1

Skype supports private message. It looks like its private message is encrypted using Signal Protocol.

I have this sample of Skype private message and need to decrypt the "content".

 "clientmessageid": "10507111498039774744",
        "messagetype": "EndToEndEncryption/EncryptedText",
        "originalarrivaltime": "2020-01-27T05:53:17.571Z",
        "encryptedkey": {
            "d79ee36f-a499-49b7-ac9d-6091362e141a": "eyJ0eXBlIjoxLCJib2R5IjoiM1xuIVx1MDAwNWw4wrxcbm5cdTAwMWPCiGVuXHUwMDA0csKCw6TCsMKWw40kw5vDlyxdw7LDllx1MDAwNMO6LmvCk8KLwqnDrGlcdTAwMTBcdTAwMWJcdTAwMThcdTAwMTVcIsKgXHUwMDAxTTI9XHUwMDA2w4UjeMKeJFx1MDAxOcOnwop+XHRewrvCisK4w6jDnlx1MDAwNUzCg8K5TFxiwrAnXHUwMDA3bFxcZ15bS8KhU8K9w5TDgMKQwphZN3PCqGHDpTZMw6TCoMKOUMOPwr1cdTAwMDDCoMKPXcO4w7l2wqLCmMO1csOWUVx1MDAwMFx1MDAwZcOLw6vChUPDsFZFXHUwMDE4wr8kwpbCgcOqw41cdTAwMTYuwqnCo1x1MDAwYkJ6w4rDozJcdTAwMWRNw68tw6jDu8KtdsOKXHUwMDFhw4lcdTAwMDDCtsO8XHUwMDEzw6p2XHUwMDEwworCm8ODwrI1woTDjFx1MDAxNVx1MDAwNFx1MDAwZcKLXHUwMDFlw6zDvj9YwrxWwp/CvULCtMKgJsO3w7R8VMOhw6vDoMKUwqvCiirCv1xcw4TCim5cdTAwMDXCssOOw5nCgC53XHUwMDFiw5BHw5XChsK1KFx1MDAwMiIsInJlZ2lzdHJhdGlvbklkIjo0Mn0="
        },
        "version": "1580104398186",
        "fromdeviceid": "aee59f97-e1e9-4561-af80-4a0b4c6f2156",
        "from": "https://azwcus1-client-s.gateway.messenger.live.com/v1/users/ME/contacts/8:prakash.tandukar",
        "id": "1580104398186",
        "conversationLink": "https://azwcus1-client-s.gateway.messenger.live.com/v1/users/ME/conversations/19:cd600a6ac9fd0fc43098250d506519ea3fae996a9ab5ed32b81734696b6e8325@encrypted.skype",
        "type": "Message",
        "conversationid": "19:cd600a6ac9fd0fc43098250d506519ea3fae996a9ab5ed32b81734696b6e8325@encrypted.skype",
        "content": "UVpLGf93DMdW5sNpO+XnHp7xHpq5LtgZM/TcvxE9nT8M7ElyNiOVQWGB933cw/Cn",
        "composetime": "2020-01-27T05:53:17.571Z"

The content is encrypted. There is also encryptedkey. I have been looking signal-protocol-pcl package for decyrpting content in c# but have not able to decrypt the content.

Prakash
  • 422
  • 1
  • 12
  • 31
  • Do you have the Identity Key of the receiver? (or maybe there's something that can be done with the Identity Key of the sender if you have it) – Cyxo Jul 13 '20 at 15:17
  • @Cyxo The encryptedKey itself base64 decode. From there, we can get decode it from https://www.base64decode.org/ and it looks like below {"type":1,"body":"3\n!\u0005l8¼\nn\u001cen\u0004rä°Í$Û×,]òÖ\u0004ú.k©ìi\u0010\u001b\u0018\u0015\" \u0001M2=\u0006Å#x$\u0019ç~\t^»¸èÞ\u0005L¹L\b°'\u0007l\\g^[K¡S½ÔÀY7s¨aå6Lä PϽ\u0000 ]øùv¢õrÖQ\u0000\u000eËëCðVE\u0018¿$êÍ\u0016.©£\u000bBzÊã2\u001dMï-èû­vÊ\u001aÉ\u0000¶ü\u0013êv\u0010ò5Ì\u0015\u0004\u000e\u001eìþ?X¼V½B´ &÷ô|Táëà«*¿\\Än\u0005²ÎÙ.w\u001bÐGÕµ(\u0002","registrationId":42} – Prakash Jul 14 '20 at 14:01
  • @Cyxo This is a JSON and body itself seems to be encoded. It appears that there are many keys some of the keys are AParty User Id , AParty Device Id, BParty User Id and BParty Device Id. I do not yet find any documentation on how Skype uses these keys to decode the key and to decode the final actual message. Looks like, it also uses many other keys aside from these. – Prakash Jul 14 '20 at 14:01
  • @Cyxo There is .net implementation of signal protocol https://github.com/signal-csharp/libsignal-protocol-dotnet. I looked at this but found some sample where it encrypts some text and then uses it to decrypt and looks like it depends on the session storage ( containing many other keys). But, any way I think, we also need to know how Skype decodes that content. – Prakash Jul 14 '20 at 14:14
  • From what I understand here: https://az705183.vo.msecnd.net/onlinesupportmedia/onlinesupport/media/skype/documents/skype-private-conversation-white-paper.pdf There the encryptedKey is a temporary key generated just for this message and it was encrypted using the receiver's "Identity Key" (IK) so you'd need it to decrypt the temporary key used to encrypt the message – Cyxo Jul 15 '20 at 11:45
  • Perhaps it's encrypted with the sender's IK and not the receiver's IK, I'm not sure about that, but anyway if you are either the sender or the receiver, the IK is on your computer. Otherwise, I don't think you can decrypt the message – Cyxo Jul 15 '20 at 11:49

0 Answers0