Speak Easy
Páginas: 35 (8714 palabras)
Publicado: 21 de enero de 2013
Speak Easy
(Draft: This is still in production, mistakes are possible!)
Section One: Index
1.1 Quick Facts
1.2 Overview and Introduction
1.3 Libraries and Algorithms Used
1.4 Additional Information: Protocols
Section Two: Routing and Protocols
2.1 Topologies
2.2 Multi Hop Routing
2.3 Layer Encryption, Reply Paths, and Padding
2.4 Speak Easy Coordinate System
2.5 Tau Mixing2.6 Link Steganography / Dummy Messages
2.7 Key Exchange
2.8 Communication Security
2.9 Compromise Detection System
2.10 Clearance Levels
2.11 Counter Communications Network Analysis
Section Three: Speak Easy Coordinate Distribution
3.1 Decentralized Directory Servers
3.2 Counter Sybil
Section Four: Organization and Optimization Protocols
4.1 Increasing Reliability
4.2Communications Structure
4.3 Bandwidth Reduction and Aesthetics
Quick Facts* Secure communication system
* Programmed in Java
* Fully open source, mostly GPL or less restrictive
* 'All in one' instant message, private message and forum interface
* Client and server functionality built into program, not for browsers
* Strong encryption implementations for secure communication andauthentication
* Automated protocols for enhancement of network oriented operational security procedures
* Advanced anonymity techniques offer significant protection from fingerprinting, timing analysis
* Support for centralized, semi-centralized and fully decentralized topologies
* Support for darknet anonymity topology for use on top of Tor or other transport layer anonymizers
* Supportfor multi level clearance based information compartmentalization |
Libraries Used
Table 1
Algorithm Type | Algorithm Name | Algorithm Parameters | Algorithm Information | Algorithm Function | Library Name | Library Details | Library License |
| | | | | | | |
Symmetric Encryption | Serpent | Key Size...256 bit Mode...CBCBlockCipher-256-IV
Padding...PaddedBufferedBlockCipherPadding...PKCS7Padding | Serpent is a symmetric encryption algorithm. It is less studied and slower than AES, but many think it is stronger. We feel safe taking this gamble. | Serpent is used for all symmetric data encryption. | BouncyCastle | http://www.bouncycastle.org/specifications.html | Based on MIT X Consortium license |
Message Digest| Sha-256 | 256 bit | Sha-256 is a hashing algorithm. The specific implementation we are using has been FIPS 180-2 certified. | Sha-256 is used primarily as part of the pseudo-random number generation process. | BouncyCastle | http://www.bouncycastle.org/specifications.html | Based on MIT X Consortium license |
Signature | SHA256withRSA | Key Size....4,096 bit | RSA can be used for bothasymmetric encryption and signatures. | RSA is used for signatures in this case. | BouncyCastle | http://www.bouncycastle.org/specifications.html | GPL |
Pseudo Random Number Generator | SecureRandom | Entropy SeedMacintosh: /dev/random
Windows: CryptGenRandom
Linux: /dev/random
BSD: /dev/random
Additional : SE Accumulator (SEA)
Final Entropy = OS + SEA or SEAOther DetailsSHA-256 |SecureRandom is the standard Java PRNG. SecureRandom requires entropy to be provided to it; where entropy comes from depends on which operating system is being used. Speak Easy uses a combination of OS native entropy and a custom entropy accumulator to provide a seed. If no OS native entropy accumulator is available, only the custom one is used (A warning will be presented). | SecureRandom PRNG is used formany different features, any time randomness is required. | Java.SecureRandom | Java | GPL |
Speak Easy Entropy Accumulator | SEA | SEA is a custom entropy accumulator to be used in combination with any OS native entropy sources. SEA can gathers randomness from the following areas:Mouse position on graph
Timing of mouse movements
Keys pressed
Timing between key presses
Start time in...
(Draft: This is still in production, mistakes are possible!)
Section One: Index
1.1 Quick Facts
1.2 Overview and Introduction
1.3 Libraries and Algorithms Used
1.4 Additional Information: Protocols
Section Two: Routing and Protocols
2.1 Topologies
2.2 Multi Hop Routing
2.3 Layer Encryption, Reply Paths, and Padding
2.4 Speak Easy Coordinate System
2.5 Tau Mixing2.6 Link Steganography / Dummy Messages
2.7 Key Exchange
2.8 Communication Security
2.9 Compromise Detection System
2.10 Clearance Levels
2.11 Counter Communications Network Analysis
Section Three: Speak Easy Coordinate Distribution
3.1 Decentralized Directory Servers
3.2 Counter Sybil
Section Four: Organization and Optimization Protocols
4.1 Increasing Reliability
4.2Communications Structure
4.3 Bandwidth Reduction and Aesthetics
Quick Facts* Secure communication system
* Programmed in Java
* Fully open source, mostly GPL or less restrictive
* 'All in one' instant message, private message and forum interface
* Client and server functionality built into program, not for browsers
* Strong encryption implementations for secure communication andauthentication
* Automated protocols for enhancement of network oriented operational security procedures
* Advanced anonymity techniques offer significant protection from fingerprinting, timing analysis
* Support for centralized, semi-centralized and fully decentralized topologies
* Support for darknet anonymity topology for use on top of Tor or other transport layer anonymizers
* Supportfor multi level clearance based information compartmentalization |
Libraries Used
Table 1
Algorithm Type | Algorithm Name | Algorithm Parameters | Algorithm Information | Algorithm Function | Library Name | Library Details | Library License |
| | | | | | | |
Symmetric Encryption | Serpent | Key Size...256 bit Mode...CBCBlockCipher-256-IV
Padding...PaddedBufferedBlockCipherPadding...PKCS7Padding | Serpent is a symmetric encryption algorithm. It is less studied and slower than AES, but many think it is stronger. We feel safe taking this gamble. | Serpent is used for all symmetric data encryption. | BouncyCastle | http://www.bouncycastle.org/specifications.html | Based on MIT X Consortium license |
Message Digest| Sha-256 | 256 bit | Sha-256 is a hashing algorithm. The specific implementation we are using has been FIPS 180-2 certified. | Sha-256 is used primarily as part of the pseudo-random number generation process. | BouncyCastle | http://www.bouncycastle.org/specifications.html | Based on MIT X Consortium license |
Signature | SHA256withRSA | Key Size....4,096 bit | RSA can be used for bothasymmetric encryption and signatures. | RSA is used for signatures in this case. | BouncyCastle | http://www.bouncycastle.org/specifications.html | GPL |
Pseudo Random Number Generator | SecureRandom | Entropy SeedMacintosh: /dev/random
Windows: CryptGenRandom
Linux: /dev/random
BSD: /dev/random
Additional : SE Accumulator (SEA)
Final Entropy = OS + SEA or SEAOther DetailsSHA-256 |SecureRandom is the standard Java PRNG. SecureRandom requires entropy to be provided to it; where entropy comes from depends on which operating system is being used. Speak Easy uses a combination of OS native entropy and a custom entropy accumulator to provide a seed. If no OS native entropy accumulator is available, only the custom one is used (A warning will be presented). | SecureRandom PRNG is used formany different features, any time randomness is required. | Java.SecureRandom | Java | GPL |
Speak Easy Entropy Accumulator | SEA | SEA is a custom entropy accumulator to be used in combination with any OS native entropy sources. SEA can gathers randomness from the following areas:Mouse position on graph
Timing of mouse movements
Keys pressed
Timing between key presses
Start time in...
Leer documento completo
Regístrate para leer el documento completo.