Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How to encrypt voice skype calls?
From: "Fabio Pietrosanti (naif)" <lists () infosecurity ch>
Date: Fri, 20 Jun 2008 17:35:46 +0200

Arturo 'Buanzo' Busleiman wrote:
I'm pretty sure an alsa (sorry, no windows here) audio 
encryption/decryption plugin could be
written, and have that mic/speak interface be used by skype.

Be careful!

Scrambling != encryption !!!!!

Scrambling it's applied to an analog signal to convert some frequencies.

SIGSALY it's Secure Digital Voice Communications in World War II:
 - http://en.wikipedia.org/wiki/SIGSALY
 - http://www.flickr.com/photos/44165698 () N00/2534235949/


If you scramble your voice, staying within the frequencies allowed by 
the narrowband compression codec used by skype you cannot have a full 
digital path on which encipher a data stream with a good encryption 
algorithm (that process bucks of data and not frequencies).

There are no secure scrambling technology.

The only way to secure a voice path is to have a digital path enciphered 
on which you put the compressed voice sample.

But working on the "analog" processing the voice before it's compressed 
it's NOT an option.

For such reason i was wondering how this could be accomplished on a 
Skype based call.

Maybe by enciphered audio samples directly in the memory of skype:

- Hooking into skype to encipher audio samples before they are packed in 
a frame?
- Hooking into skype to encipher audio samples after they are packed in 
a frame?

Or maybe by leveraging the skype transport for the "digital path" and 
using our own encoding/decoding framework:

- Changing some bunch of data (from offset X to offset Y) in the ip 
packets "on the net"? (There's some checksum?)

Are all funky ideas, but i mean, i don't trust skype :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]