Party on IRC

Bill Stewart stewarts at ix.netcom.com
Sat Jun 21 02:50:03 PDT 1997 


>Robert Hettinga <rah at shipwright.com> writes:
>>Is there an encrypted IRC available?
>>If not, shouldn't there be?
>>Is such a thing even possible?

You'd have to think about what you wanted it to do,
but it should be quite doable.  IRC is normally for sharing
conversations between an amorphous, changing bunch of people,
which isn't really a standard thing to do with crypto.  
But I can see several basic models:
0) Just Speak Finnish :-)
1) Two-person, with Diffie-Hellman key exchange
2) N-person shared-key - you'd probably use RSA to give the session key
to each new participant, or use PGP to do it.
3) N person, one key per sender, shared as above.
4) Ignore the application layer, and build the crypto as an IPsec tunnel.
5) Ignore the IRC protocols, and build a similar conversation server
using web forms and SSL.

Some tools you'd want`for 1-3:
a) Convenient cut&paste between the IRC makes integrating things easier,
such as key exchange, e.g. drop in a PGP message with today's key.

b) The ability to mix encrypted and unencrypted messages, 
so it's easier to do things like join the channel and negotiate keys.

c) A crypto operating mode that doesn't depend on sequence -
probably a line basis is about right.  ECB mode is boring and unsafe,
but you could use a session key (distributed with RSA/DH/etc.) 
to encrypt a per-line nonce key, and encrypt the line with the nonce,
transmitting "encryptednonce, encryptedline" for each line of data.

Perhaps this is less secure (?), but can you do something like
linekey = Hash( Hash(sessionkey, nonce), sessionkey ) 
transmitting "nonce, encryptedline"?  This would let you use a hash
instead of a symmetric crypto for the key on each line,
and might make it more convenient to choose a stream cypher such as RC4/160 
instead of a slower block cypher such as IDEA or DES for the line encryption.



#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)

More information about the cypherpunks-legacy mailing list