German police baffled by Skype rotational headers

Interesting story just in from Germany about how police there are "unable to decipher the encryption used" on Skype calls.

Police in Germany are frustrated, it seems, in their efforts to monitor Skype calls made by suspected criminals and terrorists.

"The encryption with Skype telephone software ... creates grave difficulties for us," Joerg Ziercke, president of the BKA, the Bundeskriminlamt, Germany's federal police agency, said at a security conference in Wiesbaden this week.

"We can't decipher it. That's why we're talking about source telecommunication surveillance - that is, getting to the source before encryption or after it's been decrypted." he said.

Ziercke told delegates that his agency has not, however, been asking Skype to reveal its encryption keys or leave "back doors open" for law enforcement agencies.

Ziecke's comments have me puzzled. At a communications conference last year I spoke with senior Skype officials about the issue of eavesdropping and they admitted that Skype calls were relatively easy to spot amidst general IP traffic, owing to their headers.

Because some country's ISPs were blocking Skype calls at the request of their incumbent telcos, Skype upgraded its proprietary IP call headers earlier this year to prevent pattern matching.

Using a rotational/scrambling approach to the headers has meant that most IT security software can no longer easily detect a Skype call in progress but, my sources say, once the Skype header as been picked out, it's a relatively easy task to extract the voice element of the call concerned.

This suggests that the BKA aren't up to speed when it comes to detecting Skype calls. If that's the case, then they probably can't detect encrypted SIP (standard VOIP calls) either.

Let's hope the UK Secret Service are better equipped...