Guido
/
docs.cwtch.im
forked from cwtch.im/docs.cwtch.im
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

better layout

This commit is contained in:
Sarah Jamie Lewis 2022-05-31 14:15:36 -07:00
parent 8e34f8f5a6
commit 6745833768
4 changed files with 37 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
docs/chat/introduction.md
View File

@ -2,4 +2,22 @@
sidebar_position: 1
---
# An Introduction to Cwtch P2P Chat
# An Introduction to Cwtch P2P Chat
Cwtch uses Tor v3 Onion Services to establish anonymous, peer-to-peer connections between Profiles.
## How P2P Chat Works Under the Hood
In order to chat with your friends in a peer-to-peer conversation both must be online.
After a successful connection both parties engage in an **authentication protocol** which:
* Asserts that each party has access to the private key associated with their public identity.
* Generates an ephemeral session key used to encrypt all further communication during the session.
This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
fact - it is impossible to definitely prove that the exchange happened at all.
One the authentication process is successful then both you and your friend can communicate away assured that no one else
can learn anything about the contents or the metadata if your conversation.

10
docs/groups/introduction.md
View File

@ -4,9 +4,15 @@ sidebar_position: 1
# An Introduction to Cwtch Groups
**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
will likely change in the future.**
By default, Cwtch only supports peer-to-peer, online, chat. In order to support multi-party conversations, and offline
delivery, an (untrusted) third-party is required. We call these entities ["servers"](/docs/servers)
These servers can be set up by anyone and are intended to be always online. Most importantly, all communication with a
server is designed such that the server learns as little information as possible about the contents or metadata.
In many respects communication with a server is identical to communication with a regular Cwtch peer,
all the same steps are taken however the server always acts as the inbound peer, and the outbound
peer always uses newly generated **ephemeral keypair** - so that each server session is disconnected.
@ -14,6 +20,10 @@ peer always uses newly generated **ephemeral keypair** - so that each server ses
As such, peer-server conversations only differ in the *kinds* of messages that are sent between the two parties,
with the server storing all messages that it receives and thus allowing any client to query for older messages.
The risk model associated with servers is more complicated that peer-to-peer communication, as such we currently
require people who want to use servers within cwtch to [opt-in to the Group Chat experiment](/docs/groups/enable-experiment)
in order to add, manage and create groups on untrusted servers.
## How Groups Work Under the Hood
When a person wants to start a group conversation they first randomly generate a secret `Group Key`. All group communication will be encrypted using this key.

43
docs/intro.md
View File

@ -16,48 +16,9 @@ Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a sa
For a more in depth look at the security, privacy and underlying encryption technology used in Cwtch, please
consult our [Security Handbook](https://docs.openprivacy.ca/cwtch-security-handbook/)
## Identity, or What exactly is a Cwtch Profile?
With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
the Tor Network.
This is the identifier that you can give out to people and that they can use to contact you via Cwtch
** See also: [Create a profile](/docs/profiles/create-a-profile)**
## Peer to Peer, 2-party Conversions
![](/img/BASE_3.png)
In order to chat with your friends in a peer-to-peer conversation both must be online.
After a successful connection both parties engage in an **authentication protocol** which:
* Asserts that each party has access to the private key associated with their public identity.
* Generates an ephemeral session key used to encrypt all further communication during the session.
This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
fact - it is impossible to definitely prove that the exchange happened at all.
One the authentication process is successful then both you and your friend can communicate away assured that no one else
can learn anything about the contents or the metadata if your conversation.
## Offline Delivery via Untrusted Routing Servers, and Group Conversations
**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
will likely change in the future.**
In order to get around the limitation of being always-online, Cwtch has built in support for hosting
conversations on **Untrusted Servers**.
These servers can be set up by anyone and are intended to be always online. Most importantly, all communication with a
server is designed such that the server learns as little information as possible about the contents or metadata.
The risk model associated with servers is more complicated that peer-to-peer communication, as such we currently
require people who want to use servers within cwtch to [opt-in to the Group Chat experiment](/docs/groups/enable-experiment)
in order to add, manage and create groups on untrusted servers.
# Getting Started
You can download the latest version of Cwtch from [https://cwtch.im/download/](https://cwtch.im/download/)
### Install

7
docs/profiles/introduction.md
View File

@ -2,4 +2,9 @@
sidebar_position: 1
---
# An Introduction to Cwtch Profiles
# An Introduction to Cwtch Profiles
With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
the Tor Network.
This is the identifier that you can give out to people and that they can use to contact you via Cwtch.