Peer 2 Peer Open Source Encrypted Text, Voice & Video Communications

[paybitcoin]

OK, I understand your system as planned will include all of these pieces but it is a lot to take on. I am going to describe it in the context of some existing projects that have taken on chunks of the problem, for more research areas you may want to look into...

Good question; I'd imagine the p2p nodes are basically super nodes and clients only relay small bits of data .
If the client trusts the source of the private key, it doesn’t matter how the data is sent or received as. (Example, if I trade keys face-to-face it won't matter how the data gets there or received). The issue is that people from china can't all practically swap keys face-to-face, and not everyone is a "Crypto-wizard" to know how to evade "Man in the middle attacks during key exchange over an electronic interface". This is when the "P2P node trust" system comes in to play, basically two people exchange keys on the non p2p network (perhaps a facebook message or IRC). Once to people have their public keys they now can ask the p2p nodes to validate the key by asking for and validating various information transparently for the user.

So there would be a component that would operate like a PGP/GPG keyserver, but with additional validation over other channels like what the the CACert Web of Trust CA is doing.

Why do i think this is awsome?
As of right now for a "layman" to accomplish this they have to be educated that they need more than one channel of communication to prove that there was not a man in the middle attack during the trading of public keys, so this solution makes the whole experience transparent becuase unless you meet face to face for publickey exchange your most likely going to exchange public keys through gmail, hotmail, IRC or facebook and unless a "layman" is educated to "resend the same key on a different email address or chat channel and "match the public key letter by letter", then they are vulnerable to man in the middle attacks".

Very true, you just have to make sure the validation process has air-tight security - for example, if someone posted a public key for Josh on this site (with some cleanup to make it look legitimate of course) is that enough trust? Obviously not. Systems like CACert require a face-to-face meeting with trusted community assurers and checks of government ID to finish the signing process for the Web of Trust cert. It depends on what level of trust you want to place in the system.

Other notes....
New clients can build trust by helping relay small chunks of data;
the actual trust is gained by other nodes if your data seems to match up with nodes that those recieving nodes trust, the more your information matches the more your trusted over time, however if your client is relaying 100% or even 20% false data all nodes are advised to deny data from that client or node (A better solution would be to lower the priority of processing from your node as an attack could be happening and "triggered block occurred")

This would be difficult to protect against, what's to stop me from feeding a node bad data continuously with a coordinated attack from multiple new accounts, slowly increasing the percentage of bad data it relays to take it offline? How does the node itself verify the trust of the original party when it is deciding whether to pass the data along? Also, how do you know you are talking the real person's identity, and not someone that has created an account claiming to be that person?

This p2p crypt app could also provides other opportunities
*Like perhaps even be the leader of SSL certificate authority systems in the far off future: I ponder that if everyone online has everyone else’s key who is currently online along with a rating of "trust" that node is then perhaps we won't need to have CA's at all because there is no more risk of man in the middle attacks (which is why there is CAs certificate list is in browsers).

Yes, once the trust system is in place, it could be used for many awesome things.

*SSL and non SSL enabled websites could rely on the p2p crypt trusted web to initiate a secure login session, cookies and other methods to turn HTTP into a "State full" protocol literally is 2+ decade old technology and computers getting faster while captcha methods failing; The sessions are under constant attack and its time to move on.
HTTP could be used to serve webpages while P2P crypt could allow websites to initiate a "secure session" regardless of an SSL connection. this could allow safe login sessions that are harder to attack on.

This I have to object to, SSL works well, is extensively tested, and highly trusted. HTTP can be stateful without any encryption at all. User authentication/captchas is a separate issue, and in that area it is true that the web of trust would provide an additional authentication option (possibly taking the place of SSL client side certificates.)

Also, how does your system compare to something like Retroshare?

I know the end goal you want to get to for the trust side, since having a working system of decentralized trust is a 'holy grail' for online systems, and a lot of research has been done in this area as it contains a lot of hard CS problems. The wiki article on Web of trust is a good resource, and there are many papers (search for 'trust management problem' or 'decentralized identity'.)

