Skype and icq referat final - copy


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Skype and icq referat final - copy

  1. 1. <ul>Introduction to Skype and ICQ protocols </ul><ul>Technical University of Košice </ul><ul>By: Marek Kitz Matej Kostroš Martina Papájová </ul><ul>Distributed Programming 2011 with Marek Paralič </ul>
  2. 2. <ul>Instant Messaging Generally </ul><ul><li>IM as online chat is communitaion text-based as well as bidirectionally exchanged in realtime. </li></ul><ul><li>IM set of communication technologies used for text-based communication between two or more participants over the Internet or other types of networks </li></ul><ul><li>IM allows effective and efficient communication, allowing immediate receipt of acknowledgment or reply </li></ul><ul><li>Some of IM allows more features as audio and video calls based on VoIP (Skype) or multimedia file transfer, etc. </li></ul>
  3. 3. <ul>History </ul><ul><li>Modern, GUI-based messaging clients, began in the mid 1990s with PowWow, ICQ, and AOL Instant Messenger. </li></ul><ul><li>In 2000, an open source application and open standards-based protocol called Jabber was launched(XMPP). </li></ul><ul><li>XMPP servers could act as gateways to other IM protocols, reducing the need to run multiple clients. </li></ul><ul><li>attempts to create a unified standard for instant messaging: (SIP,SIP SIMPLE,APEX,Prim,...) </li></ul>
  4. 4. <ul>Integrating several IM protocols </ul><ul><li>Many disparate protocols inside the IM server. Task of communicating with the other services is on the server. This approach is transparent for clients. </li></ul><ul><li>Many protocols inside client IM application. This approach is based on connecting to many servers from one application. (Pidgin, Digsby, Miranda, etc.) </li></ul>
  5. 5. <ul>Security risks </ul><ul><li>crackers use IM networks as vectors for delivering phishing attempts, &quot;poison URLs&quot;, and virus-laden file attachments </li></ul><ul><li>viruses, trojan horses, or spyware within an infected file </li></ul><ul><li>&quot;socially engineered&quot; text with a web address that entices the recipient to click on a URL connecting him or her to a website that then downloads malicious code </li></ul><ul><li>IM connections in plain text, making them vulnerable to eavesdropping. </li></ul><ul><li>IM client requires open UDP ports, raising the threat posed by potential security vulnerabilities </li></ul>
  6. 6. <ul><li>In January 2011, reached a record 27 million simultaneous online users.
  7. 7. voice and video calls and chat over the Internet
  8. 8. uses a proprietary Internet telephony (VoIP) network called the Skype protocol
  9. 9. the main difference between Skype and standard VoIP clients is that Skype operates on a peer-to- peer model, rather than the more usual client– server model </li></ul>
  10. 10. <ul>Ordinary host </ul><ul>Super node </ul><ul>Neighbour relationships in the Skype network </ul><ul>Message exchange with login server during login </ul><ul>Skype network architecture description I. </ul><ul>Skype Login server </ul>
  11. 11. <ul>Skype network architecture description II. </ul><ul><li>Ports: </li></ul><ul><ul><li>Skype client (SC) opens a TCP and a UDP listening port from its connection dialog box </li></ul></ul><ul><ul><li>SC also opens TCP listening ports at port number 80 and 443
  12. 12. there is no default TCP or UDP listening port </li></ul></ul><ul><li>Host Cache: </li></ul><ul><ul><li>is a list of super node IP address and port pairs that SC builds and refreshes regularly
  13. 13. most critical part to the Skype operation
  14. 14. IP address and port number of an online Skype node </li></ul></ul>
  15. 15. <ul>Skype network architecture description III. </ul><ul><ul><li>Encryption: </li><ul><li>Skype uses 256-bit encryption AES (Advanced Encryption Standard)
  16. 16. 1.1 x 10^77 possible keys
  17. 17. 1536 to 2048 bit RSA to negotiate symmetric AES keys
  18. 18. public keys are certified by Skype server at login </li></ul><li>Packet compression: </li><ul><li>Uses arithmetic compression that uses reals instead bits.
