Skype Lawful Intercept

| Comments (0) | COMSEC
News is circulating of a German plan to build a "Skype-Capture-Unit", software which would live on your computer (be surreptitiously installed by the government) and capture the media for analysis. This is necessary because Skype is encrypted so ordinary capture mechanisms just get ciphertext. It's a little hard to read what's being proposed, but it sounds like the software would actually divert a copy of the plaintext to the monitoring station.

If this is indeed what the German government is planning on doing, it's actually kind of lame. First, it's inefficient since you need twice as much bandwidth, for the original media stream and the copy to the monitoring station. Second, it's easy to detect, because you're using a lot more bandwidth. An approach while would be much harder to detect would be to arrange to leak the encryption key and then capture the ciphertext using standard monitoring techniques. The key leakage can be done in such a way that it's very hard to detect.

The document also describes an SSL interception system. I'm finding it a little hard to decode, but it talks about a man-in-the-middle attack, which also easier to detect than necessary. Again, this doesn't seem like the most efficient technique—easier to just leak the keys.

As I've mentioned before, since Skype controls the software, they could assist the government with LI if they chose. This document is at least suggestive that they're not doing that.

Leave a comment