Skype Protocol
Encyclopedia
The Skype protocol is a proprietary
Internet telephony network based on peer-to-peer
architecture, used by Skype
. The protocol's specifications have not been made publicly available by Skype and official applications using the protocol are closed-source.
The Skype network is not interoperable with most other VoIP networks without proper licensing from Skype. Digium
, the main sponsor of Asterisk PBX
released a driver
licensed by Skype dubbed 'Skype for Asterisk' to interface as a client to the Skype network, however this still remains closed source. Numerous attempts to study and/or reverse engineer
the protocol have been undertaken to reveal the protocol, investigate security or to allow unofficial clients.
IP telephony network, requiring minimal centralized infrastructure. The Skype user directory is decentralized and distributed among the clients, or nodes
, in the network.
The network contains three types of entities: supernodes, ordinary nodes, and the login server. Each client maintains a host cache with the IP address
and port numbers of reachable supernodes.
Any client with good bandwidth, no restriction due to firewall or NAT, and adequate processing power can become a supernode. This puts an extra burden on those who connect to the Internet without NAT
, as Skype may use their computers and Internet connections as third party for UDP hole punching
(to directly connect two clients both behind NAT) or to completely relay other users' calls. Skype does not choose to supply server power with associated bandwidth required to provide the relay service for every client who needs it, instead it uses the resource of skype clients.
Supernodes relay communications on behalf of two other clients, both of which are behind firewalls or "one to many" Network address translation
.
The reason that relaying is required is that without relaying clients with firewall or NAT difficulties , the two clients would be unable to make or receive calls from other .
Skype tries to get the two ends to negotiate the connection details directly, but what can happen is that the sum of problems at both ends can mean that two cannot establish direct conversation.
The problems with firewalls and NAT can be
Supernodes are grouped into slots (9-10 supernodes), and slots are grouped into blocks (8 slots).
; however, the method only obfuscates the traffic as the key can be recovered from the packet. Voice data is encrypted with AES
.
The Skype client's application programming interface
(API) opens the network to software developers. The Skype API allows other programs to use the Skype network to get "white pages" information and manage calls.
The Skype code is closed source, and the protocol is not standardized. Parts of the client use Internet Direct (Indy)
, an open source socket communication library.
and stochastic characterization with Naive Bayes classifier
s are two approaches that were published in 2007.
the user with the login server, advertises its presence to other peers, determines the type of NAT and firewall it is behind and discovers nodes that have public IP addresses.
To connect to the Skype network, the host cache must contain a valid entry. A TCP
connection must be established (i.e. to a supernode) otherwise the login will fail.
1. start
2. send UDP
packet(s) to HC
3. if no response within 5 seconds then
4. attempt TCP connection with HC
5. if not connected then
6. attempt TCP connection with HC on port 80 (HTTP)
7. if not connected then
8. attempt TCP connection with HC on port 443 (HTTPS)
9. if not connected then
10. attempts++
11. if attempts5 then
12. fail
13. else
14. wait 6 seconds
15. goto step 2
16. Success
After a Skype client is connected it must authenticate the username and password with the Skype login server. There are many different Skype login servers using different ports
. An obfuscated list of servers is hardcoded in the Skype executable.
Skype servers are:
Skype-SW connects randomly to 1-8.
On each login session, Skype generates a session key from 192 random bits. The session key is encrypted with the hard-coded login server's 1536-bit RSA key to form an encrypted session key. Skype also generates a 1024-bit private/public RSA key pair. An MD5
hash of a concatenation of the user name, constant string ("\nSkyper\n") and password is used as a shared secret with the login server. The plain session key is hashed into a 256-bit AES key that is used to encrypt the session's public RSA key and the shared secret. The encrypted session key and the AES encrypted value are sent to the login server.
On the login server side, the plain session key is obtained by decrypting the encrypted session key using the login server's private RSA key. The plain session key is then used to decrypt the session's public RSA key and the shared secret. If the shared secret match, the login server will sign the user's public RSA key with its private key. The signed data is dispatched to the super nodes.
Upon searching for a buddy, a super node will return the buddy's public key signed by Skype. The SC will authenticate the buddy and agree on a session key by using the mentioned RSA key.
