Summary

Cables communication implements secure and anonymous communication using email-like addresses, pioneered in Liberté Linux. Cables communication is Liberté's pivotal component for enabling anyone to communicate safely and covertly in hostile environments.

What makes cables communication special?

Anonymity
Although cables communication is independent of the transport protocol, its primary purpose is to facilitate message exchange over anonymous networks like Tor and I2P
Security
Cables communication utilizes the CMS standard with X.509-based key management for signing peer keys and for encrypting messages; Perfect forward secrecy makes communication resistant to potential future compromise of user's certificates; transport-independent protocol is resistant against short-term and long-term man-in-the-middle attacks
Authenticity
Usernames that are used for communication are certificate hashes, themselves guaranteeing sender's authenticity
Repudiability
Messages are encrypted and authenticated by deriving shared Diffie-Hellman keys and MACs, and it is therefore impossible to prove authorship of messages to third parties after the fact
Obscurity
It is impossible to determine whether a host supports cables communication, unless the username (a certificate hash) is known
Simplicity
The protocol is stateless and asynchronous, based on short push messages with the other end responding with a series of file pulls; there is no real-time parameters negotiation
Reliability
Once a message has been accepted for delivery, it is either delivered to each destination when both parties are online (with a receipt to the sender), or the sender is notified about delivery failure after a preset timeframe; messages are never lost in transactional filesystems
Transparency
A regular email client can be used as the user interface, with the cryptography entirely transparent to the end-user

Project: GitHub (issues, wiki)

How does cables communication work? Initially, user identity certificates and host identity keys (presently, for Tor hidden service and I2P eepSite) are generated, resulting in two permanent addresses, in the form of gb24hw2h…@5rfvhdhb…dcw6.onion and gb24hw2h…@ukeu3k5o…dkdq.b32.i2p. That's it — you can configure an e-mail client like Claws-Mail to communicate with other cables communication users with either of these addresses; source and destination(s) do not need to use the same host identity types either. Once the source and one of the destinations are online, the message is delivered, and the source receives an authentic acknowledgement. Signing/encryption and decryption/verification are handled transparently to the user, and do not rely on the security of underlying network transport. If the message times out after several days, the sender is notified as well. Cables communication is simple, robust, and safe; see also the Security section.


Page last modified on 9-May-2012 06:00 MSD