[guardian-dev] serverless P2P OTR (re: serverless XMPP)

Timur timur.mehrvarz at riseup.net
Tue May 8 06:15:28 EDT 2012


Hi, I just uploaded a new P2P OTR chat application to the Market (aka
Play). It's called "P2pChat" [1].

End-to-end encryption is all nice, but I was always a little unhappy
about the fact that communication patterns (who; when; how long) are
being revealed to the instant messaging operator. To use P2pChat, you
don't need an account. This also very much simplifies setup. In fact,
there is not a single configurable setting currently. You do need your
OTR secret, however.

The app makes use of a relay server. The relay server helps clients to
find each other. It also allows the clients to learn about their public
ip and port numbers. Clients will detach from the relay server as soon
as a direct P2P connection has been established.

In addition to OTR, the app also provides a PGP type encryption mode
(called "Stored key connect"). When you do an OTR connect for the first
time, the two public keys (automatically generated, but not required in
OTR mode) are automatically exchanged. This allows you to also use fixed
key encrypted communication whenever you want to. (One advantage of
fixed key encryption is, that you can go online and become connectable
to multiple parties. However, this is not yet implemented.)

The app is written ins Scala and consists of three separate
repositories: P2pCore [2], P2pChatOTR [3] and P2pChatAndroid [4].

Anybody willing to take a look, maybe share a comment?
Thank you and kind regards,
Timur

[1] https://play.google.com/store/apps/details?id=timur.p2pChat
[2] https://github.com/mehrvarz/P2pCore
[3] https://github.com/mehrvarz/P2pChatOTR
[4] https://github.com/mehrvarz/P2pChatAndroid


More information about the Guardian-dev mailing list