#protocol

Introducing (n+1)sec – a #protocol for distributed multiparty chat #encryption

https://equalit.ie/introducing-n1sec-a-protocol-for-distributed-multiparty-chat-encryption/

Jason Robinson

Introducing (n+1)sec – a protocol for distributed multiparty chat encryption

https://equalit.ie/introducing-n1sec-a-protocol-for-distributed-multiparty-chat-encryption/

Today we present (n+1)sec, a free (libre), end-to-end secure, synchronous protocol for group chat developed by eQualit.ie with support from the Open Technology Fund. After 2 years of design, development and testing, we are releasing the (n+1)sec protocol and library for securing group conversations on various messaging systems, like Jabber/XMPP or IRC. Following a protocol and cryptographic review by the NCC Group, we are looking forward to its implementation in as many chat clients as possible.

Distributed encryption for federated group chat

Considering the times we live in, people tend to rely more and more on encrypted chat for communicating securely with their friends and colleagues. Some of the most secure communication tools have been conceived for this kind of interaction online, including the widespread OTR (off-the-record) and Signal protocols. Our aim was to complement and build on these technologies, offering communication and privacy properties to which these protocols currently did not cater. For example, OTR has been around for over a decade and is built into many desktop and mobile messaging platforms. Its encryption capabilities however are limited to conversations between two people, and cannot be used for a group of three or more. The Signal protocol has been implemented in Signal, WhatsApp, Facebook messenger and many other tools, reaching over a billion users. It is an incredibly powerful solution but it is reliant on asynchronous communication and is therefore also dependent on the messaging platform — a central server that can become a single point of failure (or metadata collection).

These were the starting points for eQualit.ie when considering the (n+1)sec design – we wanted a tool as flexible as OTR that could offer groups and organizations a secure way of communicating and coordinating, respecting federation for messaging protocols and adhering to end-to-end encryption properties for privacy. Our final protocol has the following security properties for group messaging:

  • Confidentiality: the conversation is not readable to an outsider
  • Forward secrecy: conversation history remains unreadable to an outsider even if participants’ encryption keys are compromised
  • Deniable authentication: Nobody can prove your participation in a chat
  • Authorship: A message recipient can be assured of the sender’s authenticity even if other participants in the room try to impersonate the sender
  • Room consistency: Group chat participants are confident that they are in the same room
  • Transcript consistency: Group chat participants are confident that they are seeing the same sequence of messages

Can i test it?

To be sure that (n+1)sec did what we wanted it to do, we have developed an internal dogfooding client in the form of a Pidgin plugin. It is experimental and you shouldn’t rely on it for security – or even stable communications – but it is a good demonstration of how (n+1)sec works. There is a public server set-up for testing it with your friends and colleagues. You can also run the software with any Jabber/XMPP server you already have.

We also wrote a command line client, called Jabberite. It’s in the main (n+1)sec repository and can be used, for instance, with EchoChamber, a testing platform for the (n+1)sec protocol that simulates network conditions and peer behaviour to produce programmer-friendly benchmark data.

How can I help?

Now that a first protocol for secure distributed multiparty chat exists, we would love to see it implemented and used! If you are interested in making this happen, you can give us a precious hand: testing, bugtracking, and of course further development are welcome. The code is out there — just check it out! And of course if you have any feedback you don’t think fits in a public Github repository, you can always write to us through our contact form https://equalit.ie/#contact.

MORE: https://github.com/equalitie/np1sec https://github.com/equalitie/np1sec-test-client

ru_RU:

Представлен (n+1)sec, протокол для создания защищённых децентрализованных чатов

После двух лет проектирования, разработки и тестирования прототипов представлен новый протокол для создания защищённых групповых чатов - (n+1)sec. Библиотека с эталонной реализаций протокола распространяется под лицензией LGPLv3. Для тестирования предлагается экспериментальное клиентское ПО, которое оформлено в виде плагина для системы мгновенного обмена сообщениями Pidgin и может работать с любым сервером Jabber/XMPP. Дополнительно предоставляется простой клиент Jabberite, работающий в режиме командной строки, и симулятор EchoChamber.

