1 / 41

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol. Salman Baset and Henning Schulzrinne April 27, 2006. Agenda. What is Skype? What problems does it solve? The Skype network The Skype software components Experimental setup The Skype functions

ita
Download Presentation

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman Baset and Henning Schulzrinne April 27, 2006

  2. Agenda • What is Skype? • What problems does it solve? • The Skype network • The Skype software components • Experimental setup • The Skype functions • Skype, MSN, Yahoo and Google Talk • Skype super nodes

  3. What is Skype? • Peer-to-peer, pc-to-pc, pc-to-phone, phone-to-pc VoIP and IM client • Developed by people who created KaZaa • SkypeOut (pc-to-phone) • SkypeOut terms of service: governed by the laws of Luxembourg • SkypeIn (phone-to-pc), voicemail • Supported OS: Windows, Linux, MacOS, PocketPC • A p2p illusion • Login server • Buddy-list server • Servers for SkypeOut and SkypeIn • Anonymous call minutes statistic gathering

  4. What problems does it solve? • NAT and firewall traversal • Nielsen September 2005 ratings • 61.3% of US home internet users use broadband (http://www.nielsen-netratings.com/pr/pr_050928.pdf) • ‘Most’ users have some kind of NAT • Phone-to-pc calling, SkypeIn • Configuration-less connectivity

  5. The Skype Network

  6. The Skype Network (contd…) • Ordinary host (OH) • A Skype client • Super nodes (SN) • A Skype client • Has public IP address, ‘sufficient’ bandwidth, CPU and memory • Login server • Stores Skype id’s, passwords, and buddy lists • Used at login for authentication • Version 1.4.0.84: 212.72.49.141 and 195.215.8.141

  7. Skype Components • Ports • No default listening port • Randomly chooses a port (P1) on installation • Opens TCP and UDP listener sockets at P1 • Opens TCP listener sockets at port 80 (HTTP) and port 443 (HTTPS)

  8. Skype Components (contd…) • Host cache (HC) • IP address and port number of online Skype nodes (SNs) • Maximum size: 200 entries • Liang, Kumar and Ross. Understanding KaZaA • 200 entries for ordinary nodes (ON) • Login server IP address and port number • HC Windows location C:\Documents and Settings\All Users\Application Data\Skype

  9. Skype HC

  10. Skype Components (Contd…) • Codecs (GlobalIPSound) • Wide band codecs (50-8,000 Hz) • iLBC (packet size: 20 and 30 ms bitrate: 15.2 kbps and 13.3 kbps) • iSAC (packet size: 30-60 ms bitrate: 10-32 kbps) • G.729 for SkypeOut? • Buddy list • Stored in ‘config.xml’ file • C:\Documents and Settings\<XP user>\Application Data\Skype\<skype user id> <CentralStorage> <LastBackoff>0</LastBackoff> <LastFailure>0</LastFailure> <LastSync>1120325519</LastSync> <NeedSync>0</NeedSync> <SyncSet> <u> <skypebuddy1>f384d3a0:1</skypebuddy1> <skypebuddy2>7d1dafc4:1</skypebuddy2>

  11. Agenda • What is Skype? • What problems does it solve? • The Skype network • The Skype software components • Experimental setup • The Skype functions • Skype, MSN, Yahoo and Google Talk • Skype super nodes

  12. Experimental Setup • We have NOT reverse engineered Skype executable but it can be done (Biondi and Desclaux) • Skype version: Linux v1.2, Windows v1.4.0.84 • Experiments performed between June-July and Nov-Dec 2005 • Tools Used • Ethereal (for packet capture) • NetPeeker (for tuning per process bandwidth) • NCH Tone generator (for generating tones of various frequencies) • APIMonitor (for monitoring the system calls) • LD_PRELOAD: Linux shared library and system call interception • Skype fails to run with ltrace and strace

  13. Overloaded strcpy() function char* strcpy(char* dest, const char* src) { void *handle = NULL; double (*mystrcpy)(char* dest, const char* src); long temp; handle = dlopen("/lib/libc.so.6", RTLD_LAZY); mystrcpy = dlsym(handle, "strcpy"); temp = (*mystrcpy)(dest, src); dlclose(handle); return dest; }

  14. Experimental Setup (Contd…) Public NAT Firewall

  15. Port-restricted NAT

  16. Skype Functions • Startup • Login • User search • Call establishment • Media transfer • Keep-alive • NAT and firewall traversal • Conferencing

  17. Skype Functions: STARTUP • First time startup • GET /ui/0/97/en/installed HTTP/1.1 • Normal startup • GET /ui/0/97/en/getlatestversion?ver=0.97.0.6 HTTP/1.1

  18. Skype Functions: LOGIN • Establishes a TCP connection with SN • Authenticates with the login server and gets a certified public key • Bootstrap super nodes • Hard-coded in Skype

  19. Skype Functions: LOGIN

  20. Skype Functions: LOGIN • Public, NAT • Establishes a TCP connection with the SN • Authenticates with the login server • Announces arrival on the network (controlled flooding?) • Determines NAT type? • Firewall • Establishes a TCP connection with the SN • Authenticates with the login server

  21. Skype Functions: LOGIN SSL: client_key_exchange SSL: version 163 1 0 0 17 3 1 0 0 16 3 1 0 0 . . . . 17 3 1 0 0 len . . . .

