I was excited to see a skype extra which added an additional layer of encryption to skype chat, unfortunately I question the implementation of the cryptography.  The implementation is always the problem, even if standard algorithms are used.  Anyway I believe that cryptoChat4skype is open to a given plaintext attack, at the very least.  The same plaintext gives nearly the same text output.  This is a pretty large weakness.

Please don't implement your own crypto library, use existing and debugged ones and integrate it into the skype API.  I want to encourage the creation of a chat crypto overlay, but a well implemented one is extremely difficult, please open your code to peer review and have people who know crypto go over it throughly and repeatedly.  Heck, even Zimmerman made some huge mistakes in the early days of pgp (bassomatic).

rearden