Протокол обеспечивает оконечное шифрование (end-to-end, вся информация шифруется на стороне клиента), обеспечивает синхронный режим передачи сообщений и по решаемым задачам во многом напоминает протоколы OTR (Off-the-Record Messaging) и Signal:

Как и OTR протокол (n+1)sec также ориентирован на создание защищённых коммуникаций поверх существующих инфраструктур чатов, таких как XMPP, что позволяет интегрировать поддержку (n+1)sec в любое клиентское ПО на базе данных систем. Ключевое отличие заключается в том, что OTR рассчитан на обмен сообщениями между двумя участниками, в то время как (n+1)sec нацелен на создание децентрализованных чатов, в которых может общаться произвольное число людей.

Протокол Signal поддерживает групповые чаты с end-to-end шифрованием, но позволяет передавать сообщения только в асинхронном режиме и привязан к централизованным серверам платформ обмена сообщениями в которых он используется, что создаёт единую точку отказа и может использоваться для сбора метаданных о пользователях.

Ключевые возможности протокола (n+1)sec:

  • Конфиденциальность - содержимое доступно только участникам чата. Сторонний наблюдатель не может прочитать сообщения;
  • Совершенная прямая секретность (Forward secrecy) - перехваченный трафик с прошлой перепиской нельзя расшифровать даже после получения закрытых ключей участников чата;
  • Аутентификация с отречением (Deniable authentication) - во время чата обеспечивается проверка подлинности сообщений, но после чата третье лицо не имеет возможность доказать авторство сообщений участников;
  • Подтверждение авторства - получатель сообщения может быть уверен в подлинности отправителя, не допуская ситуации, когда кто-то другой попытается выдать себя за отправителя;
  • Целостность комнат для чата - участники группового чата могут быть уверены, что они находятся в одной комнате чата;
  • Единый порядок сообщений - участники группового чата могут быть уверены, что всем сообщения приходят в том же порядке.

https://www.opennet.ru/opennews/art.shtml?num=47016

#internet #web #protocol #security #privacy #xmpp #jabber #chat #multichat #otr #pidgin

equalitie/np1sec
np1sec - A library for off-the-record (deniable authenticated forward secure confidential) multiparty messaging

Rami Rosenfeld

federation v0.14.1 released

This release includes an important #Diaspora #protocol related #security fix adding checks so that payloads cannot be sent with objects referencing another identity. Basically this means that a post payload has to have the same author in the object as it has as the sender. The exception is relayables, which are commonly sent by someone else and authored by another person. This the patch release since the latter had to be fixed due to regression.

federation is a #Python library that offers the Diaspora protocol via an opinionated API, aiming to combine multiple protocols under one API in the future.

https://github.com/jaywink/federation/releases/tag/v0.14.1

Changelog:

[0.14.1] - 2017-08-06

Fixed

  • Fix regression in handling Diaspora relayables due to security fix in 0.14.0. Payload and entity handle need to be allowed to be different when handling relayables.

[0.14.0] - 2017-08-06

Security

  • Add proper checks to make sure Diaspora protocol payload handle and entity handle are the same. Even though we already verified the signature of the sender, we didn't ensure that the sender isn't trying to fake an entity authored by someone else.

    The Diaspora protocol functions message_to_objects and element_to_objects now require a new parameter, the payload sender handle. These functions should normally not be needed to be used directly.

Changed

  • Breaking change. The high level federation.outbound functions handle_send and handle_create_payload signatures have been changed. This has been done to better represent the objects that are actually sent in and to add an optional parent_user object.

    For both functions the from_user parameter has been renamed to author_user. Optionally a parent_user object can also be passed in. Both the user objects must have private_key and handle attributes. In the case that parent_user is given, that user will be used to sign the payload and for Diaspora relayables an extra parent_author_signature in the payload itself.

#thefederation #federation

jaywink/federation
Python library for abstracting social federation protocols

Jason Robinson

Social-Relay version 1.4.0 released

This release adds compatibility with the latest #Diaspora #protocol changes. Also now Social-Relay will verify received payloads to ensure receivers get payloads from only resolvable valid senders.

https://github.com/jaywink/social-relay/releases/tag/1.4.0

What is the relay system?

