An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman Abdul Baset and Henning Schulzrinne December 15, 2005
Agenda What is Skype? What problems does it solve? The Skype network The Skype software components Experimental setup The Skype functions How to block Skype? Skype, MSN, and Yahoo Disassembling the executable Unanswered questions
What is Skype? Peer-to-peer, pc-to-pc, pc-to-phone, phone-to-pc VoIP client Developed by people who created KaZaa First version in September 2003 60,000 downloads in first week, 219 million downloads (till yesterday) Current version: 1.4.0.84 and 2.0 beta SkypeOut (pc-to-phone) introduced in July 2004 SkypeOut terms of service: governed by the laws of Luxembourg SkypeIn, voicemail OS: Windows, Linux, MacOS, PocketPC
What problems does it solve? NAT and firewall traversal Nielsen September 2005 ratings 61.3% of US home internet users use broadband (http://www.nielsen-netratings.com/pr/pr_050928.pdf) ‘Most’ users have some kind of NAT Superior voice quality than MSN or Yahoo IM clients Phone-to-pc calling, SkypeIn Yahoo is starting to imitate Skype services
A p2p illusion? Login server Servers for SkypeOut and SkypeIn Anonymous call minutes statistic gathering
The Skype Network
The Skype Network (contd…) Ordinary host (OH) A Skype client Super nodes (SN) Has public IP address, ‘sufficient’ bandwidth, CPU and memory Login server Stores Skype id’s and passwords Used at login for authentication Version 0.97: 80.160.91.11 now: 212.72.49.141 and 195.215.8.141 sdfsdf
Skype Components Ports No default listening port Randomly chooses a port (P1) on installation Opens TCP, UDP listener sockets at P1 TCP listener sockets at port 80, 443
Skype Components (contd…) Host cache (HC) IP address and port number of online Skype nodes (SNs) At least one valid entry must be present in HC Maximum size: 200 entries ‘Understanding KaZaa’: 200 entries for ordinary node (ON) Login server IP address and port number Stored in Windows registry in version 0.97 Now present at C:\Documents and Settings\All Users\Application Data\Skype
Skype HC (ver: 0.97)
Skype HC
Skype Components (Contd…) Codecs (GlobalIPSound) Wide band codecs (50-8,000 Hz) iLBC (packet size: 20 and 30 ms bitrate: 15.2 kbps and 13.3 kbps) iSAC (packet size: 30-60 ms bitrate: 10-32 kbps) G.729 for SkypeOut? Buddy list Stored in ‘config.xml’ file C:\Documents and Settings\<XP user>\Application Data\Skype\<skype user id> <CentralStorage> <LastBackoff>0</LastBackoff> <LastFailure>0</LastFailure> <LastSync>1120325519</LastSync> <NeedSync>0</NeedSync> <SyncSet> <u> <skypebuddy1>f384d3a0:1</skypebuddy1> <skypebuddy2>7d1dafc4:1</skypebuddy2>
Experimental Setup I have NOT reverse engineered Skype executable but it can be done Skype version: 0.97.0.6, 1.0, 1.2, 1.4 Experiments performed between Feb-May 2004, June-July and Nov-Dec 2005. Tools Used Ethereal (for packet capture) NetPeeker (for tuning the bw) NCH Tone generator (for generating tones of various frequencies) APIMonitor (for monitoring the sys calls)
Experimental Setup (Contd…)
Skype Functions Startup Login User Search Call Establishment Media Transfer Keep-Alive NAT and firewall Traversal Conferencing
Skype Functions: STARTUP First time startup GET /ui/0/97/en/installed HTTP/1.1 Normal startup GET /ui/0/97/en/getlatestversion?ver=0.97.0.6 HTTP/1.1
Skype Functions: LOGIN Must establish a TCP connection with SN HC must contain at least one valid SN Bootstrap Super Nodes IP address:port Reverse Lookup Result Authority Section 66.235.180.9:33033 sss1.skype.net ns1.hopone.net 66.235.181.9:33033 No PTR result 212.72.49.143:33033 ns-pri.ripe.net 195.215.8.145:33033 ns3.DK.net 64.246.49.60:33033 rs-64-246-49-60.ev1.net ns2.ev1.net 64.246.49.61:33033 rs-64-246-49-61.ev1.net 64.246.48.23:33033 ev1s-64-246-48-23.ev1servers.net ns1.ev1.net
Skype Functions: LOGIN Public, NAT Establish a TCP connection with the SN Authenticate with the login server Announce arrival on the network (controlled? flooding) Determine NAT type? Firewall
Skype Functions: LOGIN 16 3 1 0 0 17 3 1 0 0 16 3 1 0 0 . . . . 17 3 1 0 0 len . . . .
