Skype hits back at angry wiretap reports: Rat finks? Not us

Not that easy to tap – unless you're a cop with a court order

During a visit to Estonia in June, Tiit Paananen, manager of Skype's engineering centre in Tallinn, Estonia, told The Register that it was easier to plant malware on targeted machines than to "decrypt and de-obfuscate Skype chats and calls".

Skype operates a hybrid peer-to-peer and client–server system, in common with other VoIP services. The architecture is perhaps more difficult to tap than conventional PSTNs. In response, police agencies in the West and secret police agencies in the Middle East have taken to using indirect methods involving viruses and the like.

Trojans, including one disguised as a Skype encryption utility, have been deployed as tools to spy on Syrian dissidents, for example. Last October, German white-hat hackers captured a Trojan which they discovered was capable of tapping Skype calls and IM chats made from infected devices.

That's not to say Skype is a insurmountable barrier to surveillance. In fact, the recent headlines in the mainstream press expressing outrage are based on a false premise that hasn't been already going on for years. Skype itself states it has maintained a law enforcement request compliance team since 2005.

A 2007 vintage Skype law enforcement handbook – which has been available on cryptome.org for years – shows that in response to a court order, Skype will provide all sorts of data, including destination phone numbers for calls, billing information and the email addresses of users. It is unclear whether or not IP address session logs are available.

This was five years ago, when Skype was owned by eBay, and long before Microsoft picked up the firm in May 2011.

Recent Skype wiretap shocka stories are also unfair because they fail to point out that telcos and ISPs routinely supply communication data to police.

It's still unclear to what extent governments can intercept the contents of Skype voice calls. Skype offers end-to-end encryption but it doesn't say how it handles encryption keys.

Christopher Soghoian, a security and privacy researcher, argued convincingly in a blog piece that, like Dropbox and iCloud, Skype probably has unencrypted access to user data, and can therefore be forced to hand it over to the government (thereby failing the so-called "mud puddle" test for data recovery, where a user destroys his computer and forgets his password to encrypted content).

The handling of encryption keys by Skype compares unfavourably to the ZRTP-encrypted VoIP protocol, created by Phil Zimmermann of PGP fame, according to Soghoian:

In contrast to the complex, user-visible fingerprint exchange and verification methods employed by OTR and ZRTP, Skype does nothing at all. Skype handles all the crypto and key exchange behind the scenes. When a Skype user installs the software on a brand new device and initiates a conversation with a friend already in their contact list, that friend is not told that the caller's device/software has a new crypto key and that it should be verified. Instead, the call just connects.

I suspect that Skype does not create a new private encryption key for each device running Skype. Instead, my guess is that it creates a key once, when the user sets up their account, and then stores this online, along with the user's contact list. When the user installs Skype on a new device, the key is downloaded, along with all of their other account data. In this regard, Skype is actually surprisingly similar to Dropbox and iCloud - while you are not storing your tax documents and family photos on Skype's servers, you are storing your communications encryption keys...and when faced with the mud puddle test, Skype fails.

The handling of keys is important because access to crypto keys can allow law enforcement to tap into Skype calls without built-in wiretapping capabilities, as Soghoian explains:

Skype may in fact be telling the truth when it tells journalists that it does not provide CALEA-style wiretap capabilities to governments. It may not need to. If governments can intercept and record the encrypted communications of users (via assistance provided by Internet Service Providers), and have the encryption keys used by both ends of the conversation – or can impersonate Skype users and perform man-in-the middle attacks on their conversations, then they can decrypt the voice communications without any further assistance from Skype.

This analysis is well-informed, albeit speculative. Soghaian concluded that Skype users should avoid the trap of thinking that the service is inherently secure, a comforting notion that seems to have spawned the excitable shock-horror stories over recent days:

Skype is not transparent about its surveillance capabilities. It will not tell us how it handles keys, what kind of assistance it provides governments, under what circumstances, or which governments it will and won't assist. Until it is more transparent, Skype should be assumed to be insecure, and not safe for those whose physical safety depends upon confidentiality of their calls.

Skype of course can't talk about the requests for assistance it has received from intelligence agencies, since such requests are almost certainly classified. However, Skype could, if it wished to, tell users about its surveillance capabilities. It doesn't.

Soghoian's thoughtful essay can be found here. ®