freedomofpress/securedrop-protocol
Research and proof of concept to develop the next SecureDrop with end to end encryption.
PythonAGPL-3.0
Issues
- 0
draft problem statement on traffic analysis
#61 opened by cfm - 0
draft problem statement on PKI and/or key transparency for journalists' public keys
#60 opened by cfm - 0
- 0
- 4
Missing Message Agreement
#55 opened by lumaier - 1
Anonymity "Attacks" by Malicious Server
#57 opened by felixlinker - 2
Attack on indistinguishability: server excludes some journalists when keys are fetched
#56 opened by lumaier - 5
- 0
- 0
- 0
- 2
- 1
Why not using MLS ?
#34 opened by beurdouche - 5
- 2
- 3
- 2
Bucketing proposal to drop the message limit
#49 opened by lsd-cat - 1
Rust and Go
#42 opened by yonas - 3
- 1
Add brief inventory of PoC implementation
#46 opened by eloquence - 0
- 0
Better terminology to describe server posture
#44 opened by rocodes - 4
message_id enumeration requirements
#43 opened by ayende - 6
draft Tamarin security model
#26 opened by cfm - 5
- 1
Address and analyze the preliminary audit
#36 opened by lsd-cat - 3
- 25
- 1
Journalist fetching keys are signed and verified using the newsroom key instead of their own signing key
#25 opened by lsd-cat - 2
Server might swap, replace, replay ciphertexts
#31 opened by lsd-cat - 4
Formal Analysis of Protocol
#33 opened by felixlinker - 0
Add symmetry also for /file endpoint
#3 opened by smaury - 3
Add sanity checks for malicious challenges
#1 opened by TheZ3ro - 2
- 0
Define PKI structure and policies
#32 opened by lsd-cat - 9
Sources are able to access and delete attachments/uploads because they know the `file_id`
#10 opened by eaon - 0
- 0
- 0
- 2
- 3
Onboard Jen & Mickael
#12 opened by sssoleileraaa - 2
Onboard Nathan
#11 opened by eloquence - 1
Add Server Request keypair to the readme
#5 opened by TheZ3ro