skype Names, passwords, and profiles.


How a Session Is Established

When one Skype user wants to communicate with another Skype user, the connection and session are established in a very specific way. A description of this process illuminates where transport-layer security is necessary to ensure privacy on the Skype network.

When a user is online, his Skype application maintains a persistent connection to a supernode. This persistent connection is what allows Skype to provide a useful and consistent sense of a user's presence and availability on the network.

When starting a call, IM, or file transfer, the caller's Skype application first tries to determine whether the recipient is online, using the global indexthe distributed database of users that is maintained in the supernodes.

If the recipient is online, the caller's Skype application gets the network address for the recipient's Skype application, as well as the network address for its associated supernode, both of which are stored in the global index.

Then the caller's Skype application attempts to make a direct connection to the recipient's Skype application. If a direct connection is established, the call, IM, or file transfer begins (see Figure B-1).

Figure B-1. Establishing a direct connection


Sometimes, however, a direct connection cannot be established immediately without additional assistance. This often happens when a recipient is behind a firewall or Network Address Translation (NAT) device. When this happens, the caller's Skype application sends a message to the recipient's supernode, requesting that it be forwarded to the recipient's Skype application. The message from the caller's Skype application is intended to alert the recipient's Skype application that there is a desire to connect with it, as well as an inability to make a direct connection.

This message signals the recipient's Skype application to try to make direct contact with the caller's Skype application in the opposite direction. If a connection can be established using this reverse path, the call, text chat, or file transfer begins (see Figure B-2).

Figure B-2. Establishing a reverse connection


If, however, it is impossible for the two Skype applications to communicate directly, the call, IM, or file transfer must be routed through other special nodes on the Skype network, called relay hosts.

Next, both the caller's and recipient's Skype applications connect to the relay hosts. When this happens, the conversation is spread among the relay hosts to ensure call quality, completion, and fault tolerance (see Figure B-3). The relay hosts remain active for the duration of the session.

Figure B-3. Establishing a connection with relay hosts


Transport-layer security is a fundamental requirement in the Skype P2P architecture, because to complete a connection, supernodes and relay hostspeer nodes that are not party to the callmay be involved. The Skype security model prevents relay hosts from eavesdropping on relayed calls, because all communication between the caller and recipient is encrypted end to end between pairs of nodes (see Figure B-4).

Figure B-4. End-to-end security


When a connection is established (but before a voice call, text chat, or file transfer begins), each Skype application involved in the session must present a digital credential and agree on an Advanced Encryption Standard (AES) encryption key, which is described in the following section.

How Encryption Is Handled

Skype relies on a system of public and private keys to keep the contents of communication confidential. All Skype network traffic is encrypted to ensure privacy. This includes all signals used to control the Skype network, as well as communications content, such as voice, text, and data. The use of encryption here means that it is not possible to know what information is traveling in the Skype network among nodes, supernodes, or relay hosts.

The cryptographic model behind Skype employs both public-key and symmetric-key cryptography, including the AES algorithm, used in 256-bit integer counter mode.

Note

AES, which was originally named Rijndael (pronounced "Rhinedahl") after its inventors, has been adopted by the U.S. government to protect sensitive information. In 256-bit encryption, a total of 1.1 x 1,077 possible keys are provided to encrypt the data actively in each Skype call, IM, and file transfer.


Skype also uses 1,024-bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login, using 1,536-or 2,048-bit RSA certificates.

When a connection is established as described earlier in this appendix, each Skype application generates half of a 256-bit symmetric key. These keys are exchanged and joined to create a 256-bit session key, which is valid for the life of the session. Each session gets its own 256-bit key. In the case of a three-party conference call, three simultaneous calls are set up, each with its own session and different key. This sharing of symmetric AES keys makes it possible for Skype to be an authenticated channel between two or more valid Skype users.

For efficiency, Skype relies on public-key cryptography to validate signatures on credentials for the purpose of negotiating a symmetric key; then it uses symmetric-key cryptography for secure communication between Skype applications. The public-key cryptographic model enables a Skype application to receive private messages that only it can read and to issue signed messages that no one else could have created.

No one (not even Skype Technologies) has a copy of the key shared by the parties to a call. There is neither sharing nor disclosure of keys to any parties other than the pairwise sharing to establish a 256-bit session key. And when a session ends, the keys are discarded. Encryption keys are neither escrowed to third parties nor disclosed to the Skype users.




Skype. The Definitive Guide
Skype: The Definitive Guide
ISBN: 032140940X
EAN: 2147483647
Year: 2004
Pages: 130

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net