Even just a face-to-face-public-key-sharing (or via Bitcoin public keys...) crypto app would be very useful in its own right, however. In any case, I am looking forward to seeing where you take the project!

[Xenland]

So there would be a component that would operate like a PGP/GPG keyserver, but with additional validation over other channels like what the the CACert Web of Trust CA is doing.

correct

Very true, you just have to make sure the validation process has air-tight security - for example, if someone posted a public key for Josh on this site (with some cleanup to make it look legitimate of course) is that enough trust? Obviously not. Systems like CACert require a face-to-face meeting with trusted community assurers and checks of government ID to finish the signing process for the Web of Trust cert. It depends on what level of trust you want to place in the system.

Your question fails to provide what kind of relation ship I have with josh in the example, so I’m not sure what kind of trust we are talking about. The website-trust is for "login/sessions" and even in the future for social networks to "request data" that can been auto-filled after unlocking the requested information with a password, anything beyond that i don't understand your question.

This would be difficult to protect against, what's to stop me from feeding a node bad data continuously with a coordinated attack from multiple new accounts, slowly increasing the percentage of bad data it relays to take it offline? How does the node itself verify the trust of the original party when it is deciding whether to pass the data along? Also, how do you know you are talking the real person's identity, and not someone that has created an account claiming to be that person?

let me clear up that you used Account and identity interchangeably but separately, if you create a new account/identity you can still load up your list of "Trusted nodes" and "untrusted nodes" but to the network you are an untrusted node/client because you are new all nodes should be advised "NOT" to trust you until you build some trust.  You can build trust by relaying data and other nodes will verify your data against other nodes thus its impossible to know (Just like Bitcoin) who trusts who. UPdate/Edit: Also makes it expensive to get anything on the network when there is super complex webs of trust/attacks going on why if half the network was being attacked that would make it difficult for more attackers to join in because its unknowable how far your "failed" data will traverse through the p2p nodes considering that nobody will ever know the "true" levels of trust everyone has applied to every other client/node.

I'd imagine in my system that you would have to take 3 months to a year to get the whole system to FULL trust a new online identity and your trust could be broken back down to 0 (or even in the negatives) in a day if you start to relaying bad data. (In the future someone could build an add-on or module or even into the protocol that alerts other "Trusted" nodes that this X node is relaying alternative data and could be bad, but i just wont know if this is possible with so many false positives that could be attributed.)

This is with out the "bitcoin" type system integrated... In the future not only will it be (CPU) costly to create the message I'd imagine the user could have to generate hashcash/bitcoin target digest output before the message is accepted by the p2p nodes for relaying (CPU Costly to send message, Easy/quick to verify and Relay messages)

This I have to object to, SSL works well, is extensively tested, and highly trusted. HTTP can be stateful without any encryption at all. User authentication/captchas is a separate issue, and in that area it is true that the web of trust would provide an additional authentication option (possibly taking the place of SSL client side certificates.)

Also, how does your system compare to something like Retroshare?

I know the end goal you want to get to for the trust side, since having a working system of decentralized trust is a 'holy grail' for online systems, and a lot of research has been done in this area as it contains a lot of hard CS problems. The wiki article on Web of trust is a good resource, and there are many papers (search for 'trust management problem' or 'decentralized identity'.)

Even just a face-to-face-public-key-sharing (or via Bitcoin public keys...) crypto app would be very useful in its own right, however. In any case, I am looking forward to seeing where you take the project!

Thanks for the retroshare link(and the other resources as well cheers!), that GUI looks exactly how I envisioned, Perhaps I could build on top of it and contribute to the project (didn't get a chance to see the license). Looks like a great application to fool with and thank  you for your great questions, I hope I provided some interesting answers as well.

More side nodes:
I realise this idea isn't new by any means but I think it will be the first to make it into run-time.

