Sunday, August 03, 2014

tox, from 4chan

Every peer is identified by a curve25519 public key. To add someone as a friend, you add that public key.

Connections between friends are encrypted.

is the crypto used.

describes the protocol used to connect securely to friends after they find themselves.

This protocol has PFS, message padding to prevent length based leaking and should be immune against replay attacks.

What makes it secure is that you know the long term public key of your friends making it really easy for the software to establish secure connections to them.

from the discussion here:

from Lizard's Ghost

No comments:

Post a Comment