|
Off-the-Record Messaging
Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption. The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. This is in contrast with cryptography tools that produce output which can be later used as a verifiable record of the communication event and the identities of the participants. The initial introductory paper was named "Off-the-Record Communication, or, Why Not To Use PGP". The OTR protocol was designed by cryptographers Ian Goldberg and Nikita Borisov and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographic Protocol
A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describes how the algorithms should be used and includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program. Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects: * Key agreement or establishment * Entity authentication * Symmetric encryption and message authentication material construction * Secured application-level data transport * Non-repudiation methods * Secret sharing methods * Secure multi-party computation For example, Transport Layer Security (TLS) is a cryptographic protocol that is used to secure web (HTTPS) connections. It has an entit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kopete
Kopete is a multi-protocol, free software instant messaging client released as part of the KDE Software Compilation. Although it can run in numerous environments, it was designed for and integrates with the KDE Plasma Workspaces. Kopete was started because ICQ blocked Licq from their network in 2001. According to the original author, Duncan Mac-Vicar Prett, the name comes from the Chilean Spanish word ''copete'', meaning "a drink with your friends". Kopete has been nominated for multiple awards. (2nd place, Favorite Instant Messaging Client) (Best Communications Software, Runner Up) The designated successor is KDE Telepathy from the KDE RTCC Initiative. Protocols Kopete allows users to connect to the following protocols: MSNP (Microsoft Messenger service, commonly known as ''MSN'', ''.NET'', or ''Live'') was also supported until the protocol was discontinued by Microsoft. Features Plugins By default, Kopete supports the following plugins (not all of which are currently ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Double Ratchet Algorithm
In cryptography, the Double Ratchet Algorithm (previously referred to as the Axolotl Ratchet) is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet. The algorithm is considered self-healing because under certain conditions it prevents an attacker from accessing the cleartext of future messages after having compromised one of the user's keys. New session keys are exchanged after a few rounds of communication. This effectively forces the attacker to intercept ''all'' communication between the honest parties, since th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Conversations (software)
Conversations is a free software, instant messaging client application software for Android. It is largely based on recognized open standards such as the Extensible Messaging and Presence Protocol (XMPP) and Transport Layer Security ( TLS). The development focus is on secure communication and implementation of XMPP extensions that are important for mobile use. The trade press praised the decentralized and open nature of the transmission network and simple, intuitive usability with user guidance familiar from other applications. It enjoys recognition as a serious attempt to raise the mass suitability of XMPP-based messaging to a competitive level. The source code of the software is maintained at GitHub, and is subject to the terms of the GPL-3.0-only license. The application can be installed for free (or with donations) using F-Droid, or for a fee in the Google Play store. Google recorded over 100,000 installations as of November 2020. Features Conversations includes optional e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OMEMO
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163). OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery. Features In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead. History The protocol was developed and first implemented by Andreas Straub as a Googl ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Silent Circle Instant Messaging Protocol
The Silent Circle Instant Message Protocol (SCIMP) was an encryption scheme that was developed by Vincent Moscaritolo of Silent Circle. It enabled private conversation over instant message transports such as XMPP (Jabber). SCIMP provided encryption, perfect forward secrecy and message authentication. It also handled negotiating the shared secret keys. History Silent Circle used SCIMP in their encrypted instant messaging application called Silent Text. Silent Text was discontinued on September 28, 2015, when its features were merged into Silent Circle's encrypted voice calling application called Silent Phone. At the same time, Silent Circle transitioned to using a protocol that uses the Double Ratchet Algorithm In cryptography, the Double Ratchet Algorithm (previously referred to as the Axolotl Ratchet) is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to ... instead of SCIMP. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Signal Protocol
The Signal Protocol (formerly known as the TextSecure Protocol) is a non- federated cryptographic protocol that can be used to provide end-to-end encryption for voice calls and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was first introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations. The protocol combines the Double Ratchet algorithm, prekeys, and a triple Elliptic-curve Diffie–Hellman (3-DH) handshake, and uses Curve25519, AES-256, and HMAC-SHA256 as primitive ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptocat
Cryptocat is a discontinued open-source desktop application intended to allow encrypted online chatting available for Windows, OS X, and Linux. It uses end-to-end encryption to secure all communications to other Cryptocat users. Users are given the option of independently verifying their buddies' device lists and are notified when a buddy's device list is modified and all updates are verified through the built-in update downloader. Cryptocat was created by Nadim Kobeissi and further developed along with a community of open source contributors and is published under the terms of the GPLv3 license, although it has since been discontinued. History Cryptocat was first launched on 19 May 2011 as a web application. In June 2012, Kobeissi said he was detained at the U.S. border by the DHS and questioned about Cryptocat's censorship resistance. He tweeted about the incident afterwards, resulting in media coverage and a spike in the popularity of the software. In June 2013, security re ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Entropy (information Theory)
In information theory, the entropy of a random variable is the average level of "information", "surprise", or "uncertainty" inherent to the variable's possible outcomes. Given a discrete random variable X, which takes values in the alphabet \mathcal and is distributed according to p: \mathcal\to , 1/math>: \Eta(X) := -\sum_ p(x) \log p(x) = \mathbb \log p(X), where \Sigma denotes the sum over the variable's possible values. The choice of base for \log, the logarithm, varies for different applications. Base 2 gives the unit of bits (or " shannons"), while base ''e'' gives "natural units" nat, and base 10 gives units of "dits", "bans", or " hartleys". An equivalent definition of entropy is the expected value of the self-information of a variable. The concept of information entropy was introduced by Claude Shannon in his 1948 paper "A Mathematical Theory of Communication",PDF archived froherePDF archived frohere and is also referred to as Shannon entropy. Shannon's theory defi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Socialist Millionaires
In cryptography, the socialist millionaire problem is one in which two millionaires want to determine if their wealth is equal without disclosing any information about their riches to each other. It is a variant of the Millionaire's Problem whereby two millionaires wish to compare their riches to determine who has the most wealth without disclosing any information about their riches to each other. It is often used as a cryptographic protocol that allows two parties to verify the identity of the remote party through the use of a shared secret, avoiding a man-in-the-middle attack without the inconvenience of manually comparing public key fingerprints through an outside channel. In effect, a relatively weak password/passphrase in natural language can be used. Motivation Alice and Bob have secret values x and y, respectively. Alice and Bob wish to learn if x = y without allowing either party to learn anything else about the other's secret value. A passive attacker simply spying on ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Man-in-the-middle Attack
In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker wit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ejabberd
ejabberd is an Extensible Messaging and Presence Protocol (XMPP) application server and an MQ Telemetry Transport (MQTT) broker, written mainly in the Erlang programming language. It can run under several Unix-like operating systems such as macOS, Linux, FreeBSD, NetBSD, OpenBSD and OpenSolaris. Additionally, ejabberd can run under Microsoft Windows. The name ejabberd stands for Erlang Jabber Daemon (Jabber being a former name for XMPP) and is written in lowercase only, as is common for daemon software. ejabberd is free software, distributed under the terms of the GNU GPL-2.0-or-later. , it is one of the most popular open source applications written in Erlang. XMPP: The Definitive Guide (O'Reilly Media, 2009) praised ejabberd for its scalability and clustering feature, at the same time pointing out that being written in Erlang is a potential acceptance issue for users and contributors. The software's creator, Alexey Shchepin was awarded the Erlang User of the Year award at the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
