-- On 31 Jan 2005 at 12:47, Eugen Leitl wrote:

" Because there is no cryptographic trust or any form of trust authority in the Skype network, any super node that returns the information about "other_dude" is trusted by my node.

An aside... SSL certificates are signed by a trusted third party. That third party validates that the certificate is held by the organization that claims to hold the certificate. Using SSL insures that the party that I'm communicating with is the party that they claim to be within the bounds that I trust the signer of the SSL certificate *and* that once the connection is established that no one can understand the data exchanged with this party. That initial trust of the signed certification is a critical part of the security of the overall communication. If I do a session key exchange with an unknown party, the communication is *not* secure. This is the case with Skype.

Our experience of trust authorities is that they do not work. The overhead of complying with the trust authority is too great. Users do not do it, or they do it wrong. Phishing is a man in the middle attack, and SSL certificates do not prevent it. SSH provides cryptographic trust without a trusted authority. So it works. SSL does not work, because no end users have certificates, the costs of dealing with a trusted authority being too great, and because no one checks server certificates except for merely formal compliance.

The Skype network relies on trusting the super-node. A bad seed can perform a man in the middle attack during the session key exchange by posing as the party being contacted (or forwarding the information of another compromised node) to a caller. So, my bad seed is able to route call requests to an untrusted node and do a man-in-the-middle during the key exchange and snoop into my call. The only question is how many bad seeds to you need in order to capture a significant percentage of the routing requests that go over the Skype network. My guess is that the number is in the hundreds. So, with a hundred machines located around the world, I could intercept any Skype call and record it. Pretty scary.

You could intercept any one of them, but if you intercepted a lot of them, you would be detected. Not that I am defending the skype network, but your argument seems to be that the trouble with the skype network is that it did not follow the wise and highly successful example of SSL. Skype's encryption sucks, but it is better than SSL, and better than nothing. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG nsA35QEf54sCT4O3+ya3rXz/7POCQhClk12+GIfH 4ZXr9FoBLh7NawF7on2x2YR5V8MEcm1eKaYjBPd3I