data-transfer file-sharing golang pake peer-to-peer tcp transfer

Go to file

Zack Scholl f315a0bb79 add stdin		2018-07-07 10:08:15 -07:00
src	add stdin	2018-07-07 10:08:15 -07:00
.gitignore	Added a git ignore	2017-10-20 14:44:19 +01:00
.travis.yml	update travis	2018-07-07 10:08:11 -07:00
LICENSE	Create LICENSE	2017-10-18 11:50:06 -06:00
README.md	todo: make big.Ints part of channelData	2018-07-07 10:08:12 -07:00
main.go	add stdin	2018-07-07 10:08:15 -07:00

README.md

Protocol

Every GET/POST request should check the IP address and make sure that there are never more than 2 IP addresses using a single channel. Once two IP addresses are in, then the channel is full.

Sender requests new channel and receives empty channel from Relay, or obtains the channel they request (or an error if it is already occupied).

POST /join { "channel": "...", // optional "curve": "pxxx", // optional "role": "sender" }
Sender generates X using PAKE from secret pw.
Sender sends X to Relay and the type of curve being used. Returns error if channel is already occupied by sender, otherwise it uses it.

POST /channel { "x": "..." } Note: posting to channel always requires UUID and channel for validation.
Sender communicates channel + secret pw to Recipient (human interaction).
Recipient connects to channel and receives UUID.
Recipient requests X from Relay using the channel. Returns error if it doesn't exist yet.

POST /channel (returns current state)
Recipient generates Y, session key k_B, and hashed session key H(k_B) using PAKE from secret pw.
Recipient sends Y, H(H(k_B)) to Relay.

POST /channel { "y": "...", "hh_k": "..." }
Sender requests Y, H(H(k_B)) from Relay.

POST /channel
Sender uses Y to generate its session key k_A and H(k_A), and checks H(H(k_A))==H(H(k_B)). Sender aborts here if it is incorrect.
Sender gives the Relay authentication H(k_A).

POST /channel { "h_k": "..." }
Recipient requests H(k_A) from relay and checks against its own. If it doesn't match, then bail.

POST /channel
Sender connects to Relay tcp ports and identifies itself using channel+UUID.
Sender encrypts data with k.
Recipient connects to Relay tcp ports and identifies itself using channel+UUID.
Relay realizes it has both recipient and sender for the same channel so it staples their connections. Sets stapled to true.
Sender asks Relay whether connections are stapled.

POST /channel
Sender sends data over TCP.
Recipient closes relay when finished. Anyone participating in the channel can close the relay at any time. Any of the routes except the first ones will return errors if stuff doesn't exist.

POST /channel { "close": true }

Notes

https://play.golang.org/p/1_dfm6us8Nx

https://git.tws.website/t/thesis

https://github.com/tscholl2/siec

croc as a library

use functional options
every GET/POST request should check the IP address and make sure that there are never more than 2 IP addresses using a single channel https://medium.com/@simplyianm/why-gos-structs-are-superior-to-class-based-inheritance-b661ba897c67

croc.New() croc.SetX().... Set parameters croc.Send(file) croc.Receive()

Conditions of state

Sender

Initialize

Requests to join.

Does X not exist?

Generates X from pw.
Update relay with X.

Is Y and Bcrypt(k_B) available?

Use Y to generate its session key k_A.
Check that Bcrypt(k_B) comes from k_A. Abort here if it is incorrect.
Encrypts data using k_A.
Connect to TCP ports of Relay.
Update relay with Bcrypt(k_A).

Are ports stapled?

Send data over TCP

Recipient

Initialize

Request to join

Is X available?

Generate Y, session key k_B, and hashed session key H(k_B) using PAKE from secret pw.
Send the Relay Bcrypt(k_B)

Is Bcrypt(k_A) available?

Verify that Bcrypt(k_A) comes from k_B
Connect to TCP ports of Relay and listen.
Once file is received, Send close signal to Relay.

Relay

Is there a listener for sender and recipient?

Staple connections.
Send out to all parties that connections are stapled.