1 Frequently Asked Questions
3 [16]1. General Questions
5 [18] 1.2 When was SILC Project started?
6 [19] 1.3 Why SILC in the first place?
7 [20] 1.4 What license covers the SILC release?
8 [21] 1.5 Why SILC? Why not IRC3?
9 [22] 1.6 What platforms SILC supports?
10 [23] 1.7 Where can I find more information?
11 [24] 1.8 I would like to help out, what can I do?
13 [25]2. Protocol Questions
14 [26] 2.1 What is the status of SILC protocol in the IETF?
15 [27] 2.2 How much the SILC protocol is based on IRC?
16 [28] 2.3 Why use SILC? Why not IRC with SSL?
17 [29] 2.4 Can I talk from SILC network to IRC network?
18 [30] 2.5 Does SILC support file transfer?
19 [31] 2.6 Does SILC support DCC or alike?
20 [32] 2.7 I am behind a firewall, can I use SILC?
21 [33] 2.8 How secure SILC really is?
22 [34] 2.9 Does SILC support instant messaging?
23 [35] 2.10 Why SILC does not have LINKS command like in IRC?
24 [36] 2.11 Why SILC does not have STATS command like in IRC?
25 [37] 2.12 Is anyone outside a channel able to see the channel
27 [38] 2.13 I have suggestions to SILC Protocol, what can I do?
29 [39]3. Client Questions
30 [40] 3.1 Where can I find SILC clients?
31 [41] 3.2 Can I use SILC with IRC client and vice versa?
33 [42]4. Server Questions
34 [43] 4.1 Where can I find SILC servers?
35 [44] 4.2 Can I run own SILC server?
36 [45] 4.3 What is the difference between SILC server and SILC
38 [46] 4.4 Why server says permission denied to write to a log file?
39 [47] 4.5 When I connect to to my server, it says "server does not
40 support one of your proposed cipher", what is wrong?
42 [48]5. Toolkit Questions
43 [49] 5.1 What is SILC Toolkit?
44 [50] 5.2 Is the SILC Toolkit Reference Manual Available?
45 [51] 5.3 How do I compile the Toolkit on Unix?
46 [52] 5.4 How do I compile the Toolkit on Win32?
47 [53] 5.5 Does the Toolkit package include any sample code?
52 A: SILC (Secure Internet Live Conferencing) is a protocol which
53 provides secure conferencing services in the Internet over insecure
54 channel. SILC is IRC like although internally they are very different.
55 Biggest similarity between SILC and IRC is that they both provide
56 conferencing services and that SILC has almost same commands as IRC.
57 Other than that they are nothing alike.
59 Biggest differences are that SILC is secure what IRC is not in any
60 way. The network model is also entirely different compared to IRC.
62 Q: When was SILC Project started?
63 A: The SILC development started in 1996 and early 1997. But, for
64 various reasons it suspended many times until it finally got some wind
65 under its wings in 1999. First public release was in summer 2000.
67 Q: Why SILC in the first place?
68 A: Simply for fun, nothing more. And actually for need back in the
69 days when it was started. When SILC was first developed there really
70 did not exist anything like this. SILC has been very interesting and
73 Q: What license covers the SILC release?
74 A: The SILC software developed here at silcnet.org, the SILC Client,
75 the SILC Server and the SILC Toolkit are covered by the GNU General
78 Q: Why SILC? Why not IRC3?
79 A: Question that is justified no doubt of that. SILC was not started
80 to become a replacement for IRC. SILC was something that didn't exist
81 in 1996 or even today except that SILC is now released. However, I did
82 check out the IRC3 project in 1997 when I started coding and planning
85 But, IRC3 is problematic. Why? Because it still doesn't exist. The
86 project is almost at the same spot where it was in 1997 when I checked
87 it out. And it was old project back then as well. That's the problem
88 of IRC3 project. The same almost happened to SILC as well as I wasn't
89 making real progress over the years. I talked to the original author
90 of IRC, Jarkko Oikarinen, in 1997 and he directed me to the IRC3
91 project, although he said that IRC3 is a lot of talking and not that
92 much of anything else. I am not trying to put down the IRC3 project
93 but its problem is that no one in the project is able to make a
94 decision what is the best way to go about making the IRC3 and I wasn't
95 going to be part of that. The fact is that if I would've gone to IRC3
96 project, nor IRC3 or SILC would exist today. I think IRC3 could be
97 something really great if they just would get their act together and
98 start coding the thing.
