forked from cwtch.im/docs.cwtch.im
better layout
This commit is contained in:
parent
8e34f8f5a6
commit
6745833768
|
@ -2,4 +2,22 @@
|
|||
sidebar_position: 1
|
||||
---
|
||||
|
||||
# An Introduction to Cwtch P2P Chat
|
||||
# An Introduction to Cwtch P2P Chat
|
||||
|
||||
Cwtch uses Tor v3 Onion Services to establish anonymous, peer-to-peer connections between Profiles.
|
||||
|
||||
## How P2P Chat Works Under the Hood
|
||||
|
||||
In order to chat with your friends in a peer-to-peer conversation both must be online.
|
||||
|
||||
After a successful connection both parties engage in an **authentication protocol** which:
|
||||
|
||||
* Asserts that each party has access to the private key associated with their public identity.
|
||||
* Generates an ephemeral session key used to encrypt all further communication during the session.
|
||||
|
||||
This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
|
||||
i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
|
||||
fact - it is impossible to definitely prove that the exchange happened at all.
|
||||
|
||||
One the authentication process is successful then both you and your friend can communicate away assured that no one else
|
||||
can learn anything about the contents or the metadata if your conversation.
|
||||
|
|
|
@ -4,9 +4,15 @@ sidebar_position: 1
|
|||
|
||||
# An Introduction to Cwtch Groups
|
||||
|
||||
**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
|
||||
will likely change in the future.**
|
||||
|
||||
By default, Cwtch only supports peer-to-peer, online, chat. In order to support multi-party conversations, and offline
|
||||
delivery, an (untrusted) third-party is required. We call these entities ["servers"](/docs/servers)
|
||||
|
||||
These servers can be set up by anyone and are intended to be always online. Most importantly, all communication with a
|
||||
server is designed such that the server learns as little information as possible about the contents or metadata.
|
||||
|
||||
In many respects communication with a server is identical to communication with a regular Cwtch peer,
|
||||
all the same steps are taken however the server always acts as the inbound peer, and the outbound
|
||||
peer always uses newly generated **ephemeral keypair** - so that each server session is disconnected.
|
||||
|
@ -14,6 +20,10 @@ peer always uses newly generated **ephemeral keypair** - so that each server ses
|
|||
As such, peer-server conversations only differ in the *kinds* of messages that are sent between the two parties,
|
||||
with the server storing all messages that it receives and thus allowing any client to query for older messages.
|
||||
|
||||
The risk model associated with servers is more complicated that peer-to-peer communication, as such we currently
|
||||
require people who want to use servers within cwtch to [opt-in to the Group Chat experiment](/docs/groups/enable-experiment)
|
||||
in order to add, manage and create groups on untrusted servers.
|
||||
|
||||
## How Groups Work Under the Hood
|
||||
|
||||
When a person wants to start a group conversation they first randomly generate a secret `Group Key`. All group communication will be encrypted using this key.
|
||||
|
|
|
@ -16,48 +16,9 @@ Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a sa
|
|||
For a more in depth look at the security, privacy and underlying encryption technology used in Cwtch, please
|
||||
consult our [Security Handbook](https://docs.openprivacy.ca/cwtch-security-handbook/)
|
||||
|
||||
## Identity, or What exactly is a Cwtch Profile?
|
||||
|
||||
With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
|
||||
the Tor Network.
|
||||
|
||||
This is the identifier that you can give out to people and that they can use to contact you via Cwtch
|
||||
|
||||
** See also: [Create a profile](/docs/profiles/create-a-profile)**
|
||||
|
||||
## Peer to Peer, 2-party Conversions
|
||||
|
||||
![](/img/BASE_3.png)
|
||||
|
||||
In order to chat with your friends in a peer-to-peer conversation both must be online.
|
||||
|
||||
After a successful connection both parties engage in an **authentication protocol** which:
|
||||
|
||||
* Asserts that each party has access to the private key associated with their public identity.
|
||||
* Generates an ephemeral session key used to encrypt all further communication during the session.
|
||||
|
||||
This exchange (documented in further detail in [authentication protocol](https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html)) is *offline deniable*
|
||||
i.e. it is possible for any party to forge transcripts of this protocol exchange after the fact, and as such - after the
|
||||
fact - it is impossible to definitely prove that the exchange happened at all.
|
||||
|
||||
One the authentication process is successful then both you and your friend can communicate away assured that no one else
|
||||
can learn anything about the contents or the metadata if your conversation.
|
||||
|
||||
## Offline Delivery via Untrusted Routing Servers, and Group Conversations
|
||||
|
||||
**Note: Metadata Resistant Group Communication is still an active research area and what is documented here
|
||||
will likely change in the future.**
|
||||
|
||||
In order to get around the limitation of being always-online, Cwtch has built in support for hosting
|
||||
conversations on **Untrusted Servers**.
|
||||
|
||||
These servers can be set up by anyone and are intended to be always online. Most importantly, all communication with a
|
||||
server is designed such that the server learns as little information as possible about the contents or metadata.
|
||||
|
||||
The risk model associated with servers is more complicated that peer-to-peer communication, as such we currently
|
||||
require people who want to use servers within cwtch to [opt-in to the Group Chat experiment](/docs/groups/enable-experiment)
|
||||
in order to add, manage and create groups on untrusted servers.
|
||||
# Getting Started
|
||||
|
||||
You can download the latest version of Cwtch from [https://cwtch.im/download/](https://cwtch.im/download/)
|
||||
|
||||
### Install
|
||||
|
||||
|
|
|
@ -2,4 +2,9 @@
|
|||
sidebar_position: 1
|
||||
---
|
||||
|
||||
# An Introduction to Cwtch Profiles
|
||||
# An Introduction to Cwtch Profiles
|
||||
|
||||
With Cwtch you can create one of more **Profiles**. Each profile generates a random ed25519 keypair compatible with
|
||||
the Tor Network.
|
||||
|
||||
This is the identifier that you can give out to people and that they can use to contact you via Cwtch.
|
Loading…
Reference in New Issue