UDP
Obfuscation Layer
The RC4
encryption algorithm is used to obfuscate the payload of datagrams.
The XOR of these two 32-bit values is transformed to a 80-byte RC4 key using an unknown key engine.
A notable misuse of RC4 in Skype can be found on TCP streams (UDP is unaffected). The first 14 bytes (10 of which are known) are xored with the RC4 stream. Then, the cipher is reinitialized to encrypt the rest of the TCP stream.
TCP
Low-level datagrams
Almost all traffic is ciphered. Each command has its parameters appended in an object list. The object list can be compressed.
/ Object List ... -|
Enc -> Cmd -> Encod
^ \ Compressed List ... -|
Frag | |
|------------------<---------------|
Ack
NAck
Forward -> Forwarded..Message
Object:
Number
IP:Port
List of numbers
String
RSA key
Object List
List Size (n)
Object 1
.
.
Object n
that uses reals instead of bits.
Legal issues
Reverse engineering of the Skype protocol by inspecting/disassembling binaries is prohibited by the terms and conditions of Skype's license agreement. However there are legal precedents when the reverse-engineering is aimed at interoperability of file formats and protocols. In the United States, the Digital Millennium Copyright Act
grants a safe harbor to reverse engineer software for the purposes of interoperability with other software. In addition, many countries specifically permit a program to be copied for the purposes of reverse engineering.
External links
Proprietary protocol
In telecommunications, a proprietary protocol is a communications protocol owned by a single organization or individual.-Enforcement:Proprietors may enforce restrictions through patents and by keeping the protocol specification a trade secret...
Internet telephony network based on peer-to-peer
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
architecture, used by Skype
Skype
Skype is a software application that allows users to make voice and video calls and chat over the Internet. Calls to other users within the Skype service are free, while calls to both traditional landline telephones and mobile phones can be made for a fee using a debit-based user account system...
. The protocol's specifications have not been made publicly available by Skype and official applications using the protocol are closed-source.
The Skype network is not interoperable with most other VoIP networks without proper licensing from Skype. Digium
Digium
Digium, Inc. is a privately held communications technology company based in Huntsville, Alabama. Digium specializes in developing and manufacturing communications hardware and telephony software, most notably the open-source telephony platform Asterisk....
, the main sponsor of Asterisk PBX
Asterisk (PBX)
Asterisk is a software implementation of a telephone private branch exchange ; it was created in 1999 by Mark Spencer of Digium. Like any PBX, it allows attached telephones to make calls to one another, and to connect to other telephone services including the public switched telephone network and...
released a driver
Device driver
In computing, a device driver or software driver is a computer program allowing higher-level computer programs to interact with a hardware device....
licensed by Skype dubbed 'Skype for Asterisk' to interface as a client to the Skype network, however this still remains closed source. Numerous attempts to study and/or reverse engineer
Reverse engineering
Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation...
the protocol have been undertaken to reveal the protocol, investigate security or to allow unofficial clients.
Peer-to-peer architecture
Skype was the first peer-to-peerPeer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
IP telephony network, requiring minimal centralized infrastructure. The Skype user directory is decentralized and distributed among the clients, or nodes
Node (networking)
In communication networks, a node is a connection point, either a redistribution point or a communication endpoint . The definition of a node depends on the network and protocol layer referred to...
, in the network.
The network contains three types of entities: supernodes, ordinary nodes, and the login server. Each client maintains a host cache with the IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
and port numbers of reachable supernodes.
Any client with good bandwidth, no restriction due to firewall or NAT, and adequate processing power can become a supernode. This puts an extra burden on those who connect to the Internet without NAT
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
, as Skype may use their computers and Internet connections as third party for UDP hole punching
UDP hole punching
UDP hole punching is a commonly used technique employed in network address translator applications for maintaining User Datagram Protocol packet streams that traverse the NAT...
(to directly connect two clients both behind NAT) or to completely relay other users' calls. Skype does not choose to supply server power with associated bandwidth required to provide the relay service for every client who needs it, instead it uses the resource of skype clients.