The #relay system handles distribution of public content using the #Diaspora protocol. This helps new nodes get into the network and allows subscribing to hashtags from around the network. This is an unofficial network addition not directly related to the Diaspora protocol or project itself.

If as a #podmin you want to hook up to the relay system, do as follows:

  • Enable your outbound/inbound relay configuration in your Diaspora pod settings or for #Friendica / #Hubzilla check your own settings/documentation on how to do it.
  • Ensure your node is registered at The-Federation.info. The relay system polls this list for nodes to check.
  • Profit within one hour!

Discuss and improve

Let me know if you have ideas for improving the relay system or just questions about it. Contact me here, GitHub issues or via IRC.

Changelog

Added

  • Accept new style Diaspora public payloads without xml=payload form data.
  • Add profile model. Store remote profile handle + public key for later use, since we don't want to always fetch them.
  • Start validating signatures in sent payloads. This requires fetching remote profiles. Closes #31.

Ping @{David Morley; davidmorley@diasp.org}

jaywink/social-relay
social-relay - Public post relay for the Diaspora federated social network protocol

Jason Robinson

[Bitcoin Munich] Meetup with Interledger at Deloitte on May 17th / CoinDash.io in June

Hello everyone,

our event with Evan Schwartz from Ripple about Interledger on Wednesday, May 17th will take place at Deloitte, Rosenheimer Platz 4. Deloitte themselves will probably also contribute to the agenda with their current projects in the Blockchain space.

https://www.meetup.com/Bitcoin-Munich/events/239080423/

In June, we will take a deeper look at ICOs, with CoinDash.io and others.

https://www.meetup.com/Bitcoin-Munich/events/zzdpbnywjbcc/

Again we have not settled for a location yet for this event, and we're open for suggestions. The agenda is not yet finalized, so you're very welcome if you're knowledgeable about the subject to give an enlightening talk or do an educational presentation about this topic. We're also open to the idea of a panel discussion around the ICO phenomenon. Just contact us via the meetup platform.

Thanks for your attention, and see you around,

the ::bitcoinmuc:: orga


Interledger: The Protocol for Connecting Ledgers

interledger

Wednesday, May 17, 2017 19:00

Deloitte Rosenheimer Platz 4, 81669 München

We're happy to have Evan Schwartz on this date, co-inventor of the Interledger Protocol (ILP) initiative out of Silicon Valley-based startup Ripple who've been running the first public-but-permissioned less-Blockchain-but-actually-rather-Distributed-Ledger-Technology already since 2012 before it was all the rage of today.

evan

There are basically two opposing views in the crypto-currency and blockchain space: The $coin maximalism position states that network effects will lead to the most secure blockchain becoming the base layer providing the required eventual consensus for asset transfers in the coming internet of value. Another view is that there will be many blockchains and ledgers that will have to cooperate and integrate with each other. Interledger certainly prepares for the latter by proposing a standard for this scenario.

This is in light that many long-established crypto-currency blockchains also already prepare tools and extensions for inter-connectivity, so can the Interledger standard proliferate?

Evan, currently also Managing Director of the Ripple Luxembourg R&D office, will shed some light and explain how Interledger uses an open architecture to enable payments and micropayments across different types of blockchains and other ledgers. The presentation will include live micropayments and a public demo of a prototype in-person payment experience built using Interledger.

Many thanks to Deloitte for the hospitality, and Ripple for beer and pizza!

(Our meetup group is organized by independent enthusiasts and not affiliated with any locations or sponsors of this or past events.)

Program:

19:00 Doors open, socializing, food and drinks

19:30 General Welcome + Introduction of the Deloitte Blockchain Institute

20:00 Interledger high-level overview

20:30 First Q&A Session

21:00 Interledger technical details

21:30 Second Q&A Session

22:00 End of official part

Target audience: Blockchain and DLT enthusiasts with a technical curiosity, and followers of developments in FinTech in general. Possibly also crypto-investors wanting to investigate the fundamentals of XRP's recent all-time high.

