back to article Crypto boffins smuggle secret messages in silent Skype calls

Polish security researchers have come up with a cunning method to transmit hidden messages using the silence packets transmitted during a Skype call. The VoIP service transmits voice data in 130-byte packets, and silences in 70-byte packets, a difference that creates a potential means to conceal a hidden encrypted message in …


This topic is closed for new posts.
  1. Ian 62

    Deja Vu

  2. K

    Wojciech Mazurczyk, Krysztof Szczypiorski and Maciej Karaœ

    Could somebody decrypt this for me please?

    1. TheRealRoland

      Re: Wojciech Mazurczyk, Krysztof Szczypiorski and Maciej Karaœ

      There's an MLB player nicknamed 'Scrabble' :-)

  3. smudge
    Big Brother


    For the secret messages to be indistinguishable from silence, the 70-byte packets generated by Skype to represent silence must contain proper random data.

    This seems unlikely to me. All zeroes, or all ones, or 70 copies of a single byte from elsewhere all seem more likely to me.

    Anyone know Skype in enough detail to comment?

    1. David Hicks

      Re: Indistinguishable?

      I think you misunderstand - the messages are not put into the 70 byte packets, they are encoded using the sequence of silent and non-silent packets.

      Think morse code only using silent and non-silent packages instead of dots and dashes, and then layer something like ssh/ssl over the top.

      1. David Hicks

        Re: Indistinguishable?

        OK no, it's me that misunderstood, from reading the linked article.

        They have managed to cram data into the silent packets, which then gets thrown away or ignored by the standard client, but which someone running their program can grab and decode.

        If the skype packets are encrypted using half-decent encryption anyway, then the data they contain will already look fairly random, so substituting other encrypted data shouldn't look too suspicious to the casual packet sniffer.

        Whether this is an effective method or not would seem (to me) to come down to how much validation is performed by any hypothetical skype interception program in use by the authorities that we suspect of listening, and whether they get the full stream or just recovered audio.

        Actually I think I like my idea better...

        1. smudge

          Re: Indistinguishable?

          Not being a Skype user, I had forgotten - or never thought about it - that Skype packets, including those representing silence, would be encrypted anyway. So yes, packets carrying a secret message should be indistinguishable from silence.

          As for your idea of structuring the silence packets - that would be feasible, if low bandwidth. But you might now be adding structure (ie information) to something that is normally random.

          I wonder how they manage key distribution - assuming that Big Brother can intercept any initial key exchange by Skype.

    2. This post has been deleted by its author

  4. Androgynous Crackwhore
    Big Brother


    A serious crypto application running on... Skype?!??!?!?!!!


    I suppose that if you ONLY use it for encrypted sego traffic then it wouldn't be TOO much of a liability... but then it'd hardly be stego, would it? :-|

    Who sponsored this? Skype marketing or NSA?

    1. Mike Brown

      Re: WTF?

      Becuase the data sent still looks like skype. Which makes it look perfectly innocent.

      Plus if the decode app is small enough, it can be hidden within skype itself. And since veryone has skyupe already, noone is going to take any notice of the skype icon on the computer.

      1. Androgynous Crackwhore

        Re: WTF?

        Yes, I got all that... I'm just not convinced that all those silent Skype calls would "look perfectly innocent."

        1. Mike Brown

          Re: WTF?

          why would the whole call have to be silent? its perfectly feasible to have a surprising amount of silence during a skype call. So you could have a normal conversation about the weather or football, or your cat, but during every pause a super secret message is being sent. It would be trivial to work out how much time would be needed to have the correct amount of pauses, to send a certain message length.

  5. hugo tyson

    Packet formats

    (Yes, the story is duplicated)

    Um, so they mean that silent packets are 70 bytes of control/timing/keep-alive data, and packets-with-content are 130 bytes, being that same metadata plus 60 bytes of audio data. So a naughty intermediary can substitute long packets for short silent ones, with Steganographic almost-silence in the 60 byte payload.

    The listener won't notice. The sekrit receiver software might even undo the change at the far end. The real point is that it gets through firewalls and filters and snoops just like the legit skype data does, surely?

    Does that make sense? (No, can't be arsed to go read.....)

  6. mIRCat

    It's whats for dinner.

    Copy pasta!

  7. Anonymous Coward
    Anonymous Coward

    not quite the same but...

    If the intention was just to be able to get past the firewalls (assuming skype traffic was allowed) then a software analogue modem could be used (yes, I know 'analogue modem' is a tautology). Encrypt data, pass through modem to get 'voice', send through skype - undo at other end. Not sure what the effective bandwidth of skype is but you surely must be able to get better than an old 96k dial-up.

    IF you wanted to hide the message then I like the out-of-band suggested earlier (the morse code equivalent), but this is a bit slow. I don't know how skype works at the packet level but I'm guessing there will be any number of flags sent (packet lost, checksum fail, etc) that can be used to provide an out-of-band conduit. All too slow for anything substantial but possible to allow for a covert chat session (as is the method mentioned in the article).

    1. Eddie Edwards

      Re: not quite the same but...

      Well you can make a Skype call on 30kbps according to their site, so if you can cram 96k into that I'd be impressed. The 90s phone system was running at 64kbps after digitization hence the fastest modems, at 56k, were making rather efficient use of the bandwidth.

      Apropos of nothing, CD-quality audio runs at around 1200kbps so if you achieved the same level of efficiency you could send about a megabit from a phone to a line-out device, and half a megabit via line-in. So some pretty interesting non-official iPhone add-ons could be made (the helicopters are cool but only scratch the surface of the available bandwidth).

  8. This post has been deleted by its author

  9. Anonymous Coward
    Anonymous Coward

    What is the point?

    What is the point?

    What is the point when Microsoft will have given the tap API to particular security agencies anyway?

  10. Anonymous Coward

    Uses silent packets?

    This wouldn't work on Mrs Coat's calls. I can't get a word in edgewise.

  11. Anonymous Coward
    Anonymous Coward

    Downvote me if you like but this is not really anything exciting, earth shattering or novel. Heck, back in 1995 me and a mate devised a method of hiding short encrypted messages in any 'plain English' document using just the silence between words i.e. the whitespace. Same principle, different delivery mechanism. We didn't consider our coffee-time project a big deal either.

    1. corrodedmonkee

      All I can think of when reading this massive whitespace gaps in text, where the author has coloured the text white to match the background. A slight derivative of the old TV favourite... The hidden extra paragraph in white.

      1. Anonymous Coward
        Anonymous Coward

        Snigger. No, it wasn't like that. It was encrypted and subsequently hidden data, crypto-randomly distributed throughout any text-based document (of suitable length for the encrypted data). It wasn't particularly efficient as there were obvious limitations, but it was easily achievable and had offered no indication of a document being tampered with to hide the encrypted data.

  12. itzman

    Steganography rules..

    there are so many ways to encypt..and the methodology is the shared secret...

    Imagine a server, that accepts email messages. Now it accepts them on port 25, but the senders a free choice. And there are a lot of numbers up there. So is the MSG_ID. use those to subtly hash an attached JPEG or similar..why even the MIME tag is a free choice,

    There are soi many ways to use one time pads, shared secrets that are essentially uncrackable UNLESS you know the methodology, and even then,it takes time to brute-force attack them.

    And to discover that, you have to know that there is something to be revealed.

    if everybody used encrypted mail, routinely, who would know where to look?

  13. Steve Knox

    Skype Jazz

    It's the notes they don't play...

  14. David 45

    Will it stop the snoopers?

    This will do the UK government's "snooping charter" no good at all. (I'm very glad to say!)

This topic is closed for new posts.

Other stories you might like