Go to file
Zack Scholl e3ebed186d update travis 2018-07-07 10:08:11 -07:00
src simplified api 2018-07-07 10:08:11 -07:00
.gitignore Added a git ignore 2017-10-20 14:44:19 +01:00
.travis.yml update travis 2018-07-07 10:08:11 -07:00
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2017-10-19 11:44:22 -06:00
LICENSE Create LICENSE 2017-10-18 11:50:06 -06:00
README.md first attempt 2018-07-07 10:08:11 -07:00
main.go add crypto, utils 2018-07-07 10:08:11 -07:00

README.md

Protocol

Every GET/POST request should check the IP address and make sure that there are never more than 2 IP addresses using a single channel. Once two IP addresses are in, then the channel is full.

  1. Sender requests new channel and receives empty channel from Relay, or obtains the channel they request (or an error if it is already occupied).

    POST /join { "channel": "...", // optional "curve": "pxxx", // optional "role": "sender" }

  2. Sender generates X using PAKE from secret pw.

  3. Sender sends X to Relay and the type of curve being used. Returns error if channel is already occupied by sender, otherwise it uses it.

    POST /channel { "x": "..." } Note: posting to channel always requires UUID and channel for validation.

  4. Sender communicates channel + secret pw to Recipient (human interaction).

  5. Recipient connects to channel and receives UUID.

  6. Recipient requests X from Relay using the channel. Returns error if it doesn't exist yet.

    POST /channel (returns current state)

  7. Recipient generates Y, session key k_B, and hashed session key H(k_B) using PAKE from secret pw.

  8. Recipient sends Y, H(H(k_B)) to Relay.

    POST /channel { "y": "...", "hh_k": "..." }

  9. Sender requests Y, H(H(k_B)) from Relay.

    POST /channel

  10. Sender uses Y to generate its session key k_A and H(k_A), and checks H(H(k_A))==H(H(k_B)). Sender aborts here if it is incorrect.

  11. Sender gives the Relay authentication H(k_A).

    POST /channel { "h_k": "..." }

  12. Recipient requests H(k_A) from relay and checks against its own. If it doesn't match, then bail.

    POST /channel

  13. Sender connects to Relay tcp ports and identifies itself using channel+UUID.

  14. Sender encrypts data with k.

  15. Recipient connects to Relay tcp ports and identifies itself using channel+UUID.

  16. Relay realizes it has both recipient and sender for the same channel so it staples their connections. Sets stapled to true.

  17. Sender asks Relay whether connections are stapled.

    POST /channel

  18. Sender sends data over TCP.

  19. Recipient closes relay when finished. Anyone participating in the channel can close the relay at any time. Any of the routes except the first ones will return errors if stuff doesn't exist.

    POST /channel { "close": true }

Notes

https://play.golang.org/p/1_dfm6us8Nx

https://git.tws.website/t/thesis

https://github.com/tscholl2/siec

croc as a library

croc.New() croc.SetX().... Set parameters croc.Send(file) croc.Receive()