[Cryptography] The Crypto Pi
ji at tla.org
Mon Jan 12 18:28:31 EST 2015
On Thu, Jan 1, 2015 at 2:09 AM, Ralf Senderek <crypto at senderek.ie> wrote:
> The Crypto Pi
There does not appear to be anything Pi-specific about this. Am I missing
This year has had some devastating news about the state of the internet
> infrastructure in store and came with some
> disillusion about the vulnerability of tools we use day by day. And BTW it
> had turned out, that Johnny still can't encrypt.
> To change that, I've put some effort into developing the crypto pi.
> While running on a minimalist Linux OS with only the necessary
> tools installed, the crypto pi is different both from internet servers and
> insecure endpoints, and helps Johnny to establish secure
> communication that is always encrypted, without burdening him with
> complex tasks that would only make him avoid using secure communication.
> The crypto pi is in its early stages of its infant life and although
> it's working and looking great, it has not got the most important
> ingredient for a happy life (yet), peer-review.
> So I'd like to ask all of you, who think a well-designed, isolated
> crypto box under the sole control of its user, capable of doing message
> encryption reliably, may improve the situation we're facing today,
> to give a hand and scrutinize the design and implementation of the
> crypto pi. Let's make the crypto pi a success in 2015, together.
> The concept of secure communication using the crypto pi relies on
> several assumptions, not everyone will agree to:
> 1) Johnny will be able to communicate securely with people he knows,
> if he had been able to exchange an initial secret information
> (on a piece of paper, via telephone, or some other way)
> 2) Johnny's endpoint device is not trustworthy, as it runs all kinds
> of complex programs that are prone to attack the secrets on
> his device without notice in unforeseeable ways.
> 3) Apart from feeding the crypto pi with the initial secret and an email
> address of the recipient (by filling out a form) Johnny has nothing
> to do with key management, but will be able to verify that message
> encryption has been performed.
> 4) All secrets are stored on the crypto pi and messages leave the
> crypto pi AES-encrypted with a strong randomly generated key.
> The crypto pi does not use public key cryptography, there is no PKI
> nor CAs involved.
> 5) Johnny uses one single secret that he alone knows to establish an
> encrypted tunnel to the crypto pi over which he interacts with the
> web server on the crypto pi to read and write messages.
> 6) The local network in which the crypto pi works is not trustworthy,
> so all information that originates from the crypto pi is encrypted
> and only encrypted information that enters the crypto pi will be
> processed inside.
> 7) Although desirable, ensuring anonymity is not a pre-requisite of
> the crypto pi's design (at the moment).
> 8) All source code is licensed under GPL.
> Fortunately, the crypto pi has a home (crypto-pi.com) where you can get
> more detailed information about its fundamental concepts and
> implementation. Make sure, your criticism and constructive suggestions will
> be used to
> improve this project.
> Best wishes for 2015
> Ralf Senderek
> The cryptography mailing list
> cryptography at metzdowd.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography