At 11:03 pm -0400 on 6/19/97, Lucky Green wrote:

Much happened this week. If you feel like a conversation, join me on #cypherpunks on EFnet.

Hey, folks, Is there an encrypted IRC available? If not, shouldn't there be? Is such a thing even possible? Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/

Robert Hettinga writes:

...

Is there an encrypted IRC available? If not, shouldn't there be? Is such a thing even possible?

You'd have to think about what you wanted it to do, but it should be quite doable. IRC is normally for sharing conversations between an amorphous, changing bunch of people, which isn't really a standard thing to do with crypto. But I can see several basic models: 0) Just Speak Finnish :-) 1) Two-person, with Diffie-Hellman key exchange 2) N-person shared-key - you'd probably use RSA to give the session key to each new participant, or use PGP to do it. 3) N person, one key per sender, shared as above. 4) Ignore the application layer, and build the crypto as an IPsec tunnel. 5) Ignore the IRC protocols, and build a similar conversation server using web forms and SSL. Some tools you'd want`for 1-3: a) Convenient cut&paste between the IRC makes integrating things easier, such as key exchange, e.g. drop in a PGP message with today's key. b) The ability to mix encrypted and unencrypted messages, so it's easier to do things like join the channel and negotiate keys. c) A crypto operating mode that doesn't depend on sequence - probably a line basis is about right. ECB mode is boring and unsafe, but you could use a session key (distributed with RSA/DH/etc.) to encrypt a per-line nonce key, and encrypt the line with the nonce, transmitting "encryptednonce, encryptedline" for each line of data. Perhaps this is less secure (?), but can you do something like linekey = Hash( Hash(sessionkey, nonce), sessionkey ) transmitting "nonce, encryptedline"? This would let you use a hash instead of a symmetric crypto for the key on each line, and might make it more convenient to choose a stream cypher such as RC4/160 instead of a slower block cypher such as IDEA or DES for the line encryption. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)

At 03:31 PM 6/21/97 -0400, Nelson Minar wrote:

I don't know any more what mailing lists I should use. Coderpunks? Cryptography? Cypherpunks? DCSB?

I'd posted my mail to cypherpunks and cryptography, so I'm forwarding yours there.

It already exists. IRC includes the "DCC" protocol - direct client to client communication. It's mostly for exchange of files (read: pornography), but you can also use it for chat or, even better, encrypted chat. It's like a /msg except that the servers are never involved, it's directly between two clients.

The DCC stuff isn't very standardized, so I don't know how interoperable it all is. I believe that IRCII, the Unix client, has something in it along the lines of DES with secret keys.

# Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)

In article , John A. Perry wrote:

I believe it uses the crypt(3) function for encryption.

It can't use crypt(3), as that's more of a hash function than a cipher, and one would hope it doesn't use crypt(1) (though I wouldn't be very surprised). - Ian