This paper contains the first authorized description of the Skype cryptosystem. Skype P2P sessions are encrypted end-to-end at the session layer. Session keys are created using a key-agreement protocol which provides each peer with proofs of freshness and authenticity, and which allows each peer to contribute bits toward the session key. Authenticity and identity are rooted in the Skype Certificate Authority. We analyze the cryptosystem as of Skype Version 1.3. We conclude that is is generally well-designed and correctly implemented.
[PDF]
[My PGP Signature on this Document]
[My PGP Public Key]