An Analysis of the Skype Peer-to- Peer Internet Telephony Protocol Salman Abdul Baset and Henning Schulzrinne December 15, 2005

An Analysis of the Skype Peer-An Analysis of the Skype Peer-to-Peer Internet Telephony to-Peer Internet Telephony ProtocolProtocol

Salman Abdul Baset and Henning Schulzrinne

December 15, 2005

2

AgendaAgenda What is Skype? What problems does it solve? The Skype network The Skype software components Experimental setup The Skype functions How to block Skype? Skype, MSN, and Yahoo Disassembling the executable Unanswered questions

3

What is Skype?What is Skype? Peer-to-peer, pc-to-pc, pc-to-phone, phone-to-pc

VoIP client Developed by people who created KaZaa First version in September 2003 60,000 downloads in first week, 219 million

downloads (till yesterday) Current version: 1.4.0.84 and 2.0 beta SkypeOut (pc-to-phone) introduced in July 2004

SkypeOut terms of service: governed by the laws of Luxembourg

SkypeIn, voicemail OS: Windows, Linux, MacOS, PocketPC

4

What problems does it What problems does it solve?solve? NAT and firewall traversal

Nielsen September 2005 ratings 61.3% of US home internet users use

broadband(http://www.nielsen-netratings.com/pr/pr_050928.pdf)

‘Most’ users have some kind of NAT

Superior voice quality than MSN or Yahoo IM clients

Phone-to-pc calling, SkypeIn Yahoo is starting to imitate Skype services

5

A p2p illusion?A p2p illusion?

Login server Servers for SkypeOut and SkypeIn Anonymous call minutes statistic

gathering

6

The Skype NetworkThe Skype Network

7

The Skype Network (contd…)The Skype Network (contd…) Ordinary host (OH)

A Skype client Super nodes (SN)

A Skype client Has public IP address, ‘sufficient’ bandwidth, CPU

and memory Login server

Stores Skype id’s and passwords Used at login for authentication Version 0.97: 80.160.91.11

now: 212.72.49.141 and 195.215.8.141

8

Skype ComponentsSkype Components Ports

No default listening port Randomly chooses a port (P1) on installation Opens TCP, UDP listener sockets at P1 TCP listener sockets at port 80, 443

9

Skype Components (contd…)Skype Components (contd…) Host cache (HC)

IP address and port number of online Skype nodes (SNs)

At least one valid entry must be present in HC Maximum size: 200 entries ‘Understanding KaZaa’: 200 entries for ordinary

node (ON) Login server IP address and port number Stored in Windows registry in version 0.97 Now present at

C:\Documents and Settings\All Users\Application Data\Skype

10

Skype HC (ver: 0.97)Skype HC (ver: 0.97)

11

Skype HCSkype HC

12

Skype Components Skype Components (Contd…)(Contd…) Codecs (GlobalIPSound)

Wide band codecs (50-8,000 Hz) iLBC (packet size: 20 and 30 ms bitrate: 15.2 kbps and 13.3

kbps) iSAC (packet size: 30-60 ms bitrate: 10-32 kbps) G.729 for SkypeOut?

Buddy list Stored in ‘config.xml’ file

C:\Documents and Settings\<XP user>\Application Data\Skype\<skype user id>

<CentralStorage> <LastBackoff>0</LastBackoff> <LastFailure>0</LastFailure> <LastSync>1120325519</LastSync> <NeedSync>0</NeedSync> <SyncSet> <u> <skypebuddy1>f384d3a0:1</skypebuddy1> <skypebuddy2>7d1dafc4:1</skypebuddy2>

13

Experimental SetupExperimental Setup I have NOT reverse engineered Skype

executable but it can be done Skype version: 0.97.0.6, 1.0, 1.2, 1.4 Experiments performed between Feb-May

2004, June-July and Nov-Dec 2005. Tools Used

Ethereal (for packet capture) NetPeeker (for tuning the bw) NCH Tone generator

(for generating tones of various frequencies) APIMonitor (for monitoring the sys calls)

14

Experimental Setup Experimental Setup (Contd…)(Contd…)

INTERNET

A (public IP) B (public IP)

