|
About SILCSILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet over insecure channel. SILC is IRC like software although internally they are very different. Biggest similarity between SILC and IRC is that they both provide conferencing services and that SILC has almost same commands as IRC. Other than that they are nothing alike. Biggest differences are that SILC is secure what IRC is not in any way. The network model is also entirely different compared to IRC. SILC provides security services that any other conferencing protocol does not offer today. The most popular conferencing service, IRC, is entirely insecure. If you need secure place to talk to some people or to group of people over the Internet, IRC or any other conferencing service, for that matter, cannot be used. Anyone can see the messages and their contents in the IRC network. And the most worse case, some people is able to change the contents of the messages. Also, all the authentication data, such as, passwords are sent plaintext. SILC is a lot more than just about `encrypting the traffic'. That is easy enough to do with IRC, SSL and some ad hoc scripts, and even then the entire network cannot be secured, only part of it. SILC provides security services, such as, sending private messages entirely secure; no one can see the message except you and the real receiver of the message. SILC also provides same functionality for channels; no one except those clients joined to the channel may see the messages destined to the channel. Communication between client and server is also secured with session keys, and all commands, authentication data (such as passwords etc.) and other traffic is entirely secured. The entire network, and all parts of it, is secured. This is something that cannot be done currently with any other conferencing protocol, even when using the ad hoc scripts. :) SILC has secure key exchange protocol that is used to create the session keys for each connection. SILC also provides strong authentication based on either passwords or public key authentication. All authentication data is always encrypted in the SILC network. All connections has their own session keys, all channels has channel specific keys, and all private messages can be secured with private message specific keys. SILC is an open source (or freeware) project and it has been released under the GNU General Public Licence. The SILC is free to use and everyone is free to distribute and change the SILC under the terms of the GNU GPL. While there is no guarantee for the product SILC has been tried make as secure as possible. The fact that the software and the protocol is open for public analysis is a good thing for end user. Protocol specification of SILC protocol is available for anyone to look at. There exists three Internet Drafts that has been submitted to IETF. See documentation page for more information.
ContactFeedback and comments are welcome. You can reach me in the following Address.
Pekka Riikonen
|