Browse Source

Initial Website Commit

Sarah Jamie Lewis 1 year ago
commit
7d45690c3b

+ 2 - 0
.gitignore

@@ -0,0 +1,2 @@
+public/
+themes/

+ 8 - 0
LICENSE

@@ -0,0 +1,8 @@
+MIT License
+Copyright (c) <year> <copyright holders>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 2 - 0
README.md

@@ -0,0 +1,2 @@
+# website
+

+ 6 - 0
archetypes/default.md

@@ -0,0 +1,6 @@
+---
+title: "{{ replace .TranslationBaseName "-" " " | title }}"
+date: {{ .Date }}
+draft: true
+---
+

+ 45 - 0
config.toml

@@ -0,0 +1,45 @@
+baseurl = "https://cwtch.im/"
+languageCode = "en-us"
+metadataformat = "yaml"
+title = "Cwtch"
+theme = "hugo-alabaster-theme"
+
+disqusShortname = ""
+googleAnalytics = ""
+
+[[menu.main]]
+  name   = "Paper"
+  url    = "/cwtch.pdf"
+  weight = 100
+
+[[menu.main]]
+  name   = "Code"
+  url    = "https://git.openprivacy.ca/cwtch.im/cwtch"
+  weight = 110
+
+[params]
+	name = ""
+	description = "Anonymous, Decentralized, Metadata-Resistant Group Messaging"
+
+	github_user   = "cwtch"
+	github_repo   = "hugo-alabaster-theme"
+	github_banner = false
+
+	custom_css = []
+	custom_js  = []
+	favicon = "images/favicon.png"
+
+[params.sidebar]
+	logo = "images/cwtch-logo.png"
+
+
+	github_button  = false
+	travis_button  = false
+	codecov_button = false
+	gratipay = ""
+
+	show_relations = false
+
+[params.footer]
+	copyright = "Open Privacy Resarch Society. Cwtch is funded and mainted by <a href='https://openprivacy.ca'>Open Privacy Research Society <img src='https://openprivacy.ca/images/open_privacy_logo.png'style='width:10%; height:10%;vertical-align: middle;'/></a>"
+	show_powered_by = false

+ 1 - 0
content/cwtch.md

@@ -0,0 +1 @@
+<meta name="go-import" content="cwtch.im/cwtch git https://git.openprivacy.ca/cwtch.im/cwtch">

BIN
content/cwtch.pdf


BIN
content/images/cwtch-group.png


BIN
content/images/cwtch-logo.png


BIN
content/images/cwtch-peer.png


BIN
content/images/cwtch-peers.png


BIN
content/images/cwtch-system.png


BIN
content/images/favicon.png


+ 46 - 0
content/index.md

@@ -0,0 +1,46 @@
+---
+title: "Anonymous, Decentralized, Metadata-Resistant Group Messaging"
+date: 2018-01-26T19:01:18-05:00
+draft: false
+type: homepage
+weight: 40
+---
+
+**Warning:** *Cwtch is an experimental prototype. Please do not use it for anything where security, privacy, or anonymity is critical.*
+
+Communications metadata is known to be exploited by various adversaries to undermine the security of systems, to track victims and to conduct large scale social network analysis to feed mass surveillance. Metadata resistant tools are in their infancy and research into the construction and user experience of such tools is lacking.
+
+Cwtch is and extension of the metadata resistant protocol [Ricochet](https://ricochet.im) to support asynchronous, multi-peer group communications through the use of discardable, untrusted, anonymous infrastructure.
+
+# How Cwtch Works
+
+Cwtch all starts with you, a peer:
+
+<figure style="text-align:center"><img src="/images/cwtch-peer.png" alt="A cwtch peer"/></figure>
+
+Peers connect directly to each other via Ricochet. Through this connection they can verify each others identity and setup groups:
+
+<figure style="text-align:center"><img src="/images/cwtch-peers.png" alt="Two cwtch peers connecting to each other."/></figure>
+
+Group messaging is facilitated by Cwtch Servers, special long-lived trustless infrastructure that can be run by anyone - but that is **trusted by no one**.
+
+Peers connect to the server and messages are relayed to all peers. However, only peers that possess the group secret are able to decrypt the messages and know who is speaking.
+
+If a peer is offline, they are able to connect to the server later on and retrieve the messages:
+
+<figure style="text-align:center"><img src="/images/cwtch-group.png" alt="A cwtch group"/></figure>
+
+Peers are free to listen to more than one server, and groups are able to change servers at any time, creating a dynamic, distributed and decentralized network:
+
+<figure style="text-align:center"><img src="/images/cwtch-system.png" alt="A cwtch ecosystem, with 2 cwtch servers and 3 cwtch peers"/></figure>
+
+# Get Cwtch
+
+Right now, Cwtch is only available via the source code which can be obtained via [git](https://git.openprivacy.ca/cwtch.im/cwtch) or via `go`:
+
+		go get cwtch.im/cwtch
+		
+# Get Involved
+
+* **Email:** [team@cwtch.im](mailto://team@cwtch.im)
+* **Mailing List:** [cwtch-dev@openprivacy.ca](https://lists.openprivacy.ca/cgi-bin/mailman/listinfo/cwtch-dev)