INTERNET

A (private IP) B (public IP)port-restricted NAT

INTERNET

A (private IP address) B (private IP address)port-restricted NAT

UDP-blocking firewallport-restricted NAT

UDP-blocking firewall

15

Skype FunctionsSkype Functions Startup Login User Search Call Establishment Media Transfer Keep-Alive NAT and firewall Traversal Conferencing

16

Skype Functions: STARTUPSkype Functions: STARTUP

First time startup GET /ui/0/97/en/installed HTTP/1.1

Normal startup GET /ui/0/97/en/getlatestversion?ver=0.97.0.6 HTTP/1.1

17

Skype Functions: LOGINSkype Functions: LOGIN Must establish a TCP connection with SN HC must contain at least one valid SN Bootstrap Super Nodes

IP address:port Reverse Lookup Result Authority Section

66.235.180.9:33033 sss1.skype.net ns1.hopone.net

66.235.181.9:33033 No PTR result ns1.hopone.net

212.72.49.143:33033 No PTR result ns-pri.ripe.net

195.215.8.145:33033 No PTR result ns3.DK.net

64.246.49.60:33033 rs-64-246-49-60.ev1.net ns2.ev1.net

64.246.49.61:33033 rs-64-246-49-61.ev1.net ns2.ev1.net

64.246.48.23:33033 ev1s-64-246-48-23.ev1servers.net

ns1.ev1.net

18

Skype Functions: LOGINSkype Functions: LOGIN Public, NAT

Establish a TCP connection with the SN Authenticate with the login server Announce arrival on the network

(controlled? flooding) Determine NAT type?

Firewall Establish a TCP connection with the SN Authenticate with the login server

19

Skype Functions: LOGINSkype Functions: LOGIN

UDPUDP

66.235.180.9:33033 (Bootstrap node)31B61B

TCPTCP

SN: (IP address not shown for privacy reasons )

94B1514B

TCPTCP

5B (1)5B (2)

TCPTCP

401B (3)218B (4)

TCP: SYN212.72.49.141:33033 (login server )

SC

SC

SC

TCP:ACK16 3 1 0 0

17 3 1 0 0

16 3 1 0 0 . . . .

17 3 1 0 0 len . . . .

20

Skype Functions: LOGINSkype Functions: LOGIN 1536 and 2048 (skype account) bit RSA to negotiate

symmetric AES keys Central Server Signing Key SS and Verification Key VS Client: user name A, password PA, RSA key pair SA and

VA VS embedded in the Skype executable 256 bit AES session with the login server Key is chosen at random and encrypted with the

public key of the login server {A, H(PA), VA} VS to login server (msg 3) {A, VA} SS to client (msg 4)

Source: Tom Berson’s security evaluation

21


Send UDP packets to seven bootstrap SNs at

port 33033

Response within 5 seconds

TCP connection attempts with seven bootstrap SN IP addresses and 1) port 330332) port 80 (HTTP port)3) port 443 (HTTPS port)

Yes/No

Connected

Success

Yes

No

Start

Wait for 22 seconds

22


Public NAT Firewall

Data Exchanged

9 kilobytes 10 kilobytes 8.5 kilobytes

Time to login

3-7 seconds 3-7 seconds 30-35 seconds

23

Skype Functions: USER Skype Functions: USER SEARCHSEARCH From the Skype website

Global Index (GI) Technology Guaranteed to find a user it exists and

logged in the last 72 hours Search results are cached at intermediate nodes Unable to trace messages beyond SN Cannot force a node to become a SN

Host cache is used for connection establishment and not for SN selection

User does not exist. How does search terminate? SN searches for a user behind UDP-restricted

firewall Same search query from two different machines

initiated at the same time give different results Wildcard queries supported

24

Skype Functions: USER Skype Functions: USER SEARCHSEARCH

Public NAT Firewall

Data Exchanged

1-2 kilobytes 1-2 kilobytes 2-4 kilobytes

25

CALL ESTABLISHMENTCALL ESTABLISHMENT Call signaling always carried over TCP Calls to non buddies=search+call Initial exchange checks for blocked users Public-public call

