[VOIPSEC] regarding skype's usefulness in the enterprise
tcarter at entrusion.com
Wed Jan 4 15:18:35 PST 2006
> and it's proprietary encryption. there are some simply rules
> in the crypto world, one of which is "if it's not a reviewed
> crypto scheme you should assume it is suspect". skype's
> crypto is proprietary. It's been reviewed, in a very limited
> fashion, and the review doesn't read to some like it's ok.
Are you reading the same evaluation that was published here:
Skype's security was reviewed by a respected cryptographer and does use
standards based cryptography.
Read: "Skype uses only standard cryptographic primitives to meet its ends,
which is a sound engineering approach. These primitives include the AES
block cipher, the RSA public-key cryptosystem, the ISO 9796-2 signature
padding scheme, the SHA-1 hash function"..
More information about the Voipsec