+ 30 - 0
content/roadmap/index.md

@@ -0,0 +1,30 @@
+---
+title: "Road Map"
+date: 2018-01-26T19:01:18-05:00
+draft: false
+menu: main
+weight: 40
+---
+
+This page documents upcoming milestones for Cwtch development. For more detail please see the [Cwtch.im orgranization git repository](https://git.openprivacy.ca/cwtch.im)
+
+## May 2018 
+
+* Cwtch Prototype
+* Companion Paper
+
+## June 2018 
+
+* Cwtch Server Development
+ * Efficient file/resource management
+ * Containerization
+
+# July 2018
+
+* Desktop App Prototype
+
+## September 2018
+
+* Preliminary User Research Studies on Metadata Resistance UX Published
+* Cwtch Android Application Alpha Release
+

+ 27 - 0
content/threat-model/index.md

@@ -0,0 +1,27 @@
+---
+title: "Threat Model"
+date: 2018-01-26T19:01:18-05:00
+draft: false
+menu: main
+weight: 30
+---
+
+It is important to identify and understand that metadata is ubiquitous in communication protocols, it is indeed necessary for such protocols to function efficiently and at scale. However, information that is useful to facilitating peers and servers, is also highly relevant to adversaries wishing to exploit such information.
+
+For our problem definition, we will assume that the content of a communication is encrypted in such a way that an adversary is practically unable break, as such we will limit our scope to the context of a communication (i.e. the metadata).
+
+We seek to protect the following communication contexts:
+
+
+* **Who** is involved in a communication? It may be possible to identify people or simply device or network identifiers. (e.g. This communication involves Alice and Bob.)
+* **Where** are the participants of the conversation?  (e.g. During this communication Alice was in France and Bob was in Canada.)
+* **When** a conversation takes place? The timing and length of communication can reveal plenty about the nature of a call. (Alice and Bob talked for 23 minutes and 43 seconds yesterday evening at 6pm.)
+* **How** was the conversation mediated? Whether a conversation took place over email or a telephone call can provide useful intelligence. (Alice and Bob spoke on the phone yesterday.)
+* **What** is the conversation about? - Even if the content of the communication is encrypted it is sometimes possible to derive a probable context of a conversation without knowing exactly what is said (e.g. a person calling a pizza store at dinner time,or someone calling a known suicide hotline number at 3am.)
+
+Beyond individual conversations, we also seek to defend against context correlation attacks, whereby multiple conversations are analyzed to derive higher level information:
+
+* **Relationships** - Discovering social relationships between parties by analyzing the frequency and length of their communications over a period of time. (Carol and Eve call each other every single day for multiple hours at a time.)
+* **Cliques** - Discovering social relationships between multiple parties by deriving casual communication chains from their communication metadata (e.g. everytime Alice talks to Bob she talks to Carol almost immediately after.) 
+* **Pattern of Life** - Discovering which communications are cyclical and predictable. (e.g. Alice calls Eve every Monday evening for around an hour.)
+