Skype has been a ten years mystery for network traffic analysis and cyber forensic investigation. Its security, which uses end to end 256-bit encryption, and the need for interception by law enforcements agencies, made it one of the regular questions, for me, at my workshops or investigation cases.
On July 8, 2010 TechCrunch posted an article about some reverse engineering research into the Skype security protocol. There was an image with the first 32 lines of source code for an application which collects the weak keys based on the Rivest Cipher 4(RC4) cryptography algorithm. The application has been written by Mr. Sean O’Neil, the person who claims to have reversed engineered the Skype protocol and developed the afore mentioned application. He has a blog at enrupt.com where he introduces himself as a cryptologist and a reverse engineer.
Unfortunately, I was not able to obtain any more technical information or gain access to the actual application/source code for testing. However, this announcement should be alarming for security communities. It is obvious that there is no ultimate security, but challenges like Mr. O’Neil’s might be helpful.
There are always consequences when this type of information is disclosed, but we need to use such discoveries for improvements. In this case, Skype is a live example, a real world application and the Skype engineers may have deliberately used an algorithm which is prone to attacks.
Those who know a little about information security no longer considering the RC4 algorithm as a secure algorithm. Users have paid heavily with wireless network security breaches due to WEP cryptography which uses RC4.
On the other hand, there is a possibility of governmental influence on the Skype engineers. The NSA, because of U.S. national security interests, has tough compliance rules for American products and services. The security agencies in the USA need to be able to intercept any type of communication. This may have caused poor engineering, in terms of security, by utilizing the RC4 algorithm as one of the security mechanisms in Skype.
Information security experts need to look at this discovery as an opportunity to review current security mechanisms and enhance them.