The so-called Secure Internet Live Conferencing is a nice plan, because we all like encrypted chat, and surely better than nothing, but it comes with a couple of drawbacks. We stopped investigating further after we found these, so there may be more.
Beware, these are conclusions from skimming the whitepaper. We did not talk to the developers so we may have missed some points. This page is open for discussion, just register with the wiki and throw your views in.
Contents |
Closed Network
Being derived from IRC, SILC has inherited the closed network principle of IRC which doesn't let you set up your own server and communicate with the rest of the SILC users (federation) - instead you have to use their server - the standard server network. This might be acceptable if it weren't for the next point:
Snoopable Chatrooms
SILC relies on the closed network topology and does not have effective methods against evil routers or servers. From the whitepaper:
- Note that normal servers in the SILC network never decrypt the channel messages even though they have the key. There is no reason for servers to decrypt the message.
So there is no protection from a malicious server, whose admins snoop on the channel. You have to trust the admins of the SILC network. Honestly, we prefer to run our own servers. You can do that with SILC also, but, like in IRC you either have to join their network or practise hermitage.
- ... The Wikipedia:SILC (protocol) claims "SILC provides security even when the SILC server may be compromised." I'd like to know which information is correct, the whitepaper or wikipedia. --lynX
<mjacob> Both statements are correct. It is ensured that all packets are encrypted. This is also true when servers could decrpyt messages. But there is the option for channel members to agree a symmetric, private key that isn't known by the SILC routers and servers. The same for private messages: To ensure ecryption every packet is crypted with a key agreed upon two servers. However, there is the option to run the key exchange protocol between two users.
<coyo> I'm always a big fan of encryption, and one thing i liked about silc is you could theoretically drop any mime type into it. now that psyc does binary, such as audio, video, and application data, i dont really see the need for silc anymore. people will eventually migrate to using ssl3/tls1 links for everything out of habit. i do /not/ like my passwords flying over the network in cleartext.
Channel Message Delivery With Channel Private Key
So you have to use a different strategy to ensure your conversation in a chatroom. You have to exchange a key between all people involved, using other unspecified exchange medium. And all users need to use a client capable of that. Alright, that's a possibility, but you can do that with any chat technology. You don't need SILC for that, you can do that on IRC or PSYC also. Just get a script like blowcrypt or FISH and go ahead.
Network Links
The only good thing that SILC seems to provide is complete encryption of all network links. Yet the confidentiality of that is much lower than simply establishing a direct connection and use TLS to 'secure' that.