[Xenland]

Oh one difference between retroshare and this project is that retro share doesn’t have a "streaming" option, I'd imagine that p2p crypt nodes are only used for "key server and relaying data".

 so on a side node:
if a receiving user isn't online all nodes will be advised to save data for a optimal amount of time(nodes can refuse to relay data, but the more a node is "known" that it refuses to relay most  data received then other nodes will be label that this node is a "leech" in their local DB rating systems. Meaning it is still advisable that this node could be trusted for relaying and communicating with, they just might be asshats about their bandwidth and shouldn't rely on them as well as other nodes limit the bandwidth for the leech as well.

[K1773R]

Oh one difference between retroshare and this project is that retro share doesn’t have a "streaming" option, I'd imagine that p2p crypt nodes are only used for "key server and relaying data".

 so on a side node:
if a receiving user isn't online all nodes will be advised to save data for a optimal amount of time(nodes can refuse to relay data, but the more a node is "known" that it refuses to relay most  data received then other nodes will be label that this node is a "leech" in their local DB rating systems. Meaning it is still advisable that this node could be trusted for relaying and communicating with, they just might be asshats about their bandwidth and shouldn't rely on them as well as other nodes limit the bandwidth for the leech as well.

i recommend u to stay away from retroshare, its a buggy code base and  the devs dont really bother to fix this, its like M$ actually.
altough u could look at theirs DHT code, but you would have to fix it since its bugged as hell -> you constantly broadcast (telling the DHT nodes that u exist) without limit, ur flooding UDP packets as shit, no way to limit it, just horible

[Xenland]

Oh one difference between retroshare and this project is that retro share doesn’t have a "streaming" option, I'd imagine that p2p crypt nodes are only used for "key server and relaying data".

 so on a side node:
if a receiving user isn't online all nodes will be advised to save data for a optimal amount of time(nodes can refuse to relay data, but the more a node is "known" that it refuses to relay most  data received then other nodes will be label that this node is a "leech" in their local DB rating systems. Meaning it is still advisable that this node could be trusted for relaying and communicating with, they just might be asshats about their bandwidth and shouldn't rely on them as well as other nodes limit the bandwidth for the leech as well.

i recommend u to stay away from retroshare, its a buggy code base and  the devs dont really bother to fix this, its like M$ actually.
altough u could look at theirs DHT code, but you would have to fix it since its bugged as hell -> you constantly broadcast (telling the DHT nodes that u exist) without limit, ur flooding UDP packets as shit, no way to limit it, just horible

Thanks for the heads up; in that case, I'll stay the course and learn from other projects and integrate the best functions into this project.
I think I'll incorporate hashcash for all p2p crypt messages to reduce spam, and if you want to spam the network it'll cost you hashing power + electricity

[marcus_of_augustus]

You might consider using namecoin identities, alias namespace, to provide human-readable authenticated public key exchange and diffie-hellman shared-secret (ECDH) to initiate and establish the AES encrypted channel from there ... it gets around MITM and using CA's for something close to perfect forward security.

[Xenland]

You might consider using namecoin identities, alias namespace, to provide human-readable authenticated public key exchange and diffie-hellman shared-secret (ECDH) to initiate and establish the AES encrypted channel from there ... it gets around MITM and using CA's for something close to perfect forward security.

Very good input,
Yes we are having the app default to AES/DES/Blowfish for streaming capabilities. the MITM attack can happen regardless of the identity generation method used. so to solve the MITM attack we use the web of trust to evade that issue; however I see your point now that I've thought it through Public key ids should be reduced down like Bitcoin/Namecoin strings for easy copy and pasting and for easy to remember as well.

[marcus_of_augustus]

Web-of-trust is only weak protection against MITM (as is CA) versus using a namecoin ID authenticated public key for the key-sharing initiation of a connection.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

"OpenSSL supports perfect forward secrecy using elliptic curve Diffie-Hellman since version 1.0"

http://en.wikipedia.org/wiki/Key-agreement_protocol

"Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon."

