[gentoo-user] Network message encryption

[gentoo-user] Network message encryption

[Xianwen Chen]

Hello all,

I'm looking for a network message encryption method. Please kindly
tell me if you know any Instant Messenger which supports encryption.
Thank you very much!

Best regards,

Wen

-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[Dale]

Xianwen Chen wrote:
> Hello all,
>
> I'm looking for a network message encryption method. Please kindly
> tell me if you know any Instant Messenger which supports encryption.
> Thank you very much!
>
> Best regards,
>
> Wen
>
>   

According to the USE flags, it appears that Kopete supports encryption. 
I have no clue how good it is or if this is exactly what you are looking
for but you may want to look into it.

[ebuild   R   ] kde-base/kopete-3.5.10-r4  USE="crypt groupwise
highlight history sametime ssl statistics texteffect yahoo -addbookmarks
-alias -autoreplace -connectionstatus -contactnotes -debug
-emoticons-manager -gadu -irc -jabber (-jingle) -kdehiddenvisibility
-latex -msn -netmeeting -nowlistening -oscar -slp -sms -translator -v4l2
-webpresence -winpopup -xscreensaver"

root@smoker / # euse -i crypt
global use flags (searching: crypt)
************************************************************
[+ CD ] crypt - Add support for encryption -- using mcrypt or gpg where
applicable

Hope that gets you in the some sort of a direction.

Dale

:-)  :-) 

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi Dale,

On 8/17/09, Dale <rdalek1967@gmail.com> wrote:

>>
>>
>
> According to the USE flags, it appears that Kopete supports encryption.
> I have no clue how good it is or if this is exactly what you are looking
> for but you may want to look into it.
>

Yes, Kopete supports encryption. Thanks for the information. However,
I need to use QQ protocal, which isn't right now supported by Kopete.

Best regards,

Wen

> [ebuild   R   ] kde-base/kopete-3.5.10-r4  USE="crypt groupwise
> highlight history sametime ssl statistics texteffect yahoo -addbookmarks
> -alias -autoreplace -connectionstatus -contactnotes -debug
> -emoticons-manager -gadu -irc -jabber (-jingle) -kdehiddenvisibility
> -latex -msn -netmeeting -nowlistening -oscar -slp -sms -translator -v4l2
> -webpresence -winpopup -xscreensaver"
>
> root@smoker / # euse -i crypt
> global use flags (searching: crypt)
> ************************************************************
> [+ CD ] crypt - Add support for encryption -- using mcrypt or gpg where
> applicable
>
> Hope that gets you in the some sort of a direction.
>
> Dale
>
> :-)  :-)
>
>


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[J. Roeleveld]

On Monday 17 August 2009 16:53:43 Xianwen Chen wrote:
> Hi Dale,
>
> On 8/17/09, Dale <rdalek1967@gmail.com> wrote:
> > According to the USE flags, it appears that Kopete supports encryption.
> > I have no clue how good it is or if this is exactly what you are looking
> > for but you may want to look into it.
>
> Yes, Kopete supports encryption. Thanks for the information. However,
> I need to use QQ protocal, which isn't right now supported by Kopete.

Actually, Kopete does support QQ:

[ebuild   R   ] kde-base/kopete-4.2.4-r1  USE="addbookmarks alias autoreplace 
contactnotes handbook highlight history jabber msn nowlistening oscar otr 
pipes privacy qq ssl statistics texteffect translator urlpicpreview yahoo (-
aqua) -bonjour -debug -gadu -groupwise -jingle (-kdeprefix) -latex -meanwhile -
testbed -webpresence -winpopup" 0 kB

But you may need to unmask this version.

--
Joost

Re: [gentoo-user] Network message encryption

[Saphirus Sage]

Xianwen Chen wrote:
> Hello all,
>
> I'm looking for a network message encryption method. Please kindly
> tell me if you know any Instant Messenger which supports encryption.
> Thank you very much!
>
> Best regards,
>
> Wen
>
>   
Well, for instant messengers, most do support some form of encryption,
such that Empathy, Pidgin or any other client which can handle MSN must
use encryption, as everything is sent over SSL. But, in general, I would
suggest Pidgin, as via a plugin, it can be used in combination with OTR
(Off-The-Record) which uses public-key encryption between clients, and
ontop of that, there's even a plugin for pidgin which uses RSA instead,
which I've found to be buggy, but is certainly a bit stronger in the
cryptographic sense.

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi Saphirus,

On 8/17/09, Saphirus Sage <saphirus497@gmail.com> wrote:

> Well, for instant messengers, most do support some form of encryption,
> such that Empathy, Pidgin or any other client which can handle MSN must
> use encryption, as everything is sent over SSL. But, in general, I would
> suggest Pidgin, as via a plugin, it can be used in combination with OTR
> (Off-The-Record) which uses public-key encryption between clients, and
> ontop of that, there's even a plugin for pidgin which uses RSA instead,
> which I've found to be buggy, but is certainly a bit stronger in the
> cryptographic sense.
>
>

Thanks very much for the information. I'm emerged pidgin-otr, and it
works well! I didn't go for the RSA plugin, since it was buggy, and
OTR is enough for me.

