A cikin iyakokin aikin (Tinfoil Chat) an yi ƙoƙarin ƙirƙirar tsarin saƙo mai karewa wanda zai kiyaye sirrin wasiƙu ko da an lalata na'urorin ƙarshe. Don sauƙaƙe binciken, an rubuta lambar aikin a cikin Python da mai lasisi a ƙarƙashin GPLv3.
A halin yanzu tsarin saƙon da ke yaɗuwa waɗanda ke amfani da ɓoyayyen ƙarshen-zuwa-ƙarshen suna ba ku damar kare wasiku daga shiga tsakani a kan sabar tsaka-tsaki da kuma nazarin zirga-zirgar ababen hawa, amