Rumour: NSA offering 'billions' for Skype eavesdrop solution
A printable-quality rumour straight from El Reg:
News of a possible viable business model for P2P VoIP network Skype emerged today, at the Counter Terror Expo in London. An industry source disclosed that America's supersecret National Security Agency (NSA) is offering "billions" to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.
The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain's GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general.
Read the whole article!
Skype in particular is a serious problem for spooks and cops. Being P2P, the network can't be accessed by the company providing it and the authorities can't gain access by that route. The company won't disclose details of its encryption, either, and isn't required to as it is Europe based. This lack of openness prompts many security pros to rubbish Skype on "security through obscurity" grounds: but nonetheless it remains a popular choice with those who think they might find themselves under surveillance. Rumour suggests that America's NSA may be able to break Skype encryption - assuming they have access to a given call or message - but nobody else.
The NSA may be able to do that: but it seems that if so, this uses up too much of the agency's resources at present.
"They are saying to the industry, you get us into Skype and we will make you a very rich company," said the industry source, adding that the obscure encryption used by the P2Pware is believed to change frequently as part of software updates.
The spyware kingpin suggested that Skype is deliberately seeking to frustrate national listening agencies, which seems an odd thing to do - Skype has difficulties enough getting revenues out of its vast user base at any time, and a paid secure-voice system for subversives doesn't seem like a money-spinner
Including this bit:
But corporate parent eBay, having had to write down $1.4bn already following its $2.6bn purchase of Skype back in the bubble-2.0 days of 2005, might see an opportunity here. A billion or two from the NSA for a backdoor into Skype might make the acquisition seem like a sensible idea.
Maybe it was just bad timing ... or maybe eBay hasn't got the smarts. I would dearly love to monetise that asset, and that's no secret (it will be on this blog somewhere). Either way, if eBay failed to integrate Skype, it's a solid sell signal on eBay. They are now just another cash cow. Milk on!
Posted by iang at February 13, 2009 09:30 AM
The question is does the NSA et al realy want access to the speach or the routing information on a Skype communication?
For the speach you will need to perform some level of crypto attack, for the routing just traffic analysis.
For local level Policing then the speach is desirable because it provides operational detail of what the targets are doing (that is the Police will have specifics on a crime etc)
From the higher level (serious/organised crime and above) the routing is more important as it maps out an organisations structure.
So can the Skype speach be decrypted by those not directly involved with the peer to peer nature of the data channel.
The answer is of course probably ;) from the little publicly published it appears Skype use stream encryption based on using 256bit key 128bit data width AES in counter mode.
What is not known is the speach compression method but it might well be based on work originaly developed by the NSA (no this is not a conspiracy senario).
Brut forcing the AES key (assuming true random source) is not going to be practical in real time or any time soon. However being a stream cipher there are other attack vectors available that do not require the AES key (see OTP pad reuse bit flipping attacks etc). However the likley hood of this is down to unknown asspects of Skypes software, the most likley areas of attack being either protocol issues or predictable randomness.
Another area of posibility is a weakness in the RSA etc key generation. There are ways a hidden back door can be put into any public key certificate in a way that is effectivly impossible to tell from the certificate alone (see work by Adam L Young and Moti Yung www.cryptovirology.com).
Then of course ther is the question of lack of entropy in the method of selecting the pq primes (which is quite a big issue in many home brew crypto systems), which is again a random number generator issue (the recent failing of an open source generator caused some bad certificates very recently).
So yes there "may" be avenues to attack the speach but is it realy an issue?
Where Skype has a real weakness is that the majority of users will almost always use the same computer from a very few IP addresses and communicate to Skypes servers at a limited and known number of IP addresses (the physical location etc of the IP addresses at both ends is easily available).
A much smaller fraction will use Skype on a mobile device, but again they will have one or two primary (home/work) locations.
Then there are your covert types who will only use other peoples open WiFi points etc. These break down into two groups the technicaly sophisticated and those who are not.
Those who are technicaly sophisticated will use further covert methods such as TOR the less so will not.
And there is of course those that realy know what they are doing and use other methods entirely.
There is already data mining traffic analysis software for mobile phone logs that has been shown to pick out "closed nets" of users. Such people are generally "suspicious" and would be likley to receive further investigation.
Changing the software to work with IP records instead of phone records would be the work of a day or so of a programmers time.
In both the US and Europe it is now a case of getting to the IP logs (which in most places does not require a warrant these days).
Which then brings about the question of can a Skype client be uniquly recognised when it connects to Skypes servers.
The answer is probably yes and not through Skypes fault.
It is well known that the "cracking" community have tools to finger print OS's and to some extent hardware via IP stack responses etc.
Further other application level software can leak plaintext information about a machine when in use (email etc) or when it "phones home" (think multi-media apps etc).
Further the abundant infection rates of Malware give other identifiers. So it is possible to build a unique fingerprint for a client machine irrespective of what the Skype software can do to hide identity info.
What is less well known is that the CPU clock drift rate is detectable via TCP time stamps and is a way by which individual machines can be identified even when working through a TOR network
And TOR is further suceptable to other attacks due to latency or "owned" node issues.
So from the higher level Intel aspect for serious/organised crime and above then Skypes security measures are not realy an issue...