- 1.
- Introduction to Skype and ICQ protocols
- Technical University of Koice
- By: Marek Kitz Matej Kostro Martina Papjov
- Distributed Programming 2011 with Marek Parali
2.
- Instant Messaging Generally
- IM as online chat is communitaion text-based as well as
bidirectionally exchanged in realtime.
- IM set of communication technologies used for text-based
communication between two or more participants over the Internet or
other types of networks
- IM allows effective and efficient communication, allowing
immediate receipt of acknowledgment or reply
- Some of IM allows more features as audio and video calls based
on VoIP (Skype) or multimedia file transfer, etc.
3.
- Modern, GUI-based messaging clients, began in the mid 1990swith
PowWow, ICQ, and AOL Instant Messenger.
- In 2000, an open source application and open standards-based
protocol called Jabber was launched(XMPP).
- XMPP servers could act as gateways to other IM protocols,
reducing the need to run multiple clients.
- attempts to create a unified standard for instant messaging:
(SIP,SIP SIMPLE,APEX,Prim,...)
4.
- Integrating several IM protocols
- Many disparate protocols inside the IM server. Task of
communicating with the other services is on the server. This
approach is transparent for clients.
- Many protocols inside client IM application. This approach is
based on connecting to many servers from one application. (Pidgin,
Digsby, Miranda, etc.)
5.
- crackers use IM networks as vectors for delivering phishing
attempts, "poison URLs", and virus-laden file attachments
- viruses, trojan horses, or spyware within an infected file
- "socially engineered" text with a web address that entices the
recipient to click on a URL connecting him or her to a website that
then downloads malicious code
- IM connectionsin plain text, making them vulnerable to
eavesdropping.
- IM client requires open UDP ports, raising the threat posed by
potential security vulnerabilities
6.
- In January 2011, reached a record 27 millionsimultaneous online
users.
7. voice and video calls and chat over the Internet 8. uses a
proprietary Internet telephony (VoIP) networkcalled the Skype
protocol 9. the main difference between Skype and standardVoIP
clients is that Skype operates on a peer-to- peer model, rather
than the more usual client server model 10.
- Neighbour relationships in the Skype network
- Message exchange with login server during login
- Skype network architecture description I.
11.
- Skype network architecture description II.
-
- Skype client (SC) opens a TCP and a UDP listening port from
itsconnection dialog box
-
- SC also opens TCP listening ports at port number 80 and443
- 12. there is no default TCP or UDP listening port
-
- is a list of super node IP address and port pairs that SC
builds andrefreshes regularly
- 13. most critical part to the Skype operation
14. IP address and port number of an online Skype node 15.
- Skype network architecture description III.
-
- Skype uses 256-bit encryption AES (Advanced Encryption
Standard)
- 16. 1.1 x 10^77 possible keys
17. 1536 to 2048 bit RSA to negotiate symmetric AES keys 18.
public keys are certified by Skype server at login Packet
compression:
- Uses arithmetic compression that uses reals instead bits.
19. Normally, a string of characters represented using a fixed
number of bitsper character, as in the ASCII code 20. separating
the input into component symbols and replacing each with acode,
arithmetic coding encodes the entire message into a singlenumber, a
fraction n where (0.0 n < 1.0) 21.
-
-
- after installation, it sent a HTTP 1.1 GET request to the
Skypeserver (skype.com)
- 22. subsequent startups, a SC only sent a HTTP 1.1 GET request
tothe server to determine if a new version is available
- 23. Skype client authenticates the user with the login server,
advertisesits presence to other peers, determines the type of NAT
andfirewall it is behind and discovers nodes that have public
IPaddresses.
-
-
- Process described on the next slide
24.
- Send UDP packet toHC IP address and port
- TCP connection attempt with HC IP address and random port
- TCP connection attempt with HC IP address and port 80
- TCP connection attempt with HC IP address and port 443
- Skype connection to another peer
- NOTE: Authentication with login server is not included !!!
25.
-
-
- Global Index (GI) technology to search for a user
- 26. It is guaranteed to find a user if it exists and has logged
induring the last 72 hours
-
-
- call signaling is always carried over TCP
- 27. signaling information is exchanged over TCP
-
-
- If both clients has public IP, then media traffic flowed
directlybetween them over UDP
- 28. media traffic flow to and from the UDP port configured
indialog box
29.
- text messages, offline support,multi-user chats, free
daily-limited SMS sending, file transfers, greeting cards,
multiplayer games, searchable user directory
Clients:
- Digsby, eBuddy, Fring, Kopette, Meebo, Miranda, Pidgin,
QUIP
OSCAR:
- protocol is used in ICQ and AIM
30. OSCAR used in ICQ is named v7 31.
- FLAP : Frame Layer Protocol
-
- FLAP container encloses every packet. It carries information
about packet size, channel, and its number in sequence.
- 32. is used on the TCP connection between all clients and
servers
33. flap sequence numbers are used for errors detection Offset
Field Type/Size (in bytes) Remarks 00 FLAP ID Byte/1 Always
contains 2A. It is mark of packet start. 01 Channel Byte/1 1 =
login, 2 = SNAC layer, 3 = error, 4 = disconnect 02 Number in
sequence Int 16/2 Incremented by 1 each time a packet sent. Wraps
to 0 after FFFF 03 Data size Int 16/2 Size does not include FLAP
header FLAP Header OSCAR I. 34.
- SNAC( Simple Network Atomic Communication ) :
- communication unit that is exchanged between clients and
servers
35. length depends on FLAP 36. the SNAC communication layers
sits on top of the FLAP layer 37. flags is a general SNAC
properties TLV (Type-Length-Value) tuple description
- method of putting data into an organized format, especially
variable length strings, etc.
38. 16-bit value for the length of the Value field, and then the
actual data in the Value field (variable length) 39. TLVs make
sending a variable length string like"nickname@gmail" as simple as
defining a TLV with values{0x0011, 0x000c, "[email protected]"}.
OSCAR II. 40. Authorization based on MD5 41. Protocol negotiation
42. Retrieving offline messages 43. Any Questions? U mad? Problem?
44. So...Thank you for your attention