I've been doing a lot of screwing around with Skype recently and have hit a bit of an issue. Does anyone think Skype could be vulenrable to man in the middle attacks? Each packet is encrypted with 256bit AES and each client has a public certificate, however I cant seem to find any certificate validation in the buildup/teardown sequence of establishing a link.
Scenerio:
Bob wants to talk to Alice. However one or both of them are behind firewalls. With Skype a connection between them would be made by contacting a supernode (a publicly available IP running Skype with sufficient resources for call routing) and having that supernode bounce their communications. Without means of certificate validation (i.e. some place like the central skype authentication server) there would be no way to tell that Bob is really Bob and Alice is really Alice. So, lets say that the supernode they were bouncing through was compromised, could an attacker proxy themselves into the conversation MitM style (like you can with SSL or SecureIM)?
Now, the likelyhood of this happening is minimal, as just about any publicly available node can be promoted to a supernode. An attacker would have to somehow know what supernode that was going to be used for the conversation, pre-0wn it, and be ready to intercept the communication request. I'm more concerned if this is a theoretical possibility. Or, does Skype somehow do a validation of the public certs and I've just managed to not find that information.
Scenerio:
Bob wants to talk to Alice. However one or both of them are behind firewalls. With Skype a connection between them would be made by contacting a supernode (a publicly available IP running Skype with sufficient resources for call routing) and having that supernode bounce their communications. Without means of certificate validation (i.e. some place like the central skype authentication server) there would be no way to tell that Bob is really Bob and Alice is really Alice. So, lets say that the supernode they were bouncing through was compromised, could an attacker proxy themselves into the conversation MitM style (like you can with SSL or SecureIM)?
Now, the likelyhood of this happening is minimal, as just about any publicly available node can be promoted to a supernode. An attacker would have to somehow know what supernode that was going to be used for the conversation, pre-0wn it, and be ready to intercept the communication request. I'm more concerned if this is a theoretical possibility. Or, does Skype somehow do a validation of the public certs and I've just managed to not find that information.
Comment