Free communication to anyone in the world has been a dream of humanity since the division of fire signals. Thanks to technological advances, society is approaching this ideal rapidly, with the help of Skype. Since its introduction,
Skype has served 100 billion minutes worth of Skype-to-Skype calls
to users across the globe. In comparison to the traditional telecomm industry, this statistic sounds insignificant. However, each of these calls was entirely free. The Skype protocol has enabled over 276 million users to hold conversations without spending a single dime by implementing a peer-to-peer overlay network, enhanced security features, and advanced network traversal tactics. Despite wild success, the network does have several flaws that draw criticism from industry experts, which limit its adoption and penetration into all markets.
The Network
Traditionally the cost of running a large telecommunications network would prohibit a company’s ability to provide free calling, as installation and maintenance costs would be exorbitant. Skype uses the existing infrastructure of the Internet to carry voice through a sophisticated variant of traditional peer-to-peer networks. 
Instead of traffic being directed through central servers, Skype routes client calls, requiring approximately 12 kilobytes per second, and user searches through so-called “super-nodes.” Roughly, 20,000 super-nodes exist on the Skype network, and any peer may become one, provided that the peer has sufficient bandwidth and is not behind a restrictive firewall. The only investment besides development of the actual application that Skype must maintain, is a centralized login server used to authenticate peers when the client is installed and registered for the first time. Thus, the network builds and maintains itself with minimal attention from the developers.
The Encryption
Since all traffic is handled through super-nodes, it is possible for an observer to intercept voice packets transferred by the Skype protocol simply by locating aforementioned peers. To prevent such breaches, all traffic between peers is encrypted using a 256-bit Advanced Encryption Standard (AES) key. In addition to this encryption, peer identification is handled by a 2048-bit symmetric RSA system in order to prevent spoofing of client identification. Not only network traffic is secured however, but also Skype’s code is obfuscated, compressed, and encrypted until run time to prevent reverse engineering of the protocol and security measures. Therefore, the data collected about the network and its internal operations are based primarily on observation.
Network Penetration
The primary difficulty of operating a peer-to-peer network is traversing firewalls and network address translation (NAT). The average personal computer user has no knowledge of NAT configuration to facilitate connections within their network and thus generally only HTTP and FTP traffic are permitted freely. Skype remedies this by implementing various methods of circumventing network blocks in place. These include the client selecting random ports until locating an unobstructed path, switching between UDP and TCP packets to transmit voice data, locating and using any proxies in use for future Skype traffic, and the Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators Protocol (STUN). STUN determines the public IP address of the peer and coordinate UDP port opening and packet transmission.
The Bottom Line
These features of the Skype protocol have attracted both support and criticism from various parties. Network administrators dislike Skype for its ability to penetrate through firewalls into networks with encrypted payloads while also creating super-nodes on a whim. Such a design permits perceptive attackers to gain access to a protected network and can consume an enormous amount of bandwidth without the ability for an administrator to monitor or control traffic. Since the Skype source code itself is not open, there is the potential of a hidden backdoor within the client creating privacy and security issues. Finally, the Skype network is not entirely reliable, as Super-Nodes often are normal Microsoft Windows desktops. As evidenced by a Windows Update in 2007, if a number of super-nodes are taken offline at the same time, the network is unable to rebuild itself and recover for several days.
Despite security concerns, Skype provides a wonderful service using innovative peer-to-peer techniques. It enables users in developing countries to communicate with voice and video at no cost, promotes international collaboration, and is a model for successful Voice over IP design and implementation. Thanks to its overlay design, encryption techniques, and network traversal techniques, Skype is one of the leading VoIP providers in the world.