100 Q: What platforms SILC supports?
101 A: The SILC Client is available on various Unix systems and is
102 reported to work under cygwin on Windows. The SILC Server also works
103 on various Unix systems. However, the server has not been tested under
104 cygwin as far as we know. The SILC Toolkit is distributed for all
105 platforms, Unix, Cygwin and native Windows.
107 Q: Where can I find more information?
108 A: For more technical information we suggest reading the SILC Protocol
109 specifications. You might also want to take a look at the
110 [54]documentation page on the web page.
112 Q: I would like to help out, what can I do?
113 A: You might want to take a look at the [55]Contributing page and the
114 [56]TODO list. You might also want to join the SILC development
117 2. Protocol Questions
119 Q: What is the status of SILC protocol in the IETF?
120 A: The SILC protocol specifications has been submitted currently as
121 individual submissions. There does not currently exist a working group
122 for this sort of project. Our goal is to fully standardize the SILC
123 and thus submit it as RFC to the [57]IETF at a later time.
125 Q: How much SILC Protocol is based on IRC?
126 A: SILC is not based on IRC. The client superficially resembles IRC
127 client but everything that happens under the hood is nothing alike
128 IRC. SILC could *never* support IRC because the entire network
129 toppology is different (hopefully more scalable and powerful). So no,
130 SILC protocol (client or server) is not based on IRC. Instead, We've
131 taken good things from IRC and left all the bad things behind and not
132 even tried to burden the SILC with the IRCs problems that will burden
133 IRC and future IRC projects till the end. SILC client resembles IRC
134 client because it is easier for new users to start using SILC when
135 they already know all the commands.
137 Q: Why use SILC? Why not IRC with SSL?
138 A: Sure, that is possible, although, does that secure the entire IRC
139 network? And does that increase or decrease the lags and splits in the
140 IRC network? Does that provide user based security where some specific
141 private message are secured? Does that provide security where some
142 specific channel messages are secured? And I know, you can answer yes
143 to some of these questions. But, security is not just about applying
144 encryption to traffic and SILC is not just about `encrypting the
145 traffic`. You cannot make insecure protocol suddenly secure just by
146 encrypting the traffic. SILC is not meant to be IRC replacement. IRC
147 is good for some things, SILC is good for same and some other things.
149 Q: Can I talk from SILC network to IRC network?
150 A: Simple answer for this is No. The protocols are not compatible
151 which makes it impossible to directly talk from SILC network to IRC
152 network or vice versa. Developing a gateway between these two networks
153 would technically be possible but from security point of view strongly
154 not recommended. We have no plans for developing such a gateway.
156 Q: Does SILC support file transfer?
157 A: Yes. The SILC protocol support SFTP as mandatory file transfer
158 protocol. It provides simple client to client file transfer, but also
159 a possibility for file and directory manipulation. Even though the
160 SFTP is the file transfer protocol the support for file transferring
161 has been done so that practically any file transfer protocol may be
162 used with SILC protocol.
164 Q: Does SILC support DCC or alike?
165 A: SILC does not support the DCC commonly used in IRC. It does not
166 need it since it has builtin support for same features that DCC have.
