|
Silent Circle Instant Messaging Protocol
The Silent Circle Instant Message Protocol (SCIMP) was an encryption scheme that was developed by Vincent Moscaritolo of Silent Circle. It enabled private conversation over instant message transports such as XMPP (Jabber). SCIMP provided encryption, perfect forward secrecy and message authentication. It also handled negotiating the shared secret keys. History Silent Circle used SCIMP in their encrypted instant messaging application called Silent Text. Silent Text was discontinued on September 28, 2015, when its features were merged into Silent Circle's encrypted voice calling application called Silent Phone. At the same time, Silent Circle transitioned to using a protocol that uses the Double Ratchet Algorithm In cryptography, the Double Ratchet Algorithm (previously referred to as the Axolotl Ratchet) is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to ... instead of SCIMP. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vincent Moscaritolo
Vincent Moscaritolo is semi-retired American computer security expert known for work in encryption applications for mobile devices. As of late, he has been prolifically writing about Raspberry Pi Projects on Substack. From 2012 to 2015, he was the Distinguished Member of Technical Staff at Silent Circle, where he designed the original messaging technologies Silent Circle uses. In 2015, he left Silent Circle to co-found 4th-A Technologies, LLC with Robbie Hanson. 4th-A Technologies develops technologies to restore to people their inalienable right to be “secure in their documents”. They designed ZeroDark.cloud a framework that simplifies the development of apps that interact with the cloud, and performs tasks such as syncing, messaging & collaboration. It uses zero-knowledge encryption, ensuring the data in the cloud cannot be compromised. They also produced the Storm4 secure cloud storage service. Vincent has been involved in the design, invention, and production of syst ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Silent Circle (software)
Silent Circle is an encrypted communications firm based in Washington DC. Silent Circle provides multi-platform secure communication services for mobile devices and desktop. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/ open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses. History In November 2011, Mike Janke called Phil Zimmermann with an idea for a new kind of private, secure version of Skype. Zimmermann agreed to the project and called Jon Callas, co-founder of PGP Corporation and Vincent Moscaritolo. Janke brought in security expert Vic Hyder, and the founding team was established. The company was founded in the Caribbean island of Nevis, but moved its headquarters to Le Grand-Saconnex near Geneva, Switzerland in 2014 in search of a country with "stronger privacy l ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XMPP
Extensible Messaging and Presence Protocol (XMPP, originally named Jabber) is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML (Extensible Markup Language), it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses. Unlike most commercial instant messaging protocols, XMPP is defined in an open standard in the application layer. The architecture of the XMPP network is similar to email; anyone can run their own XMPP server and there is no central master server. This federated open system approach allows users to interoperate with others on any server using a 'JID' user account, similar to an email address. XMPP implementations can be deve ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Forward Secrecy
In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. For HTTPS, the long-term secret is typically the private key of the server. Forward secrecy protects past sessions against future compromises of keys or passwords. By generating a unique session key for every session a user initiates, the compromise of a single session key will not affect any data other than that exchanged in the specific session protected by that particular key. This by itself is not sufficient for forward secrecy which additionally requires that a long-term secret compromise does not affect the security of past session keys. Forward secrecy protects data on the transport layer of a network that uses common Transport Layer Security protocols, including OpenSSL, when its long-term secret keys are ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Double Ratchet Algorithm
In cryptography, the Double Ratchet Algorithm (previously referred to as the Axolotl Ratchet) is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet. The algorithm is considered self-healing because under certain conditions it prevents an attacker from accessing the cleartext of future messages after having compromised one of the user's keys. New session keys are exchanged after a few rounds of communication. This effectively forces the attacker to intercept ''all'' communication between the honest parties, since th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
