libsignal-protocol-java
libsignal-protocol-c
libsignal-protocol-java | libsignal-protocol-c | |
---|---|---|
7 | 4 | |
1,701 | 1,348 | |
- | - | |
0.0 | 0.0 | |
over 2 years ago | almost 4 years ago | |
Java | C | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libsignal-protocol-java
-
The Joy of Cryptography
Signal message keys seem to include an IV. [1] Message keys are generated by passing a chain key through a key derivation function. [2] So you can also expand a shared secret established through Diffie-Hellman.
Someone please correct me if I'm wrong.
[1] https://github.com/signalapp/libsignal-protocol-java/blob/ma...
[2] https://signal.org/docs/specifications/doubleratchet/Set0_1....
- Facebook will verschlüsselte WhatsApp Nachrichten analysieren
-
Aprovado a 06/07/2021 o ChatControl permite a monitorização de todas as trocas de correspondecias digitais na UE, ordem judicial não é necessária e utilizadores "inspecionados" não são informados.
Parece que a lib de encriptação do WhatsApp é baseada na do Signal.
-
End to end encryption in chat application
You might want to use the Signal protocol libraries https://github.com/signalapp/libsignal-protocol-java
-
Question about Signal API
Signal Protocol Java library
-
Telegram Can Oversee All Things That Happen In
Whatsapp provides API at least for business. Moreover, in theory the use signal protocol and signal library that are open source and available. Moreover, there are many projects, browser, that can connect to whatsapp server as rambox or ferdi.
-
Are There Any Tutorials On How To Use The Signal
Signal protocol library for Java.
libsignal-protocol-c
-
I wonder why Signal’s download size is so much larger than the competition? Intuition says it would be smaller
Signal wrote their own open source protocol, libsignal, to provide end to end encryption; or as they put it "a ratcheting forward secrecy protocol that works in synchronous and asynchronous messaging environments." Source I'd wager good money a chunk of that space is for said library and dependencies PLUS the regular rigamarole for an Android app.
-
Session Encrypted Messenger
The whitepaper at [1] is more impressive than I expected it to be, not for what is built today (which on a quick read appears to be rather unexciting), but for the class of attacks recognised as unsolved, and identified as requiring future work.
Improvements identified include:
1) Encrypted messages should have a constant size (padded). Note that the Signal protocol used by Session currently uses variable length messages[2].
2) Encrypted messages should be sent as noise by clients through the onion network and back to themselves at random intervals frequent enough that messages to/from other parties are statistically indistinguishable to Eve from the noise generated.
3) Intermediate nodes in the onion network should hold and delay encrypted messages so they are adequately mixed before being sent forward. This makes it statistically difficult for Eve to match up a message entering a node and a message leaving a node. Ideally messages would be mixed across enough nodes of the onion network that
4) Proof of work should be replaced with a better technique for preventing degradation of service or spam attacks. The paper quite rightly identifies that proof of work would favour Eve who has setup a data center filled with custom ASICs solving proof of work problems, rather than favouring Alice or Bob with an energy efficient mobile phone SoC. CAPTCHAs are identified as a possible future solution to this class of attacks.
I doubt those improvements would have much application outside of labs and experiments though. Unless a significant part of the global economy surprisingly becomes dependent on a traffic analysis resistant anonymising protocol, it is too easy to just block such protocols similar to what China does with its Great Firewall.
[1] https://arxiv.org/pdf/2002.04609.pdf
[2] https://github.com/signalapp/libsignal-protocol-c/blob/maste...
-
Are There Any Tutorials On How To Use The Signal
Signal protocol library for C/C++.
- Millions Flock to Telegram and Signal as Fears Grow Over Big Tech
What are some alternatives?
signal-bot - A simple bot framework for Signal
libsignal-protocol-javascript - This library is no longer maintained. libsignal-protocol-javascript was an implementation of the Signal Protocol, written in JavaScript. It has been replaced by libsignal-client’s typesafe TypeScript API.
android-security-awesome - A collection of android security related resources
session-android - A private messenger for Android.
Themis - Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
wire-server - 🇪🇺 Wire back-end services
tweetnacl-java - TweetNaCl in Java - a port of TweetNaCl-js
openssl-android - a version of the official Android openssl setup to build standalone for use in app
Runtime Permission Handler - Handles all the boilerplate codes associated with runtime permissions for Android 6.0 and above.
Android Permission Check Library
apg - OpenPGP for Android
Android Tamper Detector - A simple library that can help you detect if you app is modded or tampered with