Expert: Skype calls nearly impossible for NSA to intercept

Expert: Skype calls nearly impossible for NSA to intercept

Summary:  That's the formula for sarin, a deadly gas said to be a favorite of terrorists. So let us say you have a terrorist in Amman, Jordan talking to a compatriot in Hamburg who has a line on some guy who trades in deadly chemicals, toxins, or naughty biowarfare agents.

SHARE:
TOPICS: Security
13

Sarin.jpg 

That's the formula for sarin, a deadly gas said to be a favorite of terrorists. 

So let us say you have a terrorist in Amman, Jordan talking to a compatriot in Hamburg who has a line on some guy who trades in deadly chemicals, toxins, or naughty biowarfare agents.

And let us say they then dial up another compatriot in New Jersey.

If these calls are being made over Skype the conversations are being encrypted by 256-bit long Skype encryption keys are a length that at least in theory, would take a literal eternity to crack.

The National Security Agency may not be able to intercept them. Or even know that they are going on. 

That's according to Bruce Schneier, chief technology officer at Counterpane Internet Security.

Schneier tells the AP's Peter Svensson that even if Skype's encryption is weaker then believed, it would still stymie the type of broad eversdroppoing that the National Security Agency is said to be performing. That eavesdropping is believed to involve scanning up to millions of calls at a time for certain phrases.

Even a weakly encrypted call would force an eavesdroopper to spend hours of computer time cracking it, adds Svensson via Schneier.

Skype's chief security officer Kurt Sauer tells Svensson that there are no "back doors" that could let a governmentpass the encryption on a call. He does add, however, that the company complies with all government requests in this area.

But my question is, what if the government- the NSA or whatever, doesn't know that these terrorists are talking over Skype because they cannot intercept the call? 

Scary.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • 256bit?

    How strong it is would depend on which encryption protocol they are using to transmit the message data. If they are using AES, 256 bit is WAY over kill for any computer any where on this planet today or 20 years from now. AES 128 is strong enough to retard a brute force attack using current techniques for decades so I don't see why Skype would go to 256bit ..though the extra computation needed to do it should not be an issue for today's pc's.

    As for the NSA's attempts to crack conversations, it is entirely possible they have methods to get around the limitations of traditional techniques. Quantum Computers are said to be very good at solving just the type of problems that cryptography poses, in the public domain the best quantum computers are barely useful for very simple operations but I wouldn't be suprised if the NSA has some more advanced technology that they could employ to crack encrypted messages but I doubt it.
    sent2null
    • 256b +

      I would love even more make it as hard as possible for them to see anything I do.

      Also keep in mind that civilian technology tends to be far in advance of government technologies. they are pretty late adopters.

      Chris Taylor
      http://www.nerys.com/
      nerys
      • Civ - Mil

        I would like to know where you got your facts when it comes to
        civilian technology vs. government tech. Just for the simple fact
        that the government and military technologies hit the civilian
        markets nearly twenty years after they were developed. This means
        that the computer you're looking at right now is appx. two decades
        behind what the government is capable of using at the present.

        Please, back up your resources.
        suprsonicbanana
  • What alternative do you propose?

    Are you suggesting that because there is a possibility that terrorists *may* use an encrypted service to hide their communications that VoIP encryption should be banned? Why should the US or any other government have the ability to monitor any phone conversation that they wish without following due process to get a warrant or subpeona? For that matter, why should any hacker doing a man-in-the-middle attack be able to monitor any phone conversation that they wish? By your reasoning, should the ability to encrypt emails or documents be banned because they *might* be terrorist communications?

    Ben Franklin probably wouldn't approve of your willingness to sacrifice freedom for security.
    /dev/nall
    • And better yet

      and even worse is we get nearly ZERO increase in security ? do you think all the extra security at airports has made us safer ? not one little bit.

      Persolnally it should be illegal for the government to keep secrets of any kind. And I mean any kind military or otherwise.

