- Cryptocat
-
Cryptocat Developer(s) Nadim Kobeissi Initial release 19 May 2011 Written in JavaScript, PHP Operating system Cross-platform Type Secure communication License Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License Website crypto.cat Cryptocat is an open source web application intended to allow secure, encrypted communication. Cryptocat encrypts chats on the client side, only trusting the server with data that is already encrypted. Cryptocat is served via HTTPS, while also offering a Google Chrome application that loads code locally. Cryptocat intends to provide means for impromptu, encrypted communications that offer more privacy than services such as Google Talk, while maintaining a higher level of accessibility than other high-level encryption platforms.
Contents
Operation
Cryptocat uses AES for message encryption, 4096-bit Diffie-Hellman-Merkle for key agreement, SHA-2 for fingerprint generation (used for authentication), and HMAC for message integrity verification. Since Cryptocat generates new key pairs for every chat, it implements a form of perfect forward secrecy. Cryptocat also provides a mobile website for use on portable devices such as Android phones, and may be used in conjunction with Tor in order to anonymize client connection details from the server side.
Weaknesses
The web version of Cryptocat, while used over HTTPS, is still susceptible to a server-side code poisoning attack should the server be compromised. This is mitigated by using Cryptocat Chrome, which runs all code locally in a similar fashion to Off-the-Record Messaging. Cryptocat may also inherit vulnerabilities that affect its host web browser.
See also
References
- Crypto.cat Aims To Offer Super-Simple Encrypted Messaging Retrieved: 13 November 2011
- Cryptocat Creates an Encrypted, Disposable Chatroom on Any Computer with a Web Browser Retrieved: 13 November 2011
- Cryptocat Readme Retrieved: 13 November 2011
External links
Categories:- Cryptographic software
- Internet privacy
Wikimedia Foundation. 2010.