Best regards,

Wen

-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[Mike Kazantsev]

[-- Attachment #1: Type: text/plain, Size: 1415 bytes --]

On Mon, 17 Aug 2009 04:19:35 +0200
Xianwen Chen <xianwen.chen@gmail.com> wrote:

> I'm looking for a network message encryption method. Please kindly
> tell me if you know any Instant Messenger which supports encryption.
> Thank you very much!

I'm using gajim with TLS-enabled (transport-level encryption) connection
to the servers and built-in GPG plugin to encrypt messages, containing
some auth info, which I occasionally have to pass.
I believe pidgin also had support for such feature via one of the
standard plugins.

TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at
the server in question, so it can intercept / mangle the messages, so it
might be good idea to prefer large and reliable servers to
possibly-compromised or malicious small ones.
Furthermore, in case of XMPP, your (source) server is free to pass the
message in unencrypted form to destination server, so message can be
caught by any IP-sniffers on the route.
Then there's also remote client connection, which can be unencrypted
(no TLS/SSL) and likewise intercepted on TCP/IP level.

GPG encryption requires clients on both sides to support it, but has
benefit that all cryptographic operations are happening on client
machines, so server (or any intermediate host) is unable to spoof
conversation, provided the encryption (GPG) keys aren't compromised.

-- 
Mike Kazantsev // fraggod.net

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi Mike,

On 8/17/09, Mike Kazantsev <mk.fraggod@gmail.com> wrote:
>
> I'm using gajim with TLS-enabled (transport-level encryption) connection
> to the servers and built-in GPG plugin to encrypt messages, containing
> some auth info, which I occasionally have to pass.
> I believe pidgin also had support for such feature via one of the
> standard plugins.

Thanks for the information. I've checked the wikipedia page of gajim.
It's very interesting, however, I'm not a jabber user. But I'll check
it again if any friend of mine is using jabber, since the GPG plugin
is very attractive to me.

Best regards,

Wen

>
> TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at
> the server in question, so it can intercept / mangle the messages, so it
> might be good idea to prefer large and reliable servers to
> possibly-compromised or malicious small ones.
> Furthermore, in case of XMPP, your (source) server is free to pass the
> message in unencrypted form to destination server, so message can be
> caught by any IP-sniffers on the route.
> Then there's also remote client connection, which can be unencrypted
> (no TLS/SSL) and likewise intercepted on TCP/IP level.
>
> GPG encryption requires clients on both sides to support it, but has
> benefit that all cryptographic operations are happening on client
> machines, so server (or any intermediate host) is unable to spoof
> conversation, provided the encryption (GPG) keys aren't compromised.
>
> --
> Mike Kazantsev // fraggod.net
>


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[KH]

Xianwen Chen schrieb:
> Hello all,
> 
> I'm looking for a network message encryption method. Please kindly
> tell me if you know any Instant Messenger which supports encryption.
> Thank you very much!
> 
> Best regards,
> 
> Wen
> 

Hi,

IIRC psi can be used togetzter with gnupg. This should do ;-)

kh

Re: [gentoo-user] Network message encryption

[Hinnerk van Bruinehsen]

I use an OTR-plugin for Pidgin. It works fine with ICQ and Facebookchat
and most likely with most other protocols too.

x11-plugins/pidgin-otr

There is even a compatible Plugin for Miranda (encrypted messages to Windows).
 


On Mon, 2009-08-17 at 13:13 +0200, KH wrote:
> Xianwen Chen schrieb:
> > Hello all,
> > 
> > I'm looking for a network message encryption method. Please kindly
> > tell me if you know any Instant Messenger which supports encryption.
> > Thank you very much!
> > 
> > Best regards,
> > 
> > Wen
> > 
> 
> Hi,
> 
> IIRC psi can be used togetzter with gnupg. This should do ;-)
> 
> kh
> 

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi Hinnerk,

Thanks! I'm using it now!

Best regards,

Wen

On 8/17/09, Hinnerk van Bruinehsen <hvbruinehsen@googlemail.com> wrote:
> I use an OTR-plugin for Pidgin. It works fine with ICQ and Facebookchat
> and most likely with most other protocols too.
>
> x11-plugins/pidgin-otr
>
> There is even a compatible Plugin for Miranda (encrypted messages to
> Windows).
>
>
>
> On Mon, 2009-08-17 at 13:13 +0200, KH wrote:
>> Xianwen Chen schrieb:
>> > Hello all,
>> >
>> > I'm looking for a network message encryption method. Please kindly
>> > tell me if you know any Instant Messenger which supports encryption.
>> > Thank you very much!
>> >
>> > Best regards,
>> >
>> > Wen
>> >
>>
>> Hi,
>>
>> IIRC psi can be used togetzter with gnupg. This should do ;-)
>>
>> kh
>>
>
>
>


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

On 8/17/09, KH <gentoo-user@konstantinhansen.de> wrote:

> Hi,
>
> IIRC psi can be used togetzter with gnupg. This should do ;-)
>
> kh
>
>

Hi KH,

What's IIRC psi? Could you please provide a link?