#owncontent #event #meetup #bitcoin #blockchain #bitcoinmuc #munich #muc #münchen #crypto-news #cryptonews #workshop #treffen #talk #talks #technology #tech #technologie #interledger #ripple #protocol #ilp #standard #w3c #internet #web #payment #payments #micropayments

Bitcoin Munich
We're happy to have Evan Schwartz on this date, co-inventor of the Interledger Protocol (ILP) initiative out of Silicon Valley-based startup Ripple who've been running the first public-but-permissione

herzmeister der welten

How the LBRY:// protocol can replace services like Youtube, Spotify, iStockphoto and Amazon Kindle

LBRY might disrupt all current forms of digital file distribution, and might become the universal base layer protocol for how all digital files are shared between viewers and publishers on the internet - For free, or for money.

Vía steemit.com

#lbry #protocol

Edwin Caldon

Zot is the revolutionary protocol that powers Hubzilla, providing communications, identity management, and access control across a fully decentralised network of independent websites, often called "the grid".

Zot's identity layer is unique. It provides invisible single sign-on across all sites in the grid.

It also provides nomadic identity, so that your communications with friends, family, and or anyone else you're communicating with won't be affected by the loss of your primary communication node - either temporarily or permanently.

-> https://project.hubzilla.org/help/developer/zot_protocol

  • https://project.hubzilla.org/pubsites
  • https://github.com/redmatrix/hubzilla

#open-source #decentralized #distributed #social-network #communication #identity #protocol

redmatrix/hubzilla
hubzilla - build community websites that can interact with one another

dvs1

CurveDNS

A DNSCurve Forwarding Name Server

What exactly is CurveDNS?

CurveDNS is the first publicly released forwarding implementation that implements the DNSCurve protocol. Brings us to a new question: what is DNSCurve? Parts of a master thesis have been written to answer this question, but of course there is a short answer. The protocol's official website gives a pretty good impression in only one sentence: 'DNSCurve uses high-speed high-security elliptic-curve cryptography to drastically improve every dimension of DNS security'.

[ #security #dns #protocol #cryptography #elliptic-curve ]

Website: http://curvedns.on2it.net Source code: https://github.com/curvedns/curvedns

curvedns/curvedns
curvedns - A DNSCurve Forwarding Name Server

Erik

Getting Started With Pump.io - by Stephen Sekula

New users of federated social networks may, at first, be a bit confused about simple things that seem so obvious on Facebook and Twitter. People coming from another Federated network to pump.io may find it hard to locate people, etc.

[ #federation #guide #pumpio #protocol ]

http://polari.us/dokuwiki/doku.php?id=gettingstartedwithpumpio

Source code: https://github.com/pump-io/pump.io

pump-io/pump.io
pump.io - Social server with an ActivityStreams API

Erik

Stammtisch/Mumble, Symbolbild


https://twitter.com/turnoff_us/status/800027891354345472 #linux #sysadmin #protocol #comic #humor #computers #network

Der Piratenschlumpf

Xtext 2.11 unterstützt Language Server Protocol

#language #protocol #server #tzt #unterstu #xtext

heise Developer (inoffiziell)

If you’re looking for a decentral messenger (similar to email and diaspora*) I’d recommend giving #Riot a go. It’s based on the #opensource #Matrix #protocol. Everyone’s free to host his/her own server (or to choose one hosted by someone else) or join an #IRC chatroom to connect with other people. Another bridge to the #XMPP protocol is also planned, so it’ll probably be possible to chat with #Jabber users in the future, too.

Matrix features the ability to send end-to-end #encrypted messages to friends and groups. Furthermore you get the ability to start a voice or video call within a group or with a single friend. It requires an email address, a username, and a password.

Comparison to XMPP: https://matrix.org/docs/guides/faq.html#what-is-the-difference-between-matrix-and-xmpp

Recent article why it is better than some other messengers: http://www.titus-stahl.de/blog/2016/12/21/encrypted-messengers-why-riot-and-not-signal-is-the-future

https://riot.im/ https://matrix.org/

Erdbeben in Chile richtet nur geringe Schäden an
Aufatmen in Chile: Ein Erdbeben der Stärke 7,7 vor der Küste des Landes hat weniger schwere Folgen als zunächst befürchtet. Den Behörden zufolge kam niemand ums Leben und auch die Sachschäden fielen bislang relativ gering aus.