Caller SC establishes a TCP connection with callee SC Public-NAT

Caller SC is behind NAT Caller---->Skype node (SN?) ----> Callee TCP connection established between caller, callee, and more

than one Skype nodes Unknown: How a node is selected to route calls from caller to

callee? Perhaps determined at login

Firewall-firewall call Same as public-NAT

26

CALL ESTABLISHMENTCALL ESTABLISHMENT

Public-public Public-NAT Firewall-Firewall

Data Exchanged

4-5 kilobytes 6-8 kilobytes 6-7 kilobytes

27

Skype Functions: MEDIA Skype Functions: MEDIA TRANSFERTRANSFER

Public-Public Public-NAT Firewall-firewall

Packet Size 67 bytes 67 bytes 69 bytes

Stream BW 5 kilobytes/s 5 kilobytes/s 5 kilobytes/s

Transport UDP UDP TCP

10/100 Mbps Ethernet

28

Skype Functions: MEDIA Skype Functions: MEDIA TRANSFERTRANSFER No silence suppression Silence packets are used to

play background noise at the peer maintain UDP NAT binding avoid drop in the TCP congestion window

Putting a call on hold 3 packets/sec to call-peer or Skype node same reasons as above

Codec frequency range 50-8,000 Hz (total bw of 3 kilobytes/s)

Reasonable call quality at (4 kilobytes/s)

29

Skype Functions: KEEP ALIVESkype Functions: KEEP ALIVE

Refresh message over TCP to SN every 60 seconds

Refresh message size: 60 bytes

30

Skype Functions: Skype Functions: CONFERENCINGCONFERENCING

A: Pentium4, 2GHz

B: PentiumII , 300 MHz

C: Pentium Pro 200 MHz

A, B, and C have public IP addresses

1: B-A Call

31


A: Pentium4, 2GHz




1: B-A Call

2: B-C Call

32


A: Pentium4, 2GHz




1: B-A Call

2: B-C Call

B decides to initiate a conference

33


A: Pentium4, 2GHz




B

C A+B

A+C

34


A: Pentium4, 2GHz



B and C are behind NAT. A has public IP addresses

1: B-A Call

B

A

BA

Online Skype node

35


A: Pentium4, 2GHz (public IP)


(NAT) C: Pentium Pro 200 MHz

(NAT)

B and C are behind NAT. A has public IP addresses

B

A+C

Online Skype node

A+BC

36

How to block Skype?How to block Skype?

Block IP address and port of Skype login servers.

Skype goes through super nodes. Inspect TCP payload of login

messages and block outgoing login messages.

Skype is blocked.

37

Skype, MSN, and YahooSkype, MSN, and YahooApplication version

Memory usage before call

(caller, callee)

Memory usage after call (caller,

callee)

Process priority

before call

Process priority

during call

Mouth-to-ear latency

Skype 1.217 KB, 10 KB 18 KB, 19

KBNormal High 90ms~

MSN 6.2 20 KB, 19 KB 25 KB, 25 KB

Normal Normal 95ms~, 130ms~

Yahoo 7.0 beta 33 KB, 33 KB 38 KB, 29 KB

Normal Normal 190ms~

38

Call / IM ForkingCall / IM Forking

User can login from multiple machines All Skype instances notified of call

arrival Pickup, cancel at other locations IMs delivered to all locations

39

Skype Online UsersSkype Online Users

Skype Online Users vs Time (Nov 24, 2004)

0200,000400,000600,000800,000

1,000,0001,200,0001,400,000

Time

On

line

Us

ers

40

Breaking the executableBreaking the executable

Skype does not run with ltrace Skype does run with strace nm does not reveal anything libcrypt is (perhaps) statically linked.

ldd does not reveal anything Skype can be run with SoftICE,

OllyDbg LD_PRELOAD technique

41

Unanswered questionsUnanswered questions

How Skype encrypts and decrypts? SN to SN communication? One hop or multiple hop media

relaying? How does search terminate if the user

is not found?

42

ConclusionConclusion

Login server and super nodes, not strictly peer-to-peer

Code obfuscation, runtime decryption Multiple paths for ‘in-time’ switching

incase of failures Other companies are following Skype

damaka, peerio, pc-telephone

43

ReferencesReferences Skype reports: http://www1.cs.columbia.edu/~salman/skype/ iSAC: http://www.globalipsound.com/datasheets/iSAC.pdf iLBC: http://www.globalipsound.com/datasheets/iLBC.pdf

44

Questions?Questions?