X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=README;h=7c06e9c43d9dd5e06bee051332fd54379ca1fe3d;hb=refs%2Fheads%2Fsilc.1.1.branch;hp=4ed2fba46b2cbae88c5fb6a5382ed14b85d04192;hpb=413da0f8686910f5e627393157566ae729ca99c4;p=silc.git diff --git a/README b/README index 4ed2fba4..7c06e9c4 100644 --- a/README +++ b/README @@ -1,14 +1,38 @@ SILC - Secure Internet Live Conferencing ======================================== -SILC (Secure Internet Live Conferencing) is a protocol which provides -secure conferencing services on the Internet over insecure channel. -SILC is IRC-like software although internally they are very different. -The biggest similarity between SILC and IRC is that they both provide -conferencing services and that SILC has almost the same commands as IRC. -Other than that they are nothing alike. Major differences are that SILC -is secure what IRC is not in any way. The network model is also entirely -different compared to IRC. +SILC (Secure Internet Live Conferencing) is a modern and secure +conferencing protocol. + + +Features +======== + +SILC provides all the common conferencing services like private messages, +instant messages, channels and groups, and video and audio conferencing. +The main difference to other protocols is that SILC has been designed with +security as its main feature - it is not an add-on or optional plugin - +and security cannot be turned off. + +All SILC connections execute SILC Key Exchange protocol, an authenticated +Diffie-Hellman key exchange algorithm, to generate a shared secret session +key. All SILC packets exchanged between SILC clients and servers are +protected with these keys. + +All private messages (instant messages) are protected with private message +keys established using the SILC Key Exchange protocol over the SILC network. +Private messages can be read only by the sender and the recipient of the +message. SILC servers along the way cannot decrypt the messages. +Optionally, private message key may also be a shared secret, such as +passphrase, or the SILC Key Exchange may be performed peer-to-peer between +clients. If all these methods fail the session keys are used as the last +resort fallback to encrypt private messages. + +All channel and group messages are protected with channel specific keys +generated by the SILC routers and only the members of the channel may read +the messages. Optionally, channel members may set up a shared secret, +such as passphrase, as the channel key to exclude SILC routers from knowing +the key. Running SILC @@ -29,81 +53,11 @@ server give the command: This will launch the server on to the background. -Features -======== - -Features to be included into the final release of SILC. [Note that the -current Developer's Version does not include all of these features, read -TODO file for more information.] - - o Normal conferencing services such as private messages, channels, - channel messages, etc. All traffic is secured and authenticated. - - o No unique nicknames. There can same nicknames in SILC without - collisions. SILC has unique Client ID's, Server ID's and Channel ID's - to assure that there are no collisions. - - o Secure key exchange and authentication protocol. SILC Key Exchange - protocol provides key material used in the SILC sessions in secure - manner. The protocol is immune for example to man-in-the-middle - attacks. The SILC Authentication protocol provides strong - authentication. Authentication may be based on passphrase or public - key (RSA) authentication. For clients there is an option not to - use authentication when connecting to servers. - - o All traffic is encrypted and authenticated using the best cryptographic - algorithms out there. Command messages, private messages and channel - messages are all protected by encryption. User can set private keys - for both private message and for channels so that even SILC servers do - not know the keys. Cipher keys are, by default, 128 bits in length and - public keys, by default, 1024 bits in length. - - o Supports data compression with GZIP to improve performance. - - o Supports SOCKS4 and SOCKS5 firewall traversal protocols. - - o SIM (SILC Module) support. Support for loading of shared objects at - run-time that provides new and extended features to both SILC client - and server. These can provide extra ciphers and extra features to - the software. - - o SILC client can be installed and used without root privileges. - - o SILC client can be configured by system wide configuration files but - with user specific configuration files as well. - - History ======= -SILC was released in the summer 2000 to the public, but the idea and the -protocol itself is quite old. The SILC was designed by Pekka Riikonen in -the year 1996 and first lines of codes were written in the early 1997. The -SILC has been rewritten three times since its very first version in 1997. -The first version included SILC client, very preliminary SILC server, RSA -implementation and 3DES implementation. The server actually was not usable -but the client looked pretty much the same as the first client released in -the summer 2000. The first version had also random number generator which -were based on the SSH's random number generator. The current RNG is based -on the first RNG but has been rewritten twice since the first version. - -The development of SILC was suspended in 1997 when Pekka got busy at -school and in work. The pause laster several months. The development -resumed in 1998 when Juha Räsänen and Pekka implemented the ElGamal -algorithm. However, for the same reasons as previously the development -stopped again, and was resumed again later in 1998 by doing rewrite of -ther SILC in C++. This was obviously a mistake but at that time it seemed -like a good idea. Again, in the winter 1999 the development suspended when -Pekka got busy writing his thesis and was forced to stop the development. - -Later, in 1999, it was decided that this time SILC will be rewritten from -scratch in the right way. C++ was obviously a bad choice so plain C -language was selected again. The protocol itself faced some rework by -redesigning some core parts of the protocol. The protocol was also fully -documented and the protocol specifications were submitted to the IETF. The -result of this development effort is the release now in public. Since the -release in the summer 2000 several other people have contributed to the -project as well. And, the development continues. +SILC was developed between 1996 and 1999 and released to public in 2000. +SILC was originally developed by Pekka Riikonen. Contact