soulxtc
February 19th, 2006, 12:56 PM
From a law enforcement point of view, digital communication is a two-edged sword. On the one hand, it allows for the simple collection, sorting, and processing of massive amounts of information (such as in the FBI's Carnivore system), but on the other hand, it is much easier for users to encrypt their communications with almost unbreakable codes. Now that VoIP calls are becoming commonplace, governments around the world are struggling to adapt to the new technology, and Skype has found itself under extra scrutiny.
The reason is that Skype uses 256-bit, industry-standard AES encryption that is nearly impossible to break without the key. The Skype privacy FAQ explains the system this way:
"Skype uses AES (Advanced Encryption Standard) - also known as Rijndael - which is also used by U.S. Government organizations to protect sensitive, information. Skype uses 256-bit encryption, which has a total of 1.1 x 1077 possible keys, in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates."
All Skype traffic is automatically encrypted end-to-end without requiring any user intervention, and this encryption is posing a problem to authorities who need (or want) to listen in on conversations. Skype executives state that their software is free of all backdoors, and a security researcher who saw some (but not all) of the code agrees. Still, the company claims that it "cooperates fully with all lawful requests from relevant authorities," which may mean that they turn over keys to governments upon request.
READ ARTICLE (http://arstechnica.com/news.ars/post/20060217-6206.html)
The reason is that Skype uses 256-bit, industry-standard AES encryption that is nearly impossible to break without the key. The Skype privacy FAQ explains the system this way:
"Skype uses AES (Advanced Encryption Standard) - also known as Rijndael - which is also used by U.S. Government organizations to protect sensitive, information. Skype uses 256-bit encryption, which has a total of 1.1 x 1077 possible keys, in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates."
All Skype traffic is automatically encrypted end-to-end without requiring any user intervention, and this encryption is posing a problem to authorities who need (or want) to listen in on conversations. Skype executives state that their software is free of all backdoors, and a security researcher who saw some (but not all) of the code agrees. Still, the company claims that it "cooperates fully with all lawful requests from relevant authorities," which may mean that they turn over keys to governments upon request.
READ ARTICLE (http://arstechnica.com/news.ars/post/20060217-6206.html)