|
|
@ -5,11 +5,81 @@ |
|
|
|
// 1 2 3 4 5 6 7 8 |
|
|
|
// 1 2 3 4 5 6 7 8 |
|
|
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890 |
|
|
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890 |
|
|
|
|
|
|
|
|
|
|
|
/** @page protocol SafeChat Protocol |
|
|
|
/** @mainpage SafeChat |
|
|
|
|
|
|
|
|
|
|
|
@tableofcontents |
|
|
|
SafeChat runs on: |
|
|
|
|
|
|
|
https://safechat.ch |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SafeChat development is on: |
|
|
|
|
|
|
|
https://dev.marc.waeckerlin.org/redmine/projects/safechat |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Implementation Details: @ref security, @ref api, @ref protocol, |
|
|
|
|
|
|
|
@ref database |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SafeChat is a chat program designed to protect your privacy. It is |
|
|
|
|
|
|
|
designed to be: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-# extremely easy to use |
|
|
|
|
|
|
|
-# zero installation |
|
|
|
|
|
|
|
-# simple registration, within seconds |
|
|
|
|
|
|
|
-# web 2.0 - works in any modern browser |
|
|
|
|
|
|
|
-# user does not have to care about keys, security, encryption |
|
|
|
|
|
|
|
-# all cool features |
|
|
|
|
|
|
|
-# pseudonym accounts, no phone number, no email,nothing required |
|
|
|
|
|
|
|
-# send images and other attachments |
|
|
|
|
|
|
|
-# build groups |
|
|
|
|
|
|
|
-# no need to be online, receive messages on next login |
|
|
|
|
|
|
|
-# central user directory |
|
|
|
|
|
|
|
-# absolutely secure |
|
|
|
|
|
|
|
-# tap-proof |
|
|
|
|
|
|
|
-# no metadata available |
|
|
|
|
|
|
|
-# all messages are sent to all users, only the authorized users can decrypt it |
|
|
|
|
|
|
|
-# server can be untrusted |
|
|
|
|
|
|
|
-# thin server, rich client |
|
|
|
|
|
|
|
-# all encryption is done in the client |
|
|
|
|
|
|
|
-# server only stores minimal user data (name, public key) and encrypted messages |
|
|
|
|
|
|
|
-# no access to plain data, not even through server confiscation |
|
|
|
|
|
|
|
-# double secured internet transport |
|
|
|
|
|
|
|
-# messages are encrypted for the recipents only |
|
|
|
|
|
|
|
-# server connection is SSL secured in addition |
|
|
|
|
|
|
|
-# private data fully in the user's hand |
|
|
|
|
|
|
|
-# password is stored in the user's brain only |
|
|
|
|
|
|
|
-# private key is password encrypted |
|
|
|
|
|
|
|
-# private key is stored in the user's local machine only |
|
|
|
|
|
|
|
-# two factor security, access needs two tokens |
|
|
|
|
|
|
|
-# the password in the user's brain |
|
|
|
|
|
|
|
-# the private key in the user's browser memory |
|
|
|
|
|
|
|
-# fully open source |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@section why Why I Created SafeChat |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The Swiss parliament has decided to increase the power of police |
|
|
|
|
|
|
|
(BÜPF: Bundesgesetz zur Überwachung des Post- und |
|
|
|
|
|
|
|
Fernmeldeverkehrs) and secret service (NDG: |
|
|
|
|
|
|
|
Nachrichtendienstgesetz). This increases global enforced data |
|
|
|
|
|
|
|
preservation without any suspicion. This even allows the police to |
|
|
|
|
|
|
|
run a trojan in computers of suspicious persons. |
|
|
|
|
|
|
|
|
|
|
|
@section security Security Concept |
|
|
|
That was the point, when I started to think about secure |
|
|
|
|
|
|
|
communication that defeats these attacks against our |
|
|
|
|
|
|
|
privacy. Noone should be able to read what's not for his eyes, |
|
|
|
|
|
|
|
even if he controls the server. There should be no metadata, |
|
|
|
|
|
|
|
i.e. no one should know, who is communicating to each other. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There are secure means of communication, i.e. Jabber/OTR and |
|
|
|
|
|
|
|
PGP-Mail (but with unprotected metadata). But these are too |
|
|
|
|
|
|
|
complicated for the avarage user. He has to take care about keys |
|
|
|
|
|
|
|
and their distribution. In some chat programs, there is no offline |
|
|
|
|
|
|
|
message store, so you can only send a message, if the receiver is |
|
|
|
|
|
|
|
online. Some chat programs require to identify you, they ask your |
|
|
|
|
|
|
|
phone number and some even steal your address book |
|
|
|
|
|
|
|
(i.e. WhatsApp). Not here! Use any pseudonym. No special knowledge |
|
|
|
|
|
|
|
needed. User is guided as much as possible, the interface is as |
|
|
|
|
|
|
|
simple as possible. Data is only collected, if it is necessary. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
So I present here the safe chat program for dummies |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@page security Password and Secrets Concept |
|
|
|
|
|
|
|
|
|
|
|
Neither the password nor the private key are sent to the |
|
|
|
Neither the password nor the private key are sent to the |
|
|
|
server. They remain under the user's control and in the user's |
|
|
|
server. They remain under the user's control and in the user's |
|
|
@ -27,6 +97,10 @@ |
|
|
|
the local storage of his browser. Messages can only be sent or |
|
|
|
the local storage of his browser. Messages can only be sent or |
|
|
|
read with access to both security tokens. |
|
|
|
read with access to both security tokens. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@page protocol SafeChat Protocol |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@tableofcontents |
|
|
|
|
|
|
|
|
|
|
|
@section newuser Create New User |
|
|
|
@section newuser Create New User |
|
|
|
|
|
|
|
|
|
|
|
If no credentials exist in the browser's local storage, the |
|
|
|
If no credentials exist in the browser's local storage, the |
|
|
|