[Xenland]

Web-of-trust is only weak protection against MITM (as is CA) versus using a namecoin ID authenticated public key for the key-sharing initiation of a connection.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

"OpenSSL supports perfect forward secrecy using elliptic curve Diffie-Hellman since version 1.0"

http://en.wikipedia.org/wiki/Key-agreement_protocol

"Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon."

perhaps namecoin does something that I'm not aware of as far as man in the middle attacks but im pretty sure that if i gave you my name coin address, an attacker(lets say a moderator in this example) could replace my namecoin address/id on the post, I don't understand how namecoin is solving this MITM issue (or perhaps I'm looking at the namecoin solution different then what is being presented)

[marcus_of_augustus]

Web-of-trust is only weak protection against MITM (as is CA) versus using a namecoin ID authenticated public key for the key-sharing initiation of a connection.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

"OpenSSL supports perfect forward secrecy using elliptic curve Diffie-Hellman since version 1.0"

http://en.wikipedia.org/wiki/Key-agreement_protocol

"Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon."

perhaps namecoin does something that I'm not aware of as far as man in the middle attacks but im pretty sure that if i gave you my name coin address, an attacker(lets say a moderator in this example) could replace my namecoin address/id on the post, I don't understand how namecoin is solving this MITM issue (or perhaps I'm looking at the namecoin solution different then what is being presented)

I agree, I don't think you are understanding the use correctly ... it's a little involved and I'm not sure if I want to go through all the details here. You seem to be a clever guy so I'll just out line the scheme and you can probably fill in the details.

- Users secure their 'name' in the namecoin blockchain, (i.e. only they hold the namecoin private key associated with that name)
- Also users associate with that name an EC public key using one of the appropriate namespace facilities of namecoin
- When initiating a connection the Sender creates a shared secret using their EC priv. key and EC public key of Recipient by looking up namecoin blockchain (autonomously if need be)
- Receiver can verify who the Sender is securely (and autonomously if need be) by looking-up Sender's EC public key up on namecoin blockchain and creating the required shared secret to communicate initiate ack response
- Sender-Receiver use shared secret encrypted channel to exchange AES keys for encrypting primary dialogue
- ... and etc, do the ECDH as usual from here on ...

... could also do a pay-per-secure-connection model using the namecoins/bitcoins per data-byte ... e.g. sender sends namecoins to receiver address to initiate connection, receiver (streaming server) only allows paying senders to open secure connections ... and stuff like that, hope this helps.

[Xenland]

Web-of-trust is only weak protection against MITM (as is CA) versus using a namecoin ID authenticated public key for the key-sharing initiation of a connection.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

"OpenSSL supports perfect forward secrecy using elliptic curve Diffie-Hellman since version 1.0"

http://en.wikipedia.org/wiki/Key-agreement_protocol

"Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon."

perhaps namecoin does something that I'm not aware of as far as man in the middle attacks but im pretty sure that if i gave you my name coin address, an attacker(lets say a moderator in this example) could replace my namecoin address/id on the post, I don't understand how namecoin is solving this MITM issue (or perhaps I'm looking at the namecoin solution different then what is being presented)

I agree, I don't think you are understanding the use correctly ... it's a little involved and I'm not sure if I want to go through all the details here. You seem to be a clever guy so I'll just out line the scheme and you can probably fill in the details.

- Users secure their 'name' in the namecoin blockchain, (i.e. only they hold the namecoin private key associated with that name)
- Also users associate with that name an EC public key using one of the appropriate namespace facilities of namecoin
- When initiating a connection the Sender creates a shared secret using their EC priv. key and EC public key of Recipient by looking up namecoin blockchain (autonomously if need be)
- Receiver can verify who the Sender is securely (and autonomously if need be) by looking-up Sender's EC public key up on namecoin blockchain and creating the required shared secret to communicate initiate ack response
- Sender-Receiver use shared secret encrypted channel to exchange AES keys for encrypting primary dialogue
- ... and etc, do the ECDH as usual from here on ...

