[IP] more on Simson Garfinkel analyses Skype - Open Society Institute -- interesting set of comments djf (fwd from dave at far

James A. Donald jamesd at echeque.com
Mon Jan 31 05:38:34 PST 2005

On 31 Jan 2005 at 12:47, Eugen Leitl wrote:
> " Because there is no cryptographic trust or any form of
> trust authority in the Skype network, any super node that
> returns the information about "other_dude" is trusted by my
> node.
> An aside... SSL certificates are signed by a trusted third
> party. That third party validates that the certificate is
> held by the organization that claims to hold the certificate.
> Using SSL insures that the party that I'm communicating with
> is the party that they claim to be within the bounds that I
> trust the signer of the SSL certificate *and* that once the
> connection is established that no one can understand the data
> exchanged with this party. That initial trust of the signed
> certification is a critical part of the security of the
> overall communication. If I do a session key exchange with an
> unknown party, the communication is *not* secure. This is the
> case with Skype.

Our experience of trust authorities is that they do not work. 
The overhead of complying with the trust authority is too
great.  Users do not do it, or they do it wrong.   Phishing is
a man in the middle attack, and SSL certificates do not prevent

SSH provides cryptographic trust without a trusted authority. 
So it works.  SSL does not work, because no end users have
certificates, the costs of dealing with a trusted authority
being too great, and because no one checks server certificates
except for merely formal compliance.

> The Skype network relies on trusting the super-node. A bad
> seed can perform a man in the middle attack during the
> session key exchange by posing as the party being contacted
> (or forwarding the information of another compromised node)
> to a caller. So, my bad seed is able to route call requests
> to an untrusted node and do a man-in-the-middle during the
> key exchange and snoop into my call. The only question is how
> many bad seeds to you need in order to capture a significant
> percentage of the routing requests that go over the Skype
> network. My guess is that the number is in the hundreds. So,
> with a hundred machines located around the world, I could
> intercept any Skype call and record it. Pretty scary.

You could intercept any one of them, but if you intercepted a
lot of them, you would be detected.

Not that I am defending the skype network, but your argument
seems to be that the trouble with the skype network is that it
did not follow the wise and highly successful example of SSL.

Skype's encryption sucks, but it is better than SSL, and better
than nothing.

         James A. Donald

More information about the cypherpunks-legacy mailing list