Secure Share

From Camp 2011 Public Wiki

Jump to: navigation, search
Secure Share
P2P Social Network and Messaging System
Contact tg
People LynX, Marenz, Tg

Secure Share is a project for peer-to-peer social networking without entrusting servers with any private information. We believe servers and especially virtual machines are not safe enough for our private conversations, as long as they aren't running in our private homes. Secure Share is meant to have the following features:

  1. updates, comments, postings, messages, files and chat are only visible to the intended recipients
  2. the type of the message cannot be guessed at by looking at its size
  3. communication between parties cannot be measured as they may have none to several routing hops in-between. an observer never knows if a communication came where it came from and ends where it is going to.
  4. automatic responses and forwarded messages can intentionally be delayed so that an observer cannot tell two communications are related
  5. communications cannot be decrypted weeks later, just because the attacker gained access to one of the involved private keys (forward secrecy)
  6. even if an attacker gains access to a cleartext log, there is no proof the material was actually ever transmitted by anyone (for a case in court mere data would not suffice, you need actual testimonies)
  7. the list of contacts is never managed on potentially unsafe servers, it is only visible to those it should be visible to
  8. the infrastructure is robust and resilient against attacks

Apparently there is no technology that fulfills all of these requirements yet. The plan is to take suitable existing ones, combine them and refine them until they do. We will enable you to donate server resources as routers to just your friends, without you actually having access to any of their data – that is how the entire system will scale better than earlier attempts in doing something like this.

Several developers are present to discuss our current state of research and development with you. You can get your hands dirty in code if you like.

Related to: WebID without DNS

The Earth
Archived page - Impressum/Datenschutz