  19. 19. Normally, a string of characters represented using a fixed number of bits per character, as in the ASCII code
  20. 20. separating the input into component symbols and replacing each with a code, arithmetic coding encodes the entire message into a single number, a fraction n where (0.0 ≤ n < 1.0) </li></ul></ul></ul>
  21. 21. <ul>Skype functions I. </ul><ul><ul><li>Startup: </li></ul></ul><ul><ul><ul><li>after installation, it sent a HTTP 1.1 GET request to the Skype server (
  22. 22. subsequent startups, a SC only sent a HTTP 1.1 GET request to the server to determine if a new version is available
  23. 23. Skype client authenticates the user with the login server, advertises its presence to other peers, determines the type of NAT and firewall it is behind and discovers nodes that have public IP addresses. </li></ul></ul></ul><ul><ul><li>Login: </li></ul></ul><ul><ul><ul><li>Process described on the next slide </li></ul></ul></ul>
  24. 24. <ul>Start </ul><ul>Success </ul><ul>Send UDP packet to HC IP address and port </ul><ul>Response within 5 seconds </ul><ul>TCP connection attempt with HC IP address and random port </ul><ul>Connected </ul><ul>TCP connection attempt with HC IP address and port 80 </ul><ul>Connected </ul><ul>TCP connection attempt with HC IP address and port 443 </ul><ul>Connected </ul><ul>Wait for 6 seconds </ul><ul>Connections Attempts == 5 </ul><ul>Failure </ul><ul>Yes </ul><ul>No </ul><ul>Yes </ul><ul>Yes </ul><ul>Yes </ul><ul>No </ul><ul>No </ul><ul>No </ul><ul>No </ul><ul>Skype connection to another peer </ul><ul>Yes </ul><ul>NOTE: Authentication with login server is not included !!! </ul>
  25. 25. <ul>Skype functions II. </ul><ul><ul><li>User Search: </li></ul></ul><ul><ul><ul><li>Global Index (GI) technology to search for a user
  26. 26. It is guaranteed to find a user if it exists and has logged in during the last 72 hours </li></ul></ul></ul><ul><ul><li>Call Establishment : </li></ul></ul><ul><ul><ul><li>call signaling is always carried over TCP
  27. 27. signaling information is exchanged over TCP </li></ul></ul></ul><ul><ul><li>Media Transfer: </li></ul></ul><ul><ul><ul><li>If both clients has public IP, then media traffic flowed directly between them over UDP
  28. 28. media traffic flow to and from the UDP port configured in dialog box </li></ul></ul></ul>
  29. 29. <ul><li>Features : </li><ul><li>text messages, offline support,multi-user chats, free daily-limited SMS sending, file transfers, greeting cards, multiplayer games, searchable user directory </li></ul><li>Clients: </li><ul><li>Digsby, eBuddy, Fring, Kopette, Meebo, Miranda, Pidgin, QUIP </li></ul><li>OSCAR: </li><ul><li>protocol is used in ICQ and AIM
  30. 30. OSCAR used in ICQ is named v7 </li></ul></ul>
  31. 31. <ul><li>FLAP : Frame Layer Protocol </li><ul><ul><li>FLAP container encloses every packet. It carries information about packet size, channel, and its number in sequence.
  32. 32. is used on the TCP connection between all clients and servers
  33. 33. flap sequence numbers are used for errors detection </li></ul></ul></ul>Offset Field Type/Size (in bytes) Remarks 00 FLAP ID Byte/1 Always contains 2A. It is mark of packet start. 01 Channel Byte/1 1 = login, 2 = SNAC layer, 3 = error, 4 = disconnect 02 Number in sequence Int 16/2 Incremented by 1 each time a packet sent. Wraps to 0 after FFFF 03 Data size Int 16/2 Size does not include FLAP header FLAP Header OSCAR I.
  34. 34. <ul><li>SNAC( Simple Network Atomic Communication ) : </li><ul><li>communication unit that is exchanged between clients and servers
  35. 35. length depends on FLAP
  36. 36. the SNAC communication layers sits on top of the FLAP layer
  37. 37. flags is a general SNAC properties </li></ul><li>TLV (Type-Length-Value) tuple description </li><ul><li>method of putting data into an organized format, especially variable length strings, etc.
  38. 38. 16-bit value for the length of the Value field, and then the actual data in the Value field (variable length)
  39. 39. TLVs make sending a variable length string like &quot;nickname@gmail&quot; as simple as defining a TLV with values {0x0011, 0x000c, &quot;;}. </li></ul></ul>OSCAR II.
  40. 40. Authorization based on MD5
  41. 41. Protocol negotiation
  42. 42. Retrieving offline messages
  43. 43. Any Questions? U mad? Problem?
  44. 44. So... Thank you for your attention