      Chris Taylor
      http://www.nerys.com/
      nerys
  • Scary ? not to me !

    Scary ? really ? you consider my ability to physically ENFORCE my right to privacy my birth given right to prevent the government from seeing anything I dont want them to (they are OUT employee's not the other way around please dont forget that)

    You consider that scary ? I consider that about damned time.

    The fact that terrorists can also use it is a side effect of having FREEDOM, live with it. if you want ZERO rights and freedoms go live in china or any other dictatorial style country.

    Government should have as LITTLE power as is feasible for it to be useful. they are there by and for our whim to serve us. Any other purpose is BEYOND there functional usefullness.

    Chris Taylor
    http://www.nerys.com/
    nerys
  • Encryption.......?

    How about, I already cracked it.... pretty easy actually, no such thing as strong encryption, at least not as long as we have Analog hardware. Shhh dont tell no one.
    charlitos4linzee
  • Here's a better idea

    Hey, maybe we should just imprison everyone and then let them out after they prove they're not a bad guy. That will definitely capture all the terrorists. And let's move immediately to requiring all letters be sent on postcards so they can be easily monitored -- and move to clear plastic walls on all houses so no one can, for example, make bombs without the authorities knowing about it....that'd be helpful.

    Heck, let's take it all the way and implant chips in all citizens that would monitor everything they say and send out location coordinates to the authorities. The chip could also cause paralyzing pain in case someone did something naughty.

    Bottom line -- if you don't believe people have a right of privacy, then if it was cheap and easy, the above ideas would be perfectly reasonable. They might be cheap and easy sooner than you think. A monitoring chip may be within technologial reach today for the masses.

    Watch out. If you follow the original author's line of thinking, you may wake up one day and wonder what happened to your once-free country.
    buzzl
  • No back door?

    I doubt that! Wasn't the press quizzing this guy on Skype security, and he kept dodging the "door" issue?
    Roger Ramjet
  • RE: Expert: Skype calls nearly impossible for NSA to intercept

    Enjoy Vyke's cheap international phone calls using PC-to-Phone, WIFI enabled mobile phones, SIP devices or Callback. Get a free dollar when you sign up for free, and there is no hidden charges or extra cost, just pay-as-you-go calling and sms. Check it out on <a href="https://www.vyke.com/">https://www.vyke.com/</a>

    4 US cent per call connection charge to free landline destinations with Vyke PC-to-Phone, Mobile VoIP and VoIP Phone. Check out the cheap rates to all other destinations on <a href="https://www.vyke.com/rates.jsf">https://www.vyke.com/rates.jsf</a>


    Happy Calling!!
    anjali4india
  • RE: Expert: Skype calls nearly impossible for NSA to intercept

    what i think is scary is the 'need' for a backdoor. Skype has not created 'the only encrypion unbreakable' (by practical means of course) its just merely widely used. there are many other methods and already developed tools to talk securly over the internet with even higher grades of encryption. its sickening that just because somethings popular and actually [appears] to be secure they are all over it. i like skype because its widespread easy to use and actually secure. even with nothing to hide many people just like their privacy and when it comes down to it some people get a warm fuzzy feeling that only 2 people are hearing their conversation with confidence. preemptive mesures may look good on paper but just cuz some people (and there will always be [some] people) misuse something is a bullshit reason to affect everyone else
    mastercactapus
  • RE: Expert: Skype calls nearly impossible for NSA to intercept

    Sarin as a weapon
    In mid-1939, the formula for the agent was passed to the chemical warfare section of the German Army Weapons Office, which ordered that it be brought into mass production for wartime use. A number of pilot plants were built, and a high-production facility was under construction (but was not finished) by the end of World War II. Estimates for total sarin production by Nazi Germany range from 500 kg to 10 tons. [citation needed] Though sarin, tabun and soman were incorporated into artillery shells, Germany ultimately decided not to use nerve agents against Allied targets.


