HTTPS SSH

README

The Whisper project is an experiment in cryptographic message infrastructure. Currently it provides the Whisper.Security library of relatively high-level cryptographic constructs and the Whisper.Box command line application that is somewhat similar in scope to OpenPGP implementations.

Whisper.Security

This aims to provide for .NET some of the functionality that makes libsodium so attractive: An easy to use cryptographic box primitive that handles the details of asymmetric key agreement and authenticated symmetric encryption.

The most important class for code using the library is Whisper.Security.Cryptography.AsymmetricBox. It provides a factory function for Curve25519 key pairs. After initializing an instance of the class with a recipient public key and a local secret key it can be used to encrypt data with the 256 bit variant of Rijndael in CCM mode.

The class has convenience methods to encrypt complete messages as a whole, but it can also integrate with consumers of System.Security.Cryptography.ICryptoTransform.

Whisper.Box

A small command line application that reads and writes MIME-style messages and secures them using Whisper.Security.Cryptography.AsymmetricBox. It aims to apply the box primitve in a way that preserves forward secrecy and enables some degree of plausible deniability.

Each message gets its own ephemeral key pair. The ephemeral public key is included in clear alongside the encrypted data. The message is encrypted from the ephemeral secret key to the recipients static public key. The sender's static public key is included inside the encrypted message together with another box encrypted from the sender's static secret key to the recipient's static public key. This inner vouch box holds the ephemeral public key of the message and the static public key of the recipient. It serves as an assertion of the senders identity.

How to get started?

Check out the source using Mercurial, build using msbuild or xbuild or the included BuildAndTest.sh script:

hg clone bb://chust/whisper
cd whisper
./BuildAndTest.sh

Some binary builds may also be available in the downloads section.

Who do I talk to?

Contact Thomas Chust with inquiries or suggestions. Mail encrypted using Whisper.Box for the following key will be accepted if the program works ;-)

<?xml version="1.0" encoding="utf-8"?>
<key algorithm="Curve25519/SHA256/Rijndael256/CCM">
  <public>opeuk0McipOXKClIaHifTnwFRs50Gx6eKXfGTY7/Xg0=</public>
</key>