[smb at cs.columbia.edu: Skype security evaluation]

Wed Oct 26 01:52:16 PDT 2005

Is it possible that Skype doesn't use RSA encryption? Or if they do, do
they do it without using any padding, and is that safe?
No ,Skype use RSA encryption:
"Each party contributes 128 random bits toward the 256-bit session key.
The contributions are exchanged as RSA cryptograms. The two
contributions are then combined in a cryptographically-sound way to form
the shared session key."
I.
-----Original Message-----
From: owner-cryptography at metzdowd.com
[mailto:owner-cryptography at metzdowd.com] On Behalf Of cyphrpunk
Sent: Monday, October 24, 2005 8:51 PM
To: Travis H.
Cc: cypherpunks at jfet.org; cryptography at metzdowd.com; berson at anagram.com
Subject: Re: [smb at cs.columbia.edu: Skype security evaluation]
X-Approval-Subject: BOUNCE cypherpunks at al-qaeda.net:    Non-member submission from ["Ivars Suba" <Ivars.Suba at bank.lv>]   

On 10/23/05, Travis H. <solinym at gmail.com> wrote:
> My understanding of the peer-to-peer key agreement protocol (hereafter
> p2pka) is based on section 3.3 and 3.4.2 and is something like this:
>
> A -> B: N_ab
> B -> A: N_ba
> B -> A: Sign{f(N_ab)}_a
> A -> B: Sign{f(N_ba)}_b
> A -> B: Sign{A, K_a}_SKYPE
> B -> A: Sign{B, K_b}_SKYPE
> A -> B: Sign{R_a}_a
> B -> A: Sign{R_b}_b
>
> Session key SK_AB = g(R_a, R_b)

But what you have shown here has no encryption, hence no secrecy.
Surely RSA encryption must be used somewhere along the line. The report
doesn't say anything about the details of how that is done. In
particular, although it mentions RSA signature padding it says nothing
about RSA encryption padding.

Is it possible that Skype doesn't use RSA encryption? Or if they do, do
they do it without using any padding, and is that safe?

CP

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
majordomo at metzdowd.com

-
This e-mail is intended for the addressee(s) named above. It may contain confidential information, and any unauthorised disclosure, use or dissemination, either in whole or in part, is prohibited. If you have received this e-mail in error, please notify the sender immediately via e-mail and delete this e-mail from your system.

Communications by e-mail are not subject to the same verification procedures as paper-based communications, therefore this e-mail is in no way whatsoever binding on the Bank of Latvia.