

How to intercept Skype calls - maskofsanity
http://www.scmagazine.com.au/News/258827,how-to-intercept-skype-calls.aspx
"Researchers have discovered trick that allows encrypted VoIP calls like Skype to be deciphered without the need to crack encryption.<p>The method, dubbed "Phonotactic Reconstruction", exploited the Linear Predictive Filter, a system used by Voice over Internet Protocol platforms to transmit conversations by creating data sets from spoken English.<p>The researchers from the University of North Carolina said while you shouldn't ditch Skype, cryptographic system that leaked as much information as they managed to get are immediately deemed insecure.
======
JoachimSchipper
People seem to be misinterpreting the article, so here's a technical
explanation:

\- Skype's encryption algorithm is not, itself, broken;

\- Skype uses a "prediction" algorithm to compress voice streams;

\- therefore, words have a specific pattern of bandwidth use (toy example:
"techcrunch" spikes around the "-crunch", since you'd expect "-nology");

\- bandwidth use of encrypted compressed data is equal to bandwidth use of
data that has only been compressed;

\- these patterns (which can be detected "through" the encryption) allow
fairly good reconstruction of the voice stream.

If you like this kind of thing, Google "ssh keystroke timing attacks", or,
more generally, "traffic analysis".

~~~
JabavuAdams
> Skype's encryption algorithm is not, itself, broken

Skype's encryption has not been _cracked_ , but it is broken in the sense that
it preserves exploitable structure in the ciphertext. The ciphertext should be
essentially random, shouldn't it?

~~~
JoachimSchipper
The ciphertext _is_ "essentially random"; the _amount_ of ciphertext (per
second) isn't.

Encryption will keep your wife from reading your letters, but if you send a
hundred letters a month to the new girl at work she might still get
suspicious. Encryption does not promise to prevent that.

~~~
ksolanki
unless you use _steganography_ to hide the existence of communication itself
(see <http://en.wikipedia.org/wiki/Steganography> ).

~~~
borism
Steganography doesn't hide existence of communication, it hides/obscures
existence of messages in it. Important distinction.

~~~
ksolanki
Steganography hides the existence of covert communication. The message is
hidden in an innocuous looking host (say a picture or video that noone would
get suspicious about). So in that sense, the existence of actual communication
is not known to a third party. I did a PhD theses on this topic :)

------
sc00ter
Original research paper:
<http://www.cs.unc.edu/~amw/resources/hooktonfoniks.pdf>

It's a facinitating piece of research, and a great collaberation between the
CompSci and Linguistics depts of this University.

The title above is linkbait, as the paper is about analysing any variable
bitrate audio stream. Mobile phones and enterprise VOIP solutions could be
just as vulnerable. ]

~~~
pnathan
It appears that a defense against this approach is to use a stream cipher with
constant blocklengths. Does that sound like a reasonable interpretation of the
paper?

------
christkv
I think they are saying that they don't need to crack the encryption due to
the encrypted data containing patterns that still matched phonemes. It's
basically a failure in the encryption for skype that the stream is not mixed
up enough to avoid fixed patterns. Makes you wonder how long they have been
decoding skype messages for intelligence reasons.

~~~
FlowerPower
Forever.

When your moneysack is bottomless you can do anything, no need to decrypt it,
man-in-the-middle it, if that cant do, switch the victims CPU for your own
"special" one. Intelligence organizations have been breaking silently into
peoples homes for hundreds of years, its a skill well developed. To then
change a chip on your computer, is peanuts.

~~~
bad_user
Geez, do you also wear a tinfoil hat, or was this humor?

~~~
dnadolny
Humor? The NSA tried to introduce an encryption chip[1] and get
telecommunications providers to use it. It had a backdoor so that they could
decrypt anything that used it.

I vaguely remember hearing other stories where chips were made with secret
backdoors in them, but I can't seem to find any.

[1]: <http://en.wikipedia.org/wiki/Clipper_chip>

------
spoiledtechie
Its pretty intense research and one that is highly valued in the DoD world.
They pay top dollar for this type of research and most likely did. If I
remember correctly, they put out a call about 1 year ago for this type of
"breaking" to be done on Skype. Mainly to listen to calls between suspects...

------
eru
A pretty clever attack. I wonder what the Skype people will do about it. (It
seems like any algorithm that has e.g. a variable transmission rate will be
relatively easy to attack.)

~~~
tomp
> It seems like any algorithm that has e.g. a variable transmission rate will
> be relatively easy to attack.

Not really, just make the variability of bandwidth not depend on the amount of
data that's being transmitted... i.e., add a stochastic factor to it (random).
If there's enough noise, you probably shouldn't be able to decipher the words
spoken.

------
joshaidan
Does anyone know if voice traffic actually passes through super-nodes, or are
super-nodes just used for authentication, and punching holes through NAT? If
it does, can you point to a reference stating this?

Anyway, billions of people have unencrypted conversations through this
telecommunications system called the plain old telephone service. At least
Skype is one step better.

~~~
bdhe
_Does anyone know if voice traffic actually passes through super-nodes, or are
super-nodes just used for authentication, and punching holes through NAT? If
it does, can you point to a reference stating this?_

Yes, Skype traffic does pass through supernodes. I know people working on
using Skype to route around censorship and supernodes allow you to connect two
clients even if the direct connection between them is dropped. Here's an
article in Skype about rate limiting if you're running as a super node which
is further evidence that voice traffic _does_ pass through super-nodes.
<http://forum.skype.com/index.php?showtopic=13780>

------
mirkules
Using pattern recognition to guess words based on occurrence frequency is not
a new concept, but the way they applied it is awesome. I saw something similar
in Defcon 17 where the researchers recorded sound from a keyboard (using
lasers as microphones, but that's irrelevant), then analyzed breaks in typing
to attempt to guess what the victim was typing. Fascinating stuff!

------
Splines
So... I need to make Skype calls with the water faucet and/or some music
playing now?

------
r3demon
Even if it's possible to weaken encryption in Skype, it could be still strong
enough and require a billion-dollar effort to decrypt a single conversation.

~~~
eru
Have you read the article?

