Crates.io | voynich |
lib.rs | voynich |
version | 0.1.1 |
source | src |
created_at | 2024-03-14 23:21:24.110464 |
updated_at | 2024-03-18 23:44:03.303034 |
description | Library for creating anonymous, end-to-end encrypted and authenticated chat applications |
homepage | |
repository | |
max_upload_size | |
id | 1174244 |
size | 348,801 |
Library for creating anonymous, end-to-end encrypted and authenticated chat applications
Voynich is a Rust library for creating chat applications which are anonymous, end-to-end encrypted and authenticated. It includes an example terminal chat application, voynich-term
. It uses Tor onion services for anonymity, and for the outer layer of encryption; in addition, each message is encrypted and authenticated using ephemeral session keys, signed using the onion service secret key.
Voynich uses the identifier of the onion service as your identity as a chat participant - the onion service is your identity. It can generate new onion services on-the-fly, either transient (existing only for the life of the chat session) or persistent (reusing the same onion service in multiple sessions), and since the IP address of a given onion service is hidden, your identity is hidden as well.
In addition to using onion services for anonymity (not to mention basic, TLS-level encryption), Voynich additionally encrypts and authenticates each message using a session key regenerated for each session.
NOTE: The cryptographic code hasn't been audited by anyone but myself - use at your own risk!!!
I started this project because I was wondering if it was possible to have a completely anonymous, encrypted, authenticated messaging system. As such, it's really more of a proof-of-concept than a full-featured chat system.
Voynich uses the tor-client-lib library to interact with the Tor server running locally, allowing it to either use existing onion services configured within the Tor server, or to create onion services on-the-fly. The ID of the onion service (the part of the onion hostname before the ".onion") serves as the identity of each chat participant. Since the onion service ID can't, in theory, be connected to a particular IP address, it provides anonymity; however, since the session encryption key is linked with the onion service ID via the private key, it also provides authentication - you know that when you connect to a given onion service, whoever you're talking to has access to the private key for the service.
Because you can create the onion services as either persistent services (created by Voynich, and reused in subsequent chat sessions), or transient (created by Voynich on startup and lasting only for the length of the chat session), you can think of it as supporting longer-term or transient identities, which can be useful in a few different contexts:
The checked features are currently implemented; the unchecked are expected in future versions.
As mentioned, this is really more of a proof-of-concept, than a full-featured application library (at least at this point). That being said, I'm open to any of the following:
I'm especially hopeful that someone with more cryptographic experience than I is willing to look over the cryptographic setup (more below) and code, and offer suggestions as to improvements.
See the wiki.
There's also a terminal-based chat app included, called voynich-term
, mostly as an example, using ratatui for the terminal UI code.
For more information, see the wiki.