Skype Functions: LOGIN 1536 and 2048 (skype account) bit RSA to negotiate symmetric AES keys Central Server Signing Key SS and Verification Key VS Client: user name A, password PA, RSA key pair SA and VA VS embedded in the Skype executable 256 bit AES session with the login server Key is chosen at random and encrypted with the public key of the login server {A, H(PA), VA} VS to login server (msg 3) {A, VA} SS to client (msg 4) Source: Tom Berson’s security evaluation
Skype Functions: LOGIN
Skype Functions: LOGIN Public NAT Firewall Data Exchanged 9 kilobytes 10 kilobytes 8.5 kilobytes Time to login 3-7 seconds 30-35 seconds
Skype Functions: USER SEARCH From the Skype website Global Index (GI) Technology Guaranteed to find a user it exists and logged in the last 72 hours Search results are cached at intermediate nodes Unable to trace messages beyond SN Cannot force a node to become a SN Host cache is used for connection establishment and not for SN selection User does not exist. How does search terminate? SN searches for a user behind UDP-restricted firewall Same search query from two different machines initiated at the same time give different results Wildcard queries supported
Skype Functions: USER SEARCH Public NAT Firewall Data Exchanged 1-2 kilobytes 2-4 kilobytes
CALL ESTABLISHMENT Call signaling always carried over TCP Calls to non buddies=search+call Initial exchange checks for blocked users Public-public call Caller SC establishes a TCP connection with callee SC Public-NAT Caller SC is behind NAT Caller---->Skype node (SN?) ----> Callee TCP connection established between caller, callee, and more than one Skype nodes Unknown: How a node is selected to route calls from caller to callee? Perhaps determined at login Firewall-firewall call Same as public-NAT
CALL ESTABLISHMENT Public-public Public-NAT Firewall-Firewall Data Exchanged 4-5 kilobytes 6-8 kilobytes 6-7 kilobytes
Skype Functions: MEDIA TRANSFER 10/100 Mbps Ethernet Public-Public Public-NAT Firewall-firewall Packet Size 67 bytes 69 bytes Stream BW 5 kilobytes/s Transport UDP TCP
Skype Functions: MEDIA TRANSFER No silence suppression Silence packets are used to play background noise at the peer maintain UDP NAT binding avoid drop in the TCP congestion window Putting a call on hold 3 packets/sec to call-peer or Skype node same reasons as above Codec frequency range 50-8,000 Hz (total bw of 3 kilobytes/s) Reasonable call quality at (4 kilobytes/s)
Skype Functions: KEEP ALIVE Refresh message over TCP to SN every 60 seconds Refresh message size: 60 bytes
Skype Functions: CONFERENCING A, B, and C have public IP addresses A: Pentium4, 2GHz 1: B-A Call B: PentiumII , 300 MHz C: Pentium Pro 200 MHz
Skype Functions: CONFERENCING A, B, and C have public IP addresses A: Pentium4, 2GHz 1: B-A Call B: PentiumII , 300 MHz 2: B-C Call C: Pentium Pro 200 MHz
Skype Functions: CONFERENCING A, B, and C have public IP addresses A: Pentium4, 2GHz 1: B-A Call B: PentiumII , 300 MHz B decides to initiate a conference 2: B-C Call C: Pentium Pro 200 MHz
Skype Functions: CONFERENCING A, B, and C have public IP addresses A: Pentium4, 2GHz B A+C B: PentiumII , 300 MHz C A+B C: Pentium Pro 200 MHz
Skype Functions: CONFERENCING B and C are behind NAT. A has public IP addresses B Online Skype node A: Pentium4, 2GHz A 1: B-A Call A B B: PentiumII , 300 MHz C: Pentium Pro 200 MHz
Skype Functions: CONFERENCING B and C are behind NAT. A has public IP addresses Online Skype node A: Pentium4, 2GHz (public IP) B C A+B A+C B: PentiumII , 300 MHz (NAT) C: Pentium Pro 200 MHz (NAT)
How to block Skype? Block IP address and port of Skype login servers. Skype goes through super nodes. Inspect TCP payload of login messages and block outgoing login messages. Skype is blocked.
Skype, MSN, and Yahoo Application version Memory usage before call (caller, callee) Memory usage after call (caller, callee) Process priority before call Process priority during call Mouth-to-ear latency Skype 1.2 17 KB, 10 KB 18 KB, 19 KB Normal High 90ms~ MSN 6.2 20 KB, 19 KB 25 KB, 25 KB 95ms~, 130ms~ Yahoo 7.0 beta 33 KB, 33 KB 38 KB, 29 KB 190ms~
Call / IM Forking User can login from multiple machines All Skype instances notified of call arrival Pickup, cancel at other locations IMs delivered to all locations
Skype Online Users
Breaking the executable Skype does not run with ltrace Skype does run with strace nm does not reveal anything libcrypt is (perhaps) statically linked. ldd does not reveal anything Skype can be run with SoftICE, OllyDbg LD_PRELOAD technique
Unanswered questions How Skype encrypts and decrypts? SN to SN communication? One hop or multiple hop media relaying? How does search terminate if the user is not found?
Conclusion Login server and super nodes, not strictly peer-to-peer Code obfuscation, runtime decryption Multiple paths for ‘in-time’ switching incase of failures Other companies are following Skype damaka, peerio, pc-telephone
References Skype reports: http://www1.cs.columbia.edu/~salman/skype/ iSAC: http://www.globalipsound.com/datasheets/iSAC.pdf iLBC: http://www.globalipsound.com/datasheets/iLBC.pdf
Questions?