http://www.theregister.co.uk/2010/07/09/skype_crypto/ By John Leyden The Register 9th July 2010 Cryptoanalysts have published what they claim is the secret recipe behind a Skype encryption algorithm. A group of code breakers led by Sean O'Neil reckon they have successfully reverse engineered Skype's implementation of the RC4 cipher, one of several encryption technologies used by the consumer-oriented VoIP service. The proprietary encryption technology is used by the VoIP service to protect communications exchanged between its its clients and severs. It also restricts what clients can access the service, a restriction Skype had plans to ease with the upcoming publication of an API. Even if independent research proves that the proprietary RC4 algorithm has been exposed it doesn't follow that Skype is open to eavesdroppers, not least because the service uses a variety of encryption techniques. O'Neil justified the publication of an open source emulation of the algorithm by arguing that Skype's technology is already under exploitation by instant message spammers, so his work only levels the playing field for security researchers. He criticised Skype for practising "security by obscurity" in keeping its algorithm secret for so long. O'Neil reportedly plans to explain his research in greater depth at a presentation before the Chaos Communication Congress (27C3) in Berlin in December. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Sun Jul 11 2010 - 22:29:37 PDT
This archive was generated by hypermail 2.2.0 : Sun Jul 11 2010 - 22:45:18 PDT