Himitsu project the beginning: initial architecture and multiparty support
KeywordsPET ; Privacy ; Himitsu project ; Instant messaging ; Group key agreements ; End-to-end encryption ; Service advertizement ; Group instant messaging ; New system
Nowdays the landscape of Internet has drastically changed, as a result various problems happened towards user’s privacy and freedom of speech. Many offered solutions as seen in  lack of the necessary user experience in order for a widespread solution, easy for the average Joe to adopt. As a result I propose the Himitsu project, a long-term project aiming to offer privacy through the end-to-end encryption and the use of user-published services with awesome user experience, via extending the technologies of Instant Messaging. Initially there will be a bibliographic research regarding the technologies used for Group Key Agreement, the algorithms with focus on ones that used in Instant messaging protocols. There will be analyzed the hard problems and methodologies used for proving their security and on how they works as well. Furthermore we also study the logical overlay communication structure used for message exchanging and based on that we classify the key agreement protocol. Afterwards a further bibliographic research is performed on existing Instant Messaging protocols focusing on how the privacy is protected, specifically is studied what privacy requirements needs to be met on a multiparty instant messaging system. Also is focused on what cryptographic primitives are used to fulfill the privacy requirements and how effectively are being used. Next, attempts are described on implementing a group key agreement. There were 2 attempts one Implementing the mDP algorithm using electron and XMPP and one implementing Burmester Desmedt using C and MPI. At the end the Himitsu’s initial architecture, requirements and technologies used are being described. Having studied all the protocols mentioned above, I achieved to make the initial architecture for the Himitsu Project and define its initial technical and security requirements, based upon existing technologies and architectures used for instant messaging, even though I failed to implement a group key agreement. Also I managed to define a development roadmap and I figured out what necessary steps are required in order to develop the required components (either protocol-based ones or the software-based ones) of it.