Supernodes relay communications on behalf of two other clients, both of which are behind firewalls or "one to many" Network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
.
The reason that relaying is required is that without relaying clients with firewall or NAT difficulties , the two clients would be unable to make or receive calls from other .
Skype tries to get the two ends to negotiate the connection details directly, but what can happen is that the sum of problems at both ends can mean that two cannot establish direct conversation.
The problems with firewalls and NAT can be
- The external port numbers or IP address are not derivable, because NAT rewrites them,
- The firewall and NAT in use prevents the session being received
- UDP is not usable due to NAT issues , such as timeout
- firewalls block many ports
- TCP through many to one NAT is always "outward only" by default - Adding Port Forwarding settings to the NAT routercan allow receiving TCP sessions
Supernodes are grouped into slots (9-10 supernodes), and slots are grouped into blocks (8 slots).
Protocol
Signaling is encrypted using RC4RC4
In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
; however, the method only obfuscates the traffic as the key can be recovered from the packet. Voice data is encrypted with AES
AES
AES may refer to:Standards, systems, and methods* Application Environment Services, a component of Digital Research's GEM windowing system* The Advanced Encryption Standard...
.
The Skype client's application programming interface
Application programming interface
An application programming interface is a source code based specification intended to be used as an interface by software components to communicate with each other...
(API) opens the network to software developers. The Skype API allows other programs to use the Skype network to get "white pages" information and manage calls.
The Skype code is closed source, and the protocol is not standardized. Parts of the client use Internet Direct (Indy)
Internet Direct (Indy)
Internet Direct, also known as "Indy", is a free software / open source socket library written in Object Pascal, an object-oriented version of Pascal. It includes clients, servers, TCP, UDP, and raw sockets, as well as over 100 higher level protocols implementations such as SMTP, POP3, NNTP, and...
, an open source socket communication library.
Protocol detection
Many networking and security companies claim to detect and control Skype's protocol for enterprise and carrier applications. While the specific detection methods used by these companies are often proprietary, Pearson's chi-squared testPearson's chi-squared test
Pearson's chi-squared test is the best-known of several chi-squared tests – statistical procedures whose results are evaluated by reference to the chi-squared distribution. Its properties were first investigated by Karl Pearson in 1900...
and stochastic characterization with Naive Bayes classifier
Naive Bayes classifier
A naive Bayes classifier is a simple probabilistic classifier based on applying Bayes' theorem with strong independence assumptions...
s are two approaches that were published in 2007.
Preliminaries
Abbreviations that are used:- SN: Skype network
- SC: Skype client
- HC: host cache
Skype client
The main functions of a Skype client are:- login
- user search
- start and end calls
- media transfer
- presence messages
- video conference
Login
A Skype client authenticatesAuthentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
the user with the login server, advertises its presence to other peers, determines the type of NAT and firewall it is behind and discovers nodes that have public IP addresses.
To connect to the Skype network, the host cache must contain a valid entry. A TCP
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
connection must be established (i.e. to a supernode) otherwise the login will fail.
1. start
2. send UDP
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
packet(s) to HC
3. if no response within 5 seconds then
4. attempt TCP connection with HC
5. if not connected then
6. attempt TCP connection with HC on port 80 (HTTP)
7. if not connected then
8. attempt TCP connection with HC on port 443 (HTTPS)
9. if not connected then
10. attempts++
11. if attempts5 then
12. fail
13. else
14. wait 6 seconds
15. goto step 2
16. Success
After a Skype client is connected it must authenticate the username and password with the Skype login server. There are many different Skype login servers using different ports
Computer port (software)
In computer programming, port has a wide range of meanings.A software port is a virtual/logical data connection that can be used by programs to exchange data directly, instead of going through a file or other temporary storage location...
. An obfuscated list of servers is hardcoded in the Skype executable.
