return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

Skype's encryption rendered transparent in China by Skype's Chinese partner TOM Online

  #

Using the P2P VoIP Skype has its risks, nicely catalogued by Simson Garfinkel in CSO, not the least of which are unproven crypto, its capacity to tunnel through and around firewalls, the Skype client's ability to relay calls between other network users without your knowledge, its ability to send worms and viruses to the unwary and that its development center is in the Baltic states, they all pale to the condition when a local source applies what is effectively a man-in-the-middle filtering and blocking function. Welcome to TOM-Skype in China.

Skype "has admitted that its partner in China [TOM-Skype] has filtered text messages," invoking the Google and Yahoo defense that Skype was "complying with local law" in its partner's action, defending "this compliance with censorship laws as the only way to do business in the country." Skype’s chief executive, Niklas Zennström, stated that, "Tom had implemented a text filter, which is what everyone else in that market is doing. Those are the regulations." Mental contortions are fun to read. Zennström "insisted that the actions of Tom-Skype had not put users at risk," this in the face of Yahoo-provided information resulting in the arrest and jailing of dissidents.

But this note is less directed at the 2 million TOM-Skype users than to business users taking their Skype usage into China. The general nature of the intercept problem is cited here from an analysis of warrantless wiretaps and the Foreign Intelligence Surveillance Act (FISA):

Thirty years ago when FISA was being drafted it made sense to speak exclusively about the interception of a targeted communication one in which there were usually two known ends and a dedicated ("circuit-based") communication channel that could be "tapped." In modern networks, however, data and increasingly voice communications are broken up into discrete packets that travel along independent routes between point of origin and destination where these fragments are then reassembled into the original whole message ("packet-based"). Not only is there no longer a dedicated circuit, but individual packets from the same communication may take completely different paths to their destination. To intercept these kinds of communications, filters ("packet-sniffers") and search strategies are deployed at various communication nodes to scan and filter all passing traffic with the hope of finding and extracting those packets of interest and reassembling them into a coherent message. Even targeting a specific message from a known sender requires intercepting (i.e., scanning and filtering) the entire communication flow…

Advances in information technology together with the borderless nature of terrorist threats and global communications has made place-of-collection and U.S. personhood an increasingly unworkable basis for controlling the collection of intelligence. Indeed, because of packet-based communication technologies like VoIP and the use of proxy servers, it may no longer even be technically possible to determine exactly when a communication is taking place "within the United States" and no practical means exists to determine if a particular participant is a U.S. person or not until after further investigation. FISA does not account for this. Automated screening can monitor data flows to uncover terrorist connections or terrorist communication channels without human beings ever looking at anybody's emails or listening in on their phone calls. Only when the computer identifies suspicious connections or information do humans get involved… Content filtering is used to search for the occurrence of particular words or language combinations that may be indicative of terrorist communications.

Skype's voice and IM text encrypted streams makes that interception much more difficult. Without devoting sufficient decryption assets, the attacker/collector is reduced to traffic analysis.

TOM-Skype's insertion of filtering into SkypeChat IM messaging short-circuits the encryption step. And if TOM-Skype is filtering for "Falun Gong" on behalf of the government, they are scanning, if not filtering, for much more. If you know that the pipeline is in place, then conceivably any catchphrase that the Golden Firewall employs (See Fun on both sides of the Golden Shield: escape & evasion applicable to civil libertarians and terrorists alike and Finding Zhao Ziyang through the Golden Shield) can be extended to TOM-Skype. Were I the Chinese authorities, I would try to limit filtering, which will draw unwanted publicity, and monitor content for intel to use elsewhere.

Any business traffic to and from China via TOM-Skype should be using a primary encryption tool prior to inserting text into SkypeChat or an independent encryption tool, otherwise consider that you are typing cleartext for any and all to read. It would be worth a test to see if TOM-Skype allows encrypted text to pass. PGP headers and footers are, after all, a standard searchable text string.

Having already recommended Phil Zimmermann's newest encryption software, Zfone, for some project team secure comm, I would suggest it here:

The open-source [Zfone] manages cryptographic handshakes invisibly, and encrypts and decrypts voice calls as the traffic leaves and enters the computer. Operation is simple, and users don't have to agree in advance on an encryption key or type out long passcodes to make it work… Zfone is designed to work with VoIP clients that use the industry standard SIP protocol, and has been tested with clients such as X-lite, Free World Dialup and Gizmo ProjectUsing Zfone didn't add any noticeable latency or distortion to calls made with Gizmo Project. Once it's up and running, you're simply talking on the phone.

But make no mistake: to eavesdroppers, Zfone is anything but routine. The protocol is based on SRTP, a system that uses the 256-bit AES cipher and adds to that a 3,000-bit key exchange that produces the codes callers can read off to one another. It has been submitted to IETF for approval as an internet standard, and by most accounts is strong enough to defy even the most sophisticated code-breaking technologies, from a hacker's packet sniffer to the acres of computers beneath Ft. Meade.

That makes Zfone the "most secure telephone system anyone has ever used… " The Gizmo Project ostensibly uses its own encryption for Gizmo-to-Gizmo calls, though the company won't reveal what algorithms they use. But primarily, Zfone is competing with the built-in crypto that comes with Skype, which is closed-source, uses its own proprietary protocols, and employs its own encryption scheme -- which, significantly, is not available for inspection and peer-review (though some have evaluated (.pdf) it and others purportedly cracked it anyway).

If it must be secure, it must be "double encrypted" given that Skype's encryption has been rendered transparent in China.

ADDENDUM: As an issue of fairness, be certain to listen to the podcast associated with Can you hear me now? Big Brother is listening as it is now manifestly clear that the US is performing a wholesale sweeping and filtering of all traffic passing through AT&T and its peer member access points. The short article has only a fraction of the information of the podcast that is most interesting. The difference is that the US is ostensibly pursuing counterterrorist threats.

Can you hear me now? Big Brother is listening
Posted by Richard Stiennon @ 1:50 pm
Threat Chaos
April 20, 2006
Podcast interview with "Deep Packet"

Skype says texts are censored by China
By Alison Maitland in London
Financial Times
Published: April 18 2006 22:23, Last updated: April 18 2006 23:01

Finally, the government props up ailing encryption industry
Posted by Richard Stiennon @ 1:58 pm
Threat Chaos
April 17, 2006

Pretty Good Way to Foil the NSA
By Ryan Singel
Wired
02:00 AM Apr, 03, 2006

Whispering Wires and Warrantless Wiretaps: Data Mining and Foreign Intelligence Surveillance
K. A. TAIPALE
Center for Advanced Studies in Science and Technology Policy
NYU Review of Law & Security, No. 8, June 2006
ABSTRACT
DRAFT available in HTML
PDF available from abstract page

DATA MINING AND DOMESTIC SECURITY: CONNECTING THE DOTS TO MAKE SENSE OF DATA
By K. A. Taipale
The Columbia Science and Technology Law Review
Vol 3, 2003

Can 9 Million Skype Users Be Wrong?
Skype is a great way to communicate. But CSOs should know that it also brings auditing and monitoring challenges.
By Simson Garfinkel
CSO, March 2005

Gordon Housworth



Cybersecurity Public  InfoT Public  
 
In order to post a message, you must be logged in
Login
message date / author


There are no comments available.

In order to post a message, you must be logged in
Login