Fork me on GitHub

WRT to security, would people be interested in developing a cryptographically secure chat program?


I imagine we could all have separate devcard different teams are editing and I could set up the server to do a pub/sub type thing


I'd have to do some legwork to get the environment set up nicely


@xcthulhu: I'd be interested in that. Lots of decisions to make up-front, e.g. would we be assembling this from existing parts (e.g. there are existing libs for both chat and crypto in Clojure) or trying to roll our own? Use TLS for comms or more basic primitives? How to managed and distributed keys, etc. These decisions hinge on what we're trying to get out of it: a secure system, or to learn our way around using cryptographic tools, and/or to learn about building networked apps. Maybe schedule a planning meeting at a future meetup, or continue discussing the ideas here.


Well, here's what I'd go with:


In my efforts to unit test it I already figured out how to get it to act as a relay server for a chat


(2) I'd have clients generate their own public/private keys in ClojureScript running in the browser rather than go through TLS. This is the security model Proton Mail has ; in this architecture the server has no visibility at all into the content of the encrypted messages


This could be done via the SJCL, which I've wrapped here for clojurescript:


Alternatively we could go with elliptic, which has better performance but I'm still trying to wrestle with to figure out its externs and whether I need to do anything to get it to play nice with the Closure compiler:

Chris O’Donnell15:04:48

that sounds really cool

Chris O’Donnell15:04:05

I don't know much about cryptography, so I think it would be a neat opportunity to learn.


A ClojureScript client! Interesting idea. I haven't done much ClojureScript or JS crypto. I had been thinking Aleph for the chat comms: . A web client would surely be appealing - though we'd be closer to the bleeding edge. Very cool that you've wrappered the Stanford JS crypto. That lib would have been really handy years ago when I wanted to build an all-JS SRP client. (I've always found SRP to be an impressive bit of crypto). What's wrong with the ECC in the Standford JS Lib? Too low level, or incomplete?


I did several projects with ECC back in the late 90's with HP. We had some PhDs from Waterloo writing the core algos, and I packaged it up for general use, e.g. my ECDSA crypto provider for early prototypes of W3C Digital Signature initiative.

Chris O’Donnell15:04:26

I've used sente before, and it's pretty easy to use. If all we're doing on the server is relaying messages to clients, that would be very straightforward to implement using sente.


+1 for the idea. +1 for Aleph as well.


Does it make sense to have both web and desktop clients? Maybe for a 2nd phase? Not sure that Sente makes sense for non-JS clients though. For non-JS crypto we could use buddy (layered on BouncyCastle) or caesium (layered on libsodium). The alternative to a true desktop app might be to stay in JS and write an Electron client for those that want a desktop-ish experience.


or try WebRTC!


There ya go!


most people use http-kit with sente?


> What's wrong with the ECC in the Standford JS Lib? The SJCL is super messy, writing the externs for it was horrible


Also, it doesn't support Ed25519, unlike elliptic:


Probably mostly http-kit w/ sente. I guess the immutant lib is super fast tho.


I've heard...mixed things about http-kit


there's always nginix


I really wish sente supported Clojure clients, btw, since there's no omnibus network message layer for Clojure(Script)


I started something that exposes the same crypto API for Clojure(Script) btw:


No ECDH which is annoying


well i really like the idea of doing the client w/keygen in cljs with "dumb" server in clj


I'd love to do WebRTC too, but I've honestly never rolled my own DHT


Nor architected a gossip network


yes, it could widen the scope of the workshop quite a bit


Gossip networks have security concerns too; naïve ones are very weak against DDOS


Yeah, there's a lot of fun


Anyway, I can try and hurry to get my little bitauth repo in better order so we can do ECDH


Since that's a massive PITA


I think we can shelve the WebRTC idea just to keep things manageable...


I'd love to do it eventually