... could also do a pay-per-secure-connection model using the namecoins/bitcoins per data-byte ... e.g. sender sends namecoins to receiver address to initiate connection, receiver (streaming server) only allows paying senders to open secure connections ... and stuff like that, hope this helps.

whoa, that does sound revolutionary indeed, And yes I get exactly what you are saying now.
I'll have to ponder on that idea, and do some research on name-coins source code (or perhaps even hire someone to do the name-coin integration), I like it though its basically everything i described but in this case instead of cost in hash power for clients, it costs in namecoins and the namecoin verification nodes(miners) are paid to keep "key integrity"

[marcus_of_augustus]

in this case instead of cost in hash power for clients, it costs in namecoins and the namecoin verification nodes(miners) are paid to keep "key integrity"

... this quote makes me think that you have got the crux of the idea.

Namecoin is already doing the job you require, i.e. keeping key integrity ... and since it is secured with merged mining by much of bitcoin network hashpower, it is possibly the most secure human-readable nameID linked key integrity system in the world waiting there to be taken advantage of ...

http://dot-bit.org/Main_Page

[Xenland]

Some Updates: I've published the updates of what I have so far as being stable into the github repository. That being the server can now receive connections, generate and save an identity locally into the sqllite3 DB, the GUI is just about finished: I just need to add two buttons and a "console,log panel text output" and the GUI is finished.

The next step is to finish the GUI and get the server to accept JSON RPC commands.

[Xenland]

UPDATES:

The GUI is finished
The only thing left for the GUI is to integrate signals, and events for the purpose of integrating the server (networking) it self to be linked into the button events

The server can accept UDP connections for "small commands"
However the the networking is all "dummy" functions with fake responses at this point, so no command does "anything" quite yet

The server in the future will open up TCP connections for file transfers, and other things that need to guaranteed to make it there

[Xenland]

The task for the "Dummy GUI client" has been posted up, I'd like to get someone on board that can help contribute C code in the future, this might be a great place to start for that particular C coder. The task information can be found at CIYAM's convenient task manager: http://ciyam.org/open/?cmd=view&data=20130124093030696000&ident=M100V131&chksum=f6584b1dchksum=3c8dc716


(EDITED)

[rgzen]

The task for the "Dummy GUI client" has been posted up, I'd like to get someone on board that can help contribute C code in the future, this might be a great place to start for that particular C coder. The task information can be found at CIYAM's convenient task manager: http://ciyam.org/open/?cmd=view&data=20130124093030696000&ident=M100V131&chksum=3c8dc716

I can not access to the info. I have not any account in ciyam and the link sends to a log in page with "Error: Invalid URL" message.
Thanks

EDIT: Hanging around the page a bit I have found the info at: http://ciyam.org/open/?cmd=view&data=20130124093030696000&ident=M100V131&chksum=f6584b1d

[Xenland]

I can not access to the info. I have not any account in ciyam and the link sends to a log in page with "Error: Invalid URL" message.
Thanks

EDIT: Hanging around the page a bit I have found the info at: http://ciyam.org/open/?cmd=view&data=20130124093030696000&ident=M100V131&chksum=f6584b1d

Thanks for posting the proper link seems to work on my end as well, I guess CYIAM links are unique while logged in; which is inline with how many security measures that CYIAM software has implemented.

[Xenland]

Libevent is being integrated at the choice for the networking handlers.
Before the server was using Gnome networking functions and so now the task at hand is rewriting the networking code.

For others that are in search of Libevent or Libev examples that display some "dynamics" to it, check out the /tool_tests/ folder for some interactive examples. Just use telnet to connect and communicate to the server.

https://github.com/Xenland/P2PCrypt-Server/tree/master/tools_tests/libevent

[CIYAM]

Thanks for posting the proper link seems to work on my end as well, I guess CYIAM links are unique while logged in; which is inline with how many security measures that CYIAM software has implemented.

Yes - (sorry I didn't mention that before) when you are logged in your URLs are unique to your session (and are useless to even keep as bookmarks for yourself which is why the system has a "Quick Link" feature that lets you create your own "sidebar" menu items for being able to quickly run a "custom search" or to immediately jump to a "specific record").

[Xenland]

More Updates
I've posted up more libev example scripts (I know the community could use some of those)
Also the official website should be fully functioning very shortly so I'll start to post almost all things there, whileist only posting the "major" updates here on the forums when necessary.