Best regards,

Wen


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[KH]

Xianwen Chen schrieb:
> On 8/17/09, KH <gentoo-user@konstantinhansen.de> wrote:
> 
>> Hi,
>>
>> IIRC psi can be used togetzter with gnupg. This should do ;-)
>>
>> kh
>>
>>
> 
> Hi KH,
> 
> What's IIRC psi? Could you please provide a link?
> 
> Best regards,
> 
> Wen
> 
> 

Hi Wen,

IIRC = Acronym for If I Recall(or Remember) Correctly. See [1]

PSI = net-im/psi See [2] and [3]

This is from the PSI website [3]:
Using the same SSL technology that makes it possible for you to safely
shop on the web, Psi automatically encrypts its communication with
compatible IM servers to provide a secure connection over untrusted
networks like public WiFi access points. For advanced security needs,
Psi can also encrypt messages end-to-end with OpenPGP.

Regards
kh


[1] http://www.urbandictionary.com/define.php?term=iirc&r=f

[2] http://packages.larrythecow.org/?v=pkg&c=net-im&s=psi

[3] http://psi-im.org/

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi KH,

Thanks for the links. I've now understood what the psi is. Thank you very much!

Best regards,

Wen

On 8/17/09, KH <gentoo-user@konstantinhansen.de> wrote:
> Xianwen Chen schrieb:
>> On 8/17/09, KH <gentoo-user@konstantinhansen.de> wrote:
>>
>>> Hi,
>>>
>>> IIRC psi can be used togetzter with gnupg. This should do ;-)
>>>
>>> kh
>>>
>>>
>>
>> Hi KH,
>>
>> What's IIRC psi? Could you please provide a link?
>>
>> Best regards,
>>
>> Wen
>>
>>
>
> Hi Wen,
>
> IIRC = Acronym for If I Recall(or Remember) Correctly. See [1]
>
> PSI = net-im/psi See [2] and [3]
>
> This is from the PSI website [3]:
> Using the same SSL technology that makes it possible for you to safely
> shop on the web, Psi automatically encrypts its communication with
> compatible IM servers to provide a secure connection over untrusted
> networks like public WiFi access points. For advanced security needs,
> Psi can also encrypt messages end-to-end with OpenPGP.
>
> Regards
> kh
>
>
> [1] http://www.urbandictionary.com/define.php?term=iirc&r=f
>
> [2] http://packages.larrythecow.org/?v=pkg&c=net-im&s=psi
>
> [3] http://psi-im.org/
>
>


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com

Re: [gentoo-user] Network message encryption

[Thomas Kahle]

[-- Attachment #1: Type: text/plain, Size: 1069 bytes --]

Xianwen Chen wrote:
> Hello all,
> 
> I'm looking for a network message encryption method. Please kindly
> tell me if you know any Instant Messenger which supports encryption.
> Thank you very much!

Kopete with the otr use flag supports Off The Record Encryption. This is
 THE method when communicating over a totally open channel like the
internet. The message is encrypted on your computer and decrypted on the
receivers computer. A drawback is that you have to "handshake" with each
of the receivers first. New keys are generated on the fly (off the
record) such that if your secret key is compromised no old messages can
be decrypted still. Wikipedia has a small article about it and it works
quite easily once set up in kopete.

Best
Thomas

> 
> Best regards,
> 
> Wen
> 


-- 
Thomas Kahle

The fundamental theorem of algebra is open source. Like any other
mathematical theorem it can be applied free of charge and everybody
has access to its proof and can convince himself how it works. Why
should software be any different?


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 261 bytes --]

Re: [gentoo-user] Network message encryption

[Xianwen Chen]

Hi Thomas,

Thanks for your information. I would love to have a try on Kopete once
it supports QQ protocal.

Best regards,

Wen

On 8/17/09, Thomas Kahle <tom111@gmx.de> wrote:
>
> Kopete with the otr use flag supports Off The Record Encryption. This is
>  THE method when communicating over a totally open channel like the
> internet. The message is encrypted on your computer and decrypted on the
> receivers computer. A drawback is that you have to "handshake" with each
> of the receivers first. New keys are generated on the fly (off the
> record) such that if your secret key is compromised no old messages can
> be decrypted still. Wikipedia has a small article about it and it works
> quite easily once set up in kopete.
>
> Best
> Thomas
>
>>
>> Best regards,
>>
>> Wen
>>
>
>
> --
> Thomas Kahle
>
> The fundamental theorem of algebra is open source. Like any other
> mathematical theorem it can be applied free of charge and everybody
> has access to its proof and can convince himself how it works. Why
> should software be any different?
>
>


-- 
Xianwen Chen

Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com