Skype - 3.0 beta Betriebsanweisung PDF herunterladen (Seite 16)

Skype Network Administrator’s Guide Skype 3.0 Beta 16

2006-10-31 Document version 2.0 Beta

Each Skype client generates half of a 256-bit symmetric key when a connection is

established. The keys are exchanged and joined to create a 256-bit session key, which is

valid for the life of the session. Every session gets an individual 256-bit key. In the case of

a multi-party conference call, multiple simultaneous calls are set up, each with its own

session and unique key. The fact that symmetric AES keys are shared enables Skype to be

an authenticated channel between any number of valid Skype users.

Note: AES has been adopted by the United States government to protect sensitive

information. With 256-bit encryption, any of 1.1 x 1,077 possible keys may encrypt

sensitive data.

Skype relies on public-key cryptography to validate signatures on credentials for the

purpose of negotiating a symmetric key, then it uses symmetric-key cryptography for

secure communication between Skype clients. The combined approach makes the process

of establishing transport-layer security among Skype clients efficient.

The public-key cryptographic model enables two things. It permits a Skype client to

receive private messages which only it can read, and it lets the Skype client issue signed

messages that no one else could have created. No person, organization, nor Skype

Technologies S.A., itself has a copy of a key being shared by the parties to a Skype call.

Moreover, there is no sharing or disclosure of keys to any parties other than the pairwise

sharing to establish a 256-bit session key. Finally, when a Skype session ends, the keys are

discarded. And encryption keys are not disclosed to the Skype user or escrowed to third

parties.

Security & File Transfers (Viruses, Trojan Horses, etc.)

A particularly powerful feature of Skype is its capability to enable users to transfer files

securely between computers.

On the Microsoft Windows platform, system- and network administrators can turn off the

Skype client’s file transfer capability by setting a registry key. See Setting Policies via

Registry Keys later in this document.

The Skype file transfer capability allows a Skype user to send files of up to 2GB to

anybody in their contacts list. The intended recipient must meet the following four criteria:

• Has shared contact details (see “Privacy and Sharing Contact Details),

• Has not blocked the sender (see “Blocking Other Skype Users”),

• Is online when the sender initiates the file transfer, and

• Is willing and able to accept the file transfer from the sender.

Note: Sometimes, a Skype user will appear online but, in fact, will not be notified of a

pending file transfer until the intended recipient receives some type of initial contact, such

as an IM or call, to re-establish the connection between Skype clients.

The Skype client maintains a history of each user’s file transfers, those that are sent and

received. This list is displayed in the history tab, unless the user clears the list intentionally.

The list also shows the origin or destination on the file system of the transferred file.

1 2 ... 11 12 13 14 15 16 17 18 19 20 21 ... 36 37

Keine Kommentare

Skype - 3.0 beta Betriebsanweisung Seite 16