Re: [FOSS] P2P portable encrypted messaging and voice communciation (And an app!)
The issue at hand is that until decentralized internet is established the masses relies on one "Internet" tunnel to reach their devices, there is rare cases where someone has purchased multiple Ethernet lines to connect to that are provided by separate companies, so even in the city with high amount of wifi nodes around they general area will be considered by the same company. If there are multiple wifi nodes from multiple companies its super rare to be equipped with a WIFI chip that will connect to multiple nodes at once so until all this is fixed(hopefully in the near future the internet will become decentralized) the P2P Crypt is forced to work like the following diagrams
BLUE: Connections not safe for trading public keys, but is safe for relaying data (Unless data is being received or sent to a trusted node)
SOLID GREEN: These are "actions" that happen, and they increase the security of the network
DASHED GREEN: These are the results of the solid green actions, dashed green lines show which nodes can safely relay data to each other regardless if there is an untrusted connection/ISP
DASHED Yellow: These are the results of the green "actions", They are used for transferring encrypted and plaintext data as well as public keys. Information must be verified by requesting the checksum from other nodes and once enough yellow nodes have sent in trusted information (and atleast 1 green solid connection) have been verified then the data is marked trusted
The following shows an untrusted internet-work connections before anyone trades keys and/or builds trust.
The following shows how to solve the Man-In-The-Middle issues by trading public keys in person (or provably secure connection)
Obviously trading public keys face to face is 99% impossible to do in a practical sense for the internet, so the P2P Crypt server nodes are established to be running 24/7 all around the world. P2P Nodes would in theory trade public keys in person only once to establish trust. Now clients can connect to multiple p2p nodes and verify information from multiple sources (the diagram shows only two p2p servers nodes but a the actual client would require 20 nodes to verify information before anything is trusted).
I'd imagine that just like Bitcoin there would be an 100+ established trusted nodes included with the application, so just assume that when viewing the steps below. The steps below depicts how a new p2pnode (or client) coming online could begin to establish trust with other nodes or clients with out meeting face to face and exchanging public keys.
BLUE: Connections not safe for trading public keys, but is safe for relaying data (Unless data is being received or sent to a trusted node)
SOLID GREEN: These are "actions" that happen, and they increase the security of the network
DASHED GREEN: These are the results of the solid green actions, dashed green lines show which nodes can safely relay data to each other regardless if there is an untrusted connection/ISP
DASHED Yellow: These are the results of the green "actions", They are used for transferring encrypted and plaintext data as well as public keys. Information must be verified by requesting the checksum from other nodes and once enough yellow nodes have sent in trusted information (and atleast 1 green solid connection) have been verified then the data is marked trusted
The following shows an untrusted internet-work connections before anyone trades keys and/or builds trust.
The following shows how to solve the Man-In-The-Middle issues by trading public keys in person (or provably secure connection)
Obviously trading public keys face to face is 99% impossible to do in a practical sense for the internet, so the P2P Crypt server nodes are established to be running 24/7 all around the world. P2P Nodes would in theory trade public keys in person only once to establish trust. Now clients can connect to multiple p2p nodes and verify information from multiple sources (the diagram shows only two p2p servers nodes but a the actual client would require 20 nodes to verify information before anything is trusted).
I'd imagine that just like Bitcoin there would be an 100+ established trusted nodes included with the application, so just assume that when viewing the steps below. The steps below depicts how a new p2pnode (or client) coming online could begin to establish trust with other nodes or clients with out meeting face to face and exchanging public keys.