[tor-bugs] #17580 [Tor Messenger]: Add IPC for client so other programs can import/export messages
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 10 18:04:46 UTC 2015
#17580: Add IPC for client so other programs can import/export messages
-------------------------------+----------------------------------------
Reporter: maqp | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Tor Messenger | Version:
Severity: Normal | Keywords: end point security TFC CNE
Actual Points: | Parent ID:
Points: | Sponsor:
-------------------------------+----------------------------------------
Hi!
I'm working on a project that provides end point security against bulk CNE
/ bulk equipment interference / automated hacking by limiting the window
of exposure during which end point can be compromised.
Currently, a software exploit that finds it's way to computer of user at
_any point_ after setup can compromise all future conversations. With TFC,
if the system isn't compromised during the ~10 minute time frame of setup,
it will remain secure against remote attacks, even if the malware would
exploit zero days in software / OS. Only malware that exploits unintended
covert channel in hardware is able to retrieve the information.
--------
Abstract
Tinfoil Chat (TFC) is a high assurance encryption system that operates on
top of messaging clients. Built on free and open source hardware and
software the secure by design implementa tion protects not only data in
transit against passive and active attacks, but also the end points
against CNE practiced by organized crime and TLAs such as the NSA, GCHQ
and BKA.
1. Authenticated encryption uses either OTP and one-time MAC, or cascaded
set of symmetric ciphers (Keccak-512-CTR, XSalsa20, Twofish-CTR and
AES256-GCM) and set of authentication algorithms (GMAC, HMAC-SHA2-512 and
SHA3-512 MAC).
2. Keys are generated by mixing /dev/(u)random with vN whitened, SHA3-512
compressed entropy, sampled from an open circuit design HWRNG.
3. Endpoints are secured by separating encryption and decryption on
isolated TCB-devices, that interact with a networked computer through open
circuit design data-diode enforced unidirectional gateways. Removal of
bidirectional channels prevents exfiltration of keys and plaintexts even
with exploits against zero-day vulnerabilities in software against OS of
TCBs.
4. Trickle connection hides metadata about when and how much
communication is taking place by sending a constant stream of encrypted
data to receiving TCB units.
-----
Links
Whitepaper:
https://www.cs.helsinki.fi/u/oottela/tfc.pdf
User manual:
https://www.cs.helsinki.fi/u/oottela/tfc-manual.pdf
GitHub project:
https://github.com/maqp/tfc-cev
At the moment TFC works wonderfully with Pidgin, but I would assume Tor
Messenger is going to replace it in Tails at some point, which would
render TFC's Tails installation configuration useless.
So I'm asking you to include some sort of IPC that let's other programs
read and write messages to Tor Messenger client.
I'm happy to answer any questions you might have regarding the project or
the issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17580>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list