167 You can transfer files securely and encrypted directly with another
168 client. You can also negotiate secret key material with another client
169 directly to use it in private message encryption. The private messages
170 are not, however sent directly between clients. The protocol, on the
171 hand does not prohibit sending messages directly between clients if
172 the implementation would support it. The current SILC Client
173 implementation does not support it. This means that private messages
174 travel through the SILC Network. SILC protocol also has a capability
175 to support DCC and CTCP like protocols with SILC. None of them,
176 however have not been defined to be used with SILC at the present
179 Q: I am behind a firewall, can I use SILC?
180 A: Yes. If your network administrator can open the port 706 (TCP) you
181 can use SILC without problems. You may also compile your SILC client
182 with SOCKS support which will proxy your SILC session through the
185 Q: How secure SILC really is?
186 A: A good question which I don't have an answer for. We have tried to
187 make SILC as secure as possible. However, there is no security
188 protocol or security software that has not been vulnerable to some
189 sort of attacks. SILC is in no means different from this. So, it is
190 suspected that there are security holes in the SILC. These holes just
191 need to be found so that they can be fixed.
193 But to give you some parameters of security SILC uses the most secure
194 crytographic algorithms such as AES(Rijndael), Twofish, Blowfish, RC5,
195 etc. SILC does not have DES or 3DES as DES is insecure and 3DES is
196 just too slow. SILC also uses cryptographically strong random number
197 generator when it needs random numbers. Public key cryptography uses
198 RSA (PKCS #1) and Diffie-Hellman algorithms. Key lengths for ciphers
199 are initially set to 256. For public key algorithms the starting key
202 But the best answer for this question is that SILC is as secure as its
203 weakest link. SILC is open and the protocol is open and in public thus
204 open for security analysis.
206 To give a list of attacks that are ineffective against SILC:
208 - Man-in-the-middle attacks are ineffective if proper public key
209 infrastructure is used. SILC is vulnerable to this attack if the
210 public keys used in the SILC are not verified to be trusted (as any
211 other protocol for that matter).
212 - IP spoofing is ineffective (because of encryption and trusted keys).
213 - Attacks that change the contents of the data or add extra data to
214 the packets are ineffective (because of encryption and integrity
216 - Passive attacks (listenning network traffic) are ineffective
217 (because of encryption). Everything is encrypted including
218 authentication data such as passwords when they are needed.
219 - Any sort of cryptanalytic attacks are tried to make ineffective by
220 using the best cryptographic algorithms out there.
222 Q: Does SILC support instant messaing?
223 A: SILC is not an instant message (IM) system, like ICQ and the
224 others. SILC is more IRC like system, "real-time", connection-oriented
225 chat and that kind of stuff. But I guess IRC is too called an Instant
228 Q: Why SILC does not have LINKS command like in IRC?
229 A: It was felt that this information as an own command in SILC is not
230 necessary. Moreover, the topology of the network might be undisclosed
231 information even though the servers and routers in the network are
232 still open. We feel that the network topology information, if it is
233 wanted to be public, and the list of accessible servers can be made
234 available in other ways than providing command like LINKS, which shows
235 the active server links in IRC.
237 Q: Why SILC does not have STATS command like in IRC?
238 A: This too was considered as information that the protocol should not
239 address. We feel that server implementations will need to implement
240 some sort of adminstrative plugin, or module which provides various
241 means of accessing statistical and other information in the server.
242 And, we do consider this implementation issue, not protocol design
245 Q: Is anyone outside a channel able to see the channel messages?
246 A: A short answer is simply No. A longer answer involves assumptions
247 about security conditions. Initially channel keys are generated by the
248 server, so if the server would get compromised it would be possible
249 for an adversary to see the messages. However, users on the channel
250 can prevent this even if the server would be compromised. It is
251 possible to set so called channel private key that only the users on
252 the channel know about. The servers does not know about the key, and
253 therefore cannot see the messages even if they would be compromised.
254 So, longer answer results into same as the short one; No.
256 Q: I have suggestions to SILC Protocol, what can I do?
257 A: All suggestions and improvements are of course welcome. You should
258 read the protocol specifications first to check out whether your idea
259 is covered by them already. The best place to make your idea public is
260 the SILC development mailing list.