    U.S. Honest John missile warhead cutaway, showing M134 Sarin bomblets (c. 1960)
    1950s (early): NATO adopted sarin as a standard chemical weapon, and both the U.S.S.R and the United States produced sarin for military purposes.
    1953: 20-year-old Ronald Maddison, a Royal Air Force engineer from Consett, County Durham, died in human testing of sarin at the Porton Down chemical warfare testing facility in Wiltshire. Maddison had been told that he was participating in a test to "cure the common cold." Ten days after his death an inquest was held in secret which returned a verdict of "misadventure". In 2004 the inquest was reopened and, after a 64-day inquest hearing, the jury ruled that Maddison had been unlawfully killed by the "application of a nerve agent in a non-therapeutic experiment."[14]
    1956: Regular production of sarin ceased in the United States, though existing stocks of bulk sarin were re-distilled until 1970.
    1960s (developing): The US unsuccessfully sought Australian permission to test Sarin and VX gas on 200 "mainly Australian" troops, probably in the Iron Range rainforest near Lockhart River, Queensland. While this never actually took place, the planning was in advanced stages.[15]
    1978: Michael Townley in a sworn declaration indicated that sarin was produced by the secret police of Chile's Pinochet regime DINA, by Eugenio Berr?os, it indicated that it was used to assassinate the state archives custodian Renato Le?n Zenteno and the Army Corporal Manuel Leyton.[16]
    1980?1988: Iraq used sarin against Iran during the 1980?88 war. During the 1990?91 Gulf War, Iraq still had large stockpiles available which were found as coalition forces advanced north.[citation needed]
    1988: Over the span of two days in March, the ethnic Kurd city of Halabja in northern Iraq (population 70,000) was bombarded with chemical and cluster bombs, which included sarin, in the Halabja poison gas attack. An estimated 5,000 people died.
    1991: UN Resolution 687 established the term "weapon of mass destruction" and called for the immediate destruction of chemical weapons in Iraq, and eventual destruction of all chemical weapons globally.[17]
    1993: The United Nations Chemical Weapons Convention was signed by 162 member countries, banning the production and stockpiling of many chemical weapons, including sarin. It went into effect on 29 April 1997, and called for the complete destruction of all specified stockpiles of chemical weapons by April 2007.[18]
    1994: The Japanese religious sect Aum Shinrikyo released an impure form of sarin in Matsumoto, Nagano. (see Matsumoto incident)
    1995: Aum Shinrikyo sect released an impure form of sarin in the Tokyo Subway. Thirteen people died. (see Sarin gas attack on the Tokyo subway)
    1998: In the US, Time Magazine and CNN ran news stories alleging that in 1970 U.S. Air Force A-1E Skyraiders engaged in a covert operation called Operation Tailwind, in which they deliberately dropped sarin-containing weapons on U.S. troops who had defected in Laos. CNN and Time Magazine later retracted the stories and fired the producers responsible.[19]
    2004: On May 14 Iraqi insurgency fighters in Iraq detonated a 155 mm shell containing several litres of binary precursors for sarin. The shell was designed to mix the chemicals as it spins during flight. The detonated shell released only a small amount of sarin gas, either because the explosion failed to mix the binary agents properly or because the chemicals inside the shell had degraded significantly with age. Two United States soldiers were treated after displaying the early symptoms of exposure to sarin.[20]
    saeed-urrehman
  • RE: Expert: Skype calls nearly impossible for NSA to intercept

    BS!!! Why do you need to encrypt it if one just goes to the server end point and take the whole message.
    Why I think so. Here's the real story that happened in Germany. One of my wife's friends who lives in Germany wanted to invite their relatives/friends to visit them. Before appointment they were asked to present some proof of their communication with each other. They said that they talked over Skype. Then they were asked to provide just Skype ids!!! That's it. When they come for appointment, they were asked a question on why they talked only about visas? Given that it is impossible to decrypt, it means German consulate has access to the Skype servers and that means the messages are recorded there or on the route.
    dimichzn