Secure Internet Live conferencing http://silcnet.org/
Features - Normal conferencing services such as private messages, channels, channel messages, etc. All traffic is secured and authenticated. - No unique nicknames. There can be same nicknames in SILC without collisions. SILC has unique Client ID's, Server ID's and Channel ID's to assure that there are no collisions. The maximum length of the nickname is 128 characters. The maximum length of the channel name is 256 characters. - Channels can have channel operators and a channel founder which is the client who created the channel. Channel founder privileges supersedes the channel operator privileges. Also, channel founder privileges may be regained even if the founder leaves the channel. The requirement for this is that the client is connected to the same server it was originally connected. The channel founder cannot be removed (kicked) from the channel using force. - Channel messages are protected by channel key, generated by the server. The key is re-generated once in an hour. It is possible to set a private key for the channel so that even the servers does not know the key. Actually, it is possible to set several private keys so that only specific users on the channel may decrypt some specific messages. Adding the private key significantly increases the security as nobody else but the users on the channel know the key. - Private messages are protected using session keys, generated when connecting to the server. This means that the private messages are decrypted and re-encrypted enroute to the true receiver of the message. However, it is possible to set a private key between two clients and protect the private messages with that key. In this case no server enroute can decrypt the message since they don't have the key. The SILC protocol provides an automatic key negotiation between two clients using the SKE protocol. This makes it very easy to negotiate a shared secret key with another client in the network. - All the other traffic, like commands between client and the server are protected using the session keys. Session keys are re-generated once in an hour. The re-key may be done with or without the PFS (Perfect Forward Secrecy). - Secure key exchange and authentication protocol. SILC Key Exchange (SKE) protocol provides key material used in the SILC sessions in secure manner. The protocol is immune for example to man-in-the-middle attacks and is based on the Diffie-Hellman key exchange algorithm. The SILC Authentication protocol provides strong authentication. Authentication may be based on passphrase or public key (RSA) authentication. For clients there is an option not to use authentication when connecting to servers. - Supports secure file transferring between clients in the network. SILC use the SFTP as the main file transfer protocol. - All traffic is encrypted and authenticated using the best cryptographic algorithms out there. Cipher keys are, by default, 256 bits in length and public keys, by default, 1024 bits in length. - Supports the following ciphers: AES(Rijndael), Twofish, Blowfish, Mars, Cast-256, RC5 and RC6. Supports the following hash functions: MD5 and SHA1. Supports the following HMACs: hmac-sha1-96, hmac-md5-96, hmac-sha1 and hmac-md5. Supports the PKCS #1 (RSA) for public key cryptography. - Supports data compression with GZIP to improve performance. - Supports SOCKS4 and SOCKS5 firewall traversal protocols. - SIM (SILC Module) support. Support for loading of shared objects at run-time that provides new and extended features to both SILC client and server. These can provide extra ciphers and extra features to the software. - SILC client can be installed and used without root privileges. - SILC client can be configured by system wide configuration files but with user specific configuration files as well. On Wed, 2001-12-26 at 16:46, Rhett Hensley wrote: > Greets, > I have recently became in need for encrypted chat in my place of work. I > have seen a few options such as using pgp plugins to encrypt messages when > using icq or jabber but I was wondering what some of you would advise. I am > running a mixed linux/2k network & thanks for the help in advance. > > -Rhett >