264 Q: Where can I find SILC clients?
265 A: The SILC client is available for free download from the silcnet.org
266 web page. Some people have also mentioned words Java and Perl when
267 talking about SILC clients. Nothing has appeared yet, though.
269 Q: Can I use SILC with IRC client and vice versa?
270 A: Generally the answer would be no for both. However, there exist
271 already at least one IRC client that supports SILC, the [58]Irssi
272 client. The current SILC client is actually based on the user
273 interface of the Irssi client. So, yes it is possible to use SILC with
274 some IRC clients and vice versa. But, this does not mean that you can
275 talk from SILC network to IRC network, that is not possible.
279 Q: Where can I find SILC servers?
280 A: The SILC server is available for free download from the silcnet.org
281 web page. We are not aware of any other SILC server implementations,
284 Q: Can I run own SILC server?
285 A: Yes of course. Download the SILC server package, compile and
286 install it. Be sure to check out the installation instructions and the
287 README file. You also should decide whether you want to run SILC
288 server or SILC router.
290 Q: What is the difference between SILC server and SILC router?
291 A: The topology of the SILC network includes SILC routers and the SILC
292 servers (and SILC clients of course). Normal SILC server does not have
293 direct connections with other SILC servers. They connect directly to
294 the SILC router. SILC Routers may have several server connections and
295 they may connect to several SILC routers. The SILC routers are the
296 servers in the network that know everything about everything. The SILC
297 servers know only local information and query global information from
298 the router when necessary.
300 If you are running SILC server you want to run it as router only if
301 you want to have server connections in it and are prepared to accept
302 server connections. You also need to get the router connected to some
303 other router to be able to join the SILC network. You may run the
304 server as normal SILC server if you do not want to accept other server
305 connections or cannot run it as router.
307 Q: Why server says permission denied to write to a log file?
308 A: The owner of the log files must be same user that the server is run
309 under, by default it is user `nobody'. Just change the permissions and
312 Q: When I connect to my server it says "server does not support one of
313 your proposed ciphers", what is wrong?
314 A: Most likely the ciphers and others has not been compiled as SIMs
315 (modules) and they are configured as modules in the silcd.conf. If
316 they are not compiled as modules remove the module paths from the
317 ciphers and hash functions from the silcd.conf, so that the server use
318 the builtin ciphers. Then try connecting to the server again. It is
319 also possible that the client IS proposing some ciphers that your
320 server does not support.
324 Q: What is SILC Toolkit?
325 A: SILC Toolkit is a package intended for software developers who
326 would like to develope their own SILC based applications or help in
327 the development of the SILC. The Toolkit includes SILC Protocol Core
328 library, SILC Crypto library, SILC Key Exchange (SKE) library, SILC
329 Math library, SILC Modules (SIM) library, SILC Utility library, SILC
330 Client library and few other libraries.
332 Q: Is the SILC Toolkit Reference Manual Available?
333 A: Yes, partially completed reference manual is available in the
334 Toolkit releases as HTML package and they are available from the
335 silcnet.org website as well at the [59]documentation page.
337 Q: How do I compile the Toolkit on Unix?
338 A: You should read the INSTALL file from the package and follow its
339 instructions. The compilation on Unix is as simple as compiling any
340 other SILC package. Give, `./configure' command and then `make'
343 Q: How do I compile the Toolkit on Win32?
344 A: We have prepared instructions to compile the Toolkit on Win32 in
345 the Toolkit package. Please, read the README.WIN32 file from the
346 package for detailed instructions how to compile the Toolkit for
347 Cygwin, MinGW and native Win32 systems. We have also prepared ready
348 MSVC++ Workspace files in the win32/ directory in the package that
349 will compile automatically the Toolkit.
351 Q: Does the Toolkit package include any sample code?
352 A: Yes, naturally. It includes sample codes for two different SILC
353 Client implementations, and SILC Server. Win32 samples are included in
354 the win32/ directory, for simple client.
projects / silc.git / blob