  22. Skype Functions: USER SEARCH • From the Skype website • Guaranteed to find a user it exists and logged in the last 72 hours • Search results are cached at intermediate nodes • Unable to trace messages beyond SN • Cannot force a node to become a SN • Host cache is used for connection establishment and not for SN selection • User does not exist. How does search terminate? • Skype contacts login server for failed searches • SN searches for a user behind UDP-restricted firewall • Same wildcard (sal*) search query from two different machines initiated at the same time gives different results

  23. Skype Functions: CALL ESTABLISHMENT • Call signaling always carried over TCP and goes e2e • Calls to non buddies=search+call • Initial exchange checks for blocked users • Public-public call • Caller SC establishes a TCP connection with callee SC • Public-NAT • Caller SC is behind port-restricted NAT • Caller---->Skype node (SN?) ----> Callee • TCP connection established between caller, callee, and more than one Skype nodes • Unknown: How a node is selected to route calls from caller to callee? • Perhaps determined at login • Firewall-firewall call • Same as public-NAT but no in-UDP packets

  24. Skype Functions: CALL ESTABLISHMENT • Caller is behind port-restricted NAT and callee has a public IP address

  25. Skype Functions: CALL ESTABLISHMENT • Caller and callee are behind port-restricted NAT and UDP-blocking firewall

  26. Skype Functions: Summary

  27. Skype Functions: MEDIA TRANSFER • 10/100 Mbps Ethernet • iSAC codec was used (adaptive bit-rate)

  28. Skype Functions: MEDIA TRANSFER • No silence suppression • Silence packets are used to • play background noise at the peer • maintain UDP NAT binding • avoid drop in the TCP congestion window • Putting a call on hold • 1 packet/3 seconds to call-peer or Skype node • same reasons as above • Codec frequency range • 50-8,000 Hz (total bw of 3 kilobytes/s) • Reasonable call quality at (4 kilobytes/s)

  29. Skype Functions: KEEP ALIVE • Refresh message over TCP to SN every 120 seconds • Refresh message size: 2 bytes

  30. Skype Functions: CONFERENCING • A, B, and C have public IP addresses A:1.6GHz Pentium4, 512MB RAM 1: B-A Call B: 3 GHz Pentium4, 1GB C: 3 GHz Pentium4, 1GB

  31. Skype Functions: CONFERENCING • A, B, and C have public IP addresses A:1.6GHz Pentium4, 512MB RAM 1: B-A Call B: 3 GHz Pentium4, 1GB 2: B-C Call C: 3 GHz Pentium4, 1GB

  32. Skype Functions: CONFERENCING • A, B, and C have public IP addresses A:1.6GHz Pentium4, 512MB RAM 1: B-A Call B: 3 GHz Pentium4, 1GB B decides to initiate a conference 2: B-C Call C: 3 GHz Pentium4, 1GB

  33. Skype Functions: CONFERENCING • A, B, and C have public IP addresses A:1.6GHz Pentium4, 512MB RAM B A+C B: 3 GHz Pentium4, 1GB C A+B C: 3 GHz Pentium4, 1GB

  34. Skype, MSN, Yahoo and Talk

  35. Mouth-to-ear latency setup

  36. Mouth-to-ear latency

  37. Skype Super Nodes • Skype super node: A node with which a Skype establishes a TCP connection at login • 8,153 successful login attempts over four days • 35% hostnames had a .edu suffix • 102 universities • 894 unique super nodes • Unique SN IP distribution: • US 83.7%, Asia 8.9%, Europe 7.1% • Top 20 nodes received 43.8% of the total connections • Top 100 nodes: 70.5%

  38. Skype Super Nodes

  39. Skype Super Node Map

  40. Conclusion • Selfish application • Uses best CPU and bandwidth resources • Evades blocking • Change application priority to ‘High’ after call establishment • No application configuration to prevent machine from becoming a super node. Possible by limiting per-process bandwidth • Code obfuscation, runtime decryption • Login server and super nodes, not strictly peer-to-peer • STUN and TURN equivalent functionality • Combination of hashing and controlled flooding • Multiple paths for ‘in-time’ switching incase of failures • Search falls back to login server

  41. Questions?

More Related