[liberationtech] Wickr

Kara Coppa kara at mywickr.com
Thu Jun 28 20:30:49 PDT 2012 

Hi everyone,
I'm new to the list and thank you for approving my account to join such a diverse group!

I'm a Wickr co-founder and  I heard there was some discussion today about our technology.  As you've probably heard Dan Kaminsky is part of our advisory board and we've worked out some additional details about our technology that we'd like to share with you.  I hope you'll appreciate what we've been working so hard on. 

Below is what we've come up with attached with greetings from Dan. 

Hi everyone, this is Dan Kaminsky.  I've been advising Wickr for some time, and I'm relatively pleased with the nature of the product we're offering here..

Essentially, it's an attempt to create an environment where the best practices of secure messaging are "always on" and "just work".  There are quite a few communities that we all agree could use an easier way to communicate safely, and we're honored to provide this new service.  A couple of comments about how it all works:

Obviously, there's no home grown crypto.  It's 2012, everyone knows how that story ends.  Messages are encrypted via multiple rounds of AES-256, with the symmetric keys transported via 4096 bit RSA.  Private keys actually never leave the decrypting device; in fact, Wickr goes out of its way to bind messages to a particular device as thoroughly as feasible.  It actually uses some properties of devices that are unique from phone to phone as part of the key material necessary to decrypt messages to a particular phone.  We sacrifice some usability to achieve device dependence but feel the paranoia is justified.

There is indeed a central server in the Wickr design; it's there to introduce peers to one another and to provide some protection against traffic analysis while proxying messages between peers.  Critically, the Wickr server never sees the plaintext and does not have a backup of the private keys.  Encrypted messages are delivered to the central server via SSL and a Wickr-specific key, and then they are proxied to clients for decryption and display.

The central server really does as much as it can to proxy content, but otherwise gets out of the way.  No logs are kept of message delivery, all addresses are SHA-256 hashes of keys, and each device stores a unique cryptographic hash for each Wickr peer.

Regarding forward secrecy, as a store and forward platform there are some challenges.  Wickr's model is to use the server side key to rotate the client side key on a regular basis, at periods longer than the maximum supported expiration time.  This is vaguely similar to the key rotation strategy used by OpenSSH.  It's not PFS but it's quite reasonable.

Anyway, Wickr is under active development, so please, kick the tires!  Let us know what you think! 

Thanks again everyone for the opportunity to post. 

~Kara

kara at mywickr.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120628/6a3736b4/attachment.html>

More information about the liberationtech mailing list