Start using the 3DH Derived Ephemeral Key to Encrypt Packets #56

sarah · 2019-01-22T20:26:21Z

sarah commented

2019-01-22 20:26:21 +00:00

(based on #55 so merge that first to get a cleaner diff)

See screenshots for a before and after of the traffic from ricochet. Note that all traffic is already encrypted over the hidden service lat=yer, but this provides application level encryption which provides some more defense in depth against local passive adversaries.

(based on https://git.openprivacy.ca/openprivacy/libricochet-go/pulls/55 so merge that first to get a cleaner diff) See screenshots for a before and after of the traffic from ricochet. Note that all traffic is already encrypted over the hidden service lat=yer, but this provides application level encryption which provides some more defense in depth against local passive adversaries.

Screenshot from 2019-01-22 12-20-48.png

79 KiB

Screenshot from 2019-01-22 12-17-46.png

75 KiB

buildbot commented

2019-01-22 20:30:27 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/143

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/143

buildbot commented

2019-01-22 20:48:05 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/144

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/144

buildbot commented

2019-01-22 20:56:55 +00:00

First-time contributor

Drone Build Status: success

https://build.openprivacy.ca/openprivacy/libricochet-go/146

Drone Build Status: success https://build.openprivacy.ca/openprivacy/libricochet-go/146

buildbot commented

2019-01-22 21:02:42 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/148

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/148

sarah commented

2019-01-22 21:07:46 +00:00

For reasons I don't understand the integration tests run locally but fail on the build server. The only notable differences I can determine right now between the 2 are:

tor version (locally I am running 3.5.7, server is running 3.5.3)
the server is starting from a blank slate and I have tor cache (however I still succeed locally even after deleting tor cache)

For reasons I don't understand the integration tests run locally but fail on the build server. The only notable differences I can determine right now between the 2 are: * tor version (locally I am running 3.5.7, server is running 3.5.3) * the server is starting from a blank slate and I have tor cache (however I still succeed locally even after deleting tor cache)

buildbot commented

2019-01-22 21:18:04 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/150

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/150

buildbot commented

2019-01-22 21:28:29 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/152

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/152

buildbot commented

2019-01-22 21:42:15 +00:00

First-time contributor

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/libricochet-go/154

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/libricochet-go/154

buildbot commented

2019-01-22 21:49:34 +00:00

First-time contributor

Drone Build Status: success

https://build.openprivacy.ca/openprivacy/libricochet-go/156

Drone Build Status: success https://build.openprivacy.ca/openprivacy/libricochet-go/156

sarah commented

2019-01-22 21:50:53 +00:00

There was a race condition (partially triggered by the structure of the integ test but revealed that there was a better place to start encryption) - So it now works!