Tobias Havla

If you’re looking for a decentral messenger (similar to email and diaspora*) I’d recommend giving #Riot a go. It’s based on the #opensource #Matrix #protocol. Everyone’s free to host his/her own server (or to choose one hosted by someone else) or join an #IRC chatroom to connect with other people. Another bridge to the #XMPP protocol is also planned, so it’ll probably be possible to chat with #Jabber users in the future, too.

Matrix features the ability to send end-to-end #encrypted messages to friends and groups. Furthermore you get the ability to start a voice or video call within a group or with a single friend. It requires an email address, a username, and a password.

Comparison to XMPP: https://matrix.org/docs/guides/faq.html#what-is-the-difference-between-matrix-and-xmpp

https://riot.im/ https://matrix.org/

Erdbeben in Chile richtet nur geringe Schäden an
Aufatmen in Chile: Ein Erdbeben der Stärke 7,7 vor der Küste des Landes hat weniger schwere Folgen als zunächst befürchtet. Den Behörden zufolge kam niemand ums Leben und auch die Sachschäden fielen bislang relativ gering aus.

Tobias Havla

If you're looking for a decentral messenger (similar to email and diaspora*) I'd recommend giving #Riot a go. It's based on the #opensource #Matrix #protocol. Everyone's free to host his/her own server (or to choose one hosted by someone else) or join an #IRC chatroom to connect with other people. Another bridge to the #XMPP protocol is also planned, so it'll probably be possible to chat with #Jabber users in the future, too.

Matrix features the ability to send end-to-end #encrypted messages to friends and groups. Furthermore you get the ability to start a voice or video call within a group or with a single friend. It requires an email address, a username and a password.

Comparison to XMPP: https://matrix.org/docs/guides/faq.html#what-is-the-difference-between-matrix-and-xmpp

https://riot.im/ https://matrix.org/

Erdbeben in Chile richtet nur geringe Schäden an
Aufatmen in Chile: Ein Erdbeben der Stärke 7,7 vor der Küste des Landes hat weniger schwere Folgen als zunächst befürchtet. Den Behörden zufolge kam niemand ums Leben und auch die Sachschäden fielen bislang relativ gering aus.

Tobias Havla

Eclipse Che 5.0 verwendet das Language Server Protocol

#che #das #eclipse #language #protocol #server #verwendet

heise Developer (inoffiziell)

Tox Project

A New Kind of Instant Messaging

> Whether it's corporations or governments, digital surveillance today is widespread. Tox is easy-to-use software that connects you with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is completely free and comes without advertising — forever.

Tox is free software. That's free as in freedom, as well as in price. This means Tox is yours — to use, modify, and share — because Tox is developed by and for the users.

Website : https://tox.chat/ uTox Client: http://utox.org


#anonymous #community #communication #crypt #ekiga #encrypt #encrypted #family #friends #freesoftware #group #hidden #im #Instantmessaging #opensource #pidgin #project #privacy #protocol #messenger #security #secret #skype #tox #video #voice

HKDT

Another project trying to implement decentralized universal basic income on the blockchain. I think it's still a long road to go conceptually, but it's good that a lot of people and groups put a lot of thought and dedication into this idea, so I'm confident it will eventually materialize in some form in a decade or two.


https://medium.com/@crypto_nation/the-resilience-protocol-darwinian-basic-income-7add92e5daf1#.vlpim6a1s

#society #economy #economics #blockchain #ethereum #bitcoin #basicincome #universalbasicincome #ubi #crypto #currency #money #cryptocurrency #crypto-news #decentralization #p2p #resilience #protocol #resilienceprotocol #darwin #taxeme #evolution

herzmeister der welten

Sometimes protocols are best explained using candy. More about http2 and #webperf at @forwardJS next week.

https://twitter.com/smithclay/status/694317112228057089

via #nixCraft

#internet #protocol

rollitup