Skype servers are:
- dir1.sd.skype.net:9010
- dir2.sd.skype.net:9010
- dir3.sd.skype.net:9010
- dir4.sd.skype.net:9010
- dir5.sd.skype.net:9010
- dir6.sd.skype.net:9010
- dir7.sd.skype.net:9010
- dir8.sd.skype.net:9010
- http1.sd.skype.net:80
- http2.sd.skype.net:80
- http3.sd.skype.net:80
- http4.sd.skype.net:80
- http5.sd.skype.net:80
- http6.sd.skype.net:80
- http7.sd.skype.net:80
- http8.sd.skype.net:80
Skype-SW connects randomly to 1-8.
On each login session, Skype generates a session key from 192 random bits. The session key is encrypted with the hard-coded login server's 1536-bit RSA key to form an encrypted session key. Skype also generates a 1024-bit private/public RSA key pair. An MD5
MD5
The MD5 Message-Digest Algorithm is a widely used cryptographic hash function that produces a 128-bit hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity...
hash of a concatenation of the user name, constant string ("\nSkyper\n") and password is used as a shared secret with the login server. The plain session key is hashed into a 256-bit AES key that is used to encrypt the session's public RSA key and the shared secret. The encrypted session key and the AES encrypted value are sent to the login server.
On the login server side, the plain session key is obtained by decrypting the encrypted session key using the login server's private RSA key. The plain session key is then used to decrypt the session's public RSA key and the shared secret. If the shared secret match, the login server will sign the user's public RSA key with its private key. The signed data is dispatched to the super nodes.
Upon searching for a buddy, a super node will return the buddy's public key signed by Skype. The SC will authenticate the buddy and agree on a session key by using the mentioned RSA key.
UDP
UDP packets:
IP
UDP
Skype SoF
Skype Crypted Data01
The Start of Frame (SoF) consists of:
- frame ID number (2 bytes)
- payload type (1 byte)
- obfuscated payload
- Ack/NAck packet
- payload forwarding packet
- payload resending packet
- other
Obfuscation Layer- obfuscated payload
- Ack/NAck packet
- payload forwarding packet
- payload resending packet
- other
The RC4
RC4
In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
encryption algorithm is used to obfuscate the payload of datagrams.
- The CRC32Cyclic redundancy checkA cyclic redundancy check is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data...
of public source and destination IP, Skype's packet ID are taken - Skype obfuscation layer's initialization vectorInitialization vectorIn cryptography, an initialization vector is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom...
(IV).
The XOR of these two 32-bit values is transformed to a 80-byte RC4 key using an unknown key engine.
A notable misuse of RC4 in Skype can be found on TCP streams (UDP is unaffected). The first 14 bytes (10 of which are known) are xored with the RC4 stream. Then, the cipher is reinitialized to encrypt the rest of the TCP stream.
TCP
TCP packets:
TCP
Skype Init TCP packet
The Skype Init TCP packet contains
- the seed (4 bytes)
- init_str string 00 01 00 00 01 00 00 00 01/03
Low-level datagramsAlmost all traffic is ciphered. Each command has its parameters appended in an object list. The object list can be compressed.
/ Object List ... -|
Enc -> Cmd -> Encod
^ \ Compressed List ... -|
Frag | |
|------------------<---------------|
Ack
NAck
Forward -> Forwarded..Message
Object Lists
An object can be a number, string, an IP:port, or even another object list. Each object has an ID. This ID identifies which command parameter the object is.Object:
Number
IP:Port
List of numbers
String
RSA key
Object List
List Size (n)
Object 1
.
.
Object n
Packet compression
Packets can be compressed. The algorithm is a variation of arithmetic compressionArithmetic coding
Arithmetic coding is a form of variable-length entropy encoding used in lossless data compression. Normally, a string of characters such as the words "hello there" is represented using a fixed number of bits per character, as in the ASCII code...
that uses reals instead of bits.
Legal issues
Reverse engineering of the Skype protocol by inspecting/disassembling binaries is prohibited by the terms and conditions of Skype's license agreement. However there are legal precedents when the reverse-engineering is aimed at interoperability of file formats and protocols. In the United States, the Digital Millennium Copyright Act
Digital Millennium Copyright Act
The Digital Millennium Copyright Act is a United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization . It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to...
grants a safe harbor to reverse engineer software for the purposes of interoperability with other software. In addition, many countries specifically permit a program to be copied for the purposes of reverse engineering.
External links