170 likes | 319 Views
Skype. Bruce Maggs. Gratuitous Quote of the Day. "There have been members of the Maggs family in south east Suffolk since the great subsidy of 1327 but they were of no great distinction either then or afterwards.“
E N D
Skype Bruce Maggs
Gratuitous Quote of the Day "There have been members of the Maggs family in south east Suffolk since the great subsidy of 1327 but they were of no great distinction either then or afterwards.“ -- from Allan Farquar Bottomley, "Introduction," in the Southwold Diary of James Maggs, 1818-1876, edited by Allan Farquar Bottomley, Volume I - 1818-1848, (Suffolk: Published for the Suffolk Records Society by the Boydell Press, 1983), p.1.
References • S. A. Baset and H. G. Schulzrinne, ”An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol,”Proceedings of the 25th IEEE International Conference on Computer Communications (INFOCOM), April 2006, pp. 1-11. • N. Villeneuve, “Breaching Trust: An analysis of surveillance and security practices on China’s TOM-Skype Platform,” Information Warfare Monitor ONI Asia, October 2008. • Wikipedia article
Skype (Sky peer-to-peer) • Developed by Danes NiklasZennstrom and Janus Friis, creators of Kazaa, Skype, and Joost, and a team of software developers in Estonia. • First peer-to-peer VOIP application. • Over 60M users on-line in Sept. 2013. 663M accounts in Sept. 2011. • Skype → eBay → Skype → Microsoft • Protocol not publicly disclosed
2006 Architecture Login Server Super Node (SN) Skype Client (SC)
Supernodes • Any client with a public IP address and sufficient performance can be a supernode • Skype claims at most 40kbits/sec upload/download (?)
Login Protocol • SC connects to SN listed in host cache (stored locally in Windows registry), up to 200 entries • On first use, SC uses Skype-provided list to bootstrap SNs • SC then authenticates with login server via user name and password • If access to login server is blocked, login is routed through SN • SC also checks with skype.com via HTTP for latest software version • Mysterious ICMP messages to various continents
NAT and Firewall Traversal • UDP preferred for voice packets • SC chooses sending/listening port at random • Uses ports 80, 443 if random port is blocked • Tries UDP first, then TCP • Uses SN as a relay station, if necessary
Encryption • All communications are encrypted! • 256-bit AES (Advanced Encryption Standard, a.k.a. Rijndael) symmetric cryptosystem • 1024-bit RSA to exchange private keys • User public keys certified with 1536- or 2048-bit certificates
Finding a User • Buddy list stored locally in earlier versions, now centrally • Skype claims to find users logged on within past 72 hours • User can simultaneously login in at multiple locations • Messages, calls, sent to all instantiations of user
“Global Index” Technology • SC queries its SN about user location • SN responds with 8 IP addresses • If SC asks again, SN provides 16 more • Search faster the second time, evidence that search results are cached at intermediate nodes • Rest of the protocol is a bit mysterious
Telephony • iLBC, iSAC, and iPCM codecs developed by GlobalIPSound, other codecs • 67-byte packets at 40kbits/sec, needs 16kbits/sec minimum • Frequency band approximately 50-8000Hz • PSTN uses uncompressed 56kbits/sec, 8000 samples per sec (max 4000Hz), nonuniform intervals • Skype keeps transmitting during silence! • Calls on hold send less frequent keepalive messages
Bridging to PSTN • SkypeIn and SkypeOUT servers for making PSTN-to-PC and PC-to-PSTN calls • To use SkypeIn, local phone number assigned to PC
Conferencing A A+C C B A+ B C B Most powerful machine (A) chosen as conference host.
TOM-Skype • Chinese version of Skype client • In summer 2007, researchers discovered TOM-Skype was logging chat conversations that contained certain keywords or user names • The messages and decryption keys were stored on insecure servers in China • Researchers downloaded and decrypted over 1M messages from August-September 2008.
Social Network Map from Logs red: IP addresses of user 1 blue: clients that talked to user 1
Keywords (Machine Translation) (First removed messages with English-language obscenities – 40%)