librelist archives

« back to archive

Cables Communication

Cables Communication

Maxim Kammerer
2011-10-01 @ 00:10

I have discussed Liberté Linux's cables communication framework on
#cryptodotis in the past, and it generated some interest. It is now an
independent project on GitHub, with detailed installation
instructions, so you are welcome to try it and see how it works. I
have debugged the instructions step-by-step on Gentoo, and they seemed
adequate to me.

Here is copy-paste from the site:

Cables communication implements secure and anonymous communication
using email-like addresses, pioneered in Liberté Linux. Cables
communication is Liberté's pivotal component for enabling anyone to
communicate safely and covertly in hostile environments. What makes
cables communication special?
Anonymity: Although cables communication is independent of the
transport protocol, its primary purpose is to facilitate message
exchange over anonymous networks like Tor and I2P
Security: Cables communication utilizes the CMS standard with
X.509-based key management for encryption, decryption, signing and
verification of messages and message receipts
Authenticity: Usernames that are used for communication are
certificate hashes, themselves guaranteeing sender's authenticity
Hardness: No assumptions are made about the underlying transport; the
protocol is resistant against short-term and long-term
man-in-the-middle attacks
Obscurity: It is impossible to determine whether a host supports
cables communication, unless the username (a certificate hash) is
Simplicity: The protocol is stateless and asynchronous, based on short
push messages with the other end responding with a series of file
pulls; there is no real-time parameters negotiation
Reliability: Once a message has been accepted for delivery, it is
either delivered to each destination when both parties are online
(with a receipt to the sender), or the sender is notified about
delivery failure after a preset timeframe; messages are never lost in
transactional filesystems
Transparency: A regular email client can be used as the user
interface, with the cryptography entirely transparent to the end-user

Any comments are welcome, and people are also welcome to
mirror/fork the project on their/cryptodotis GitHub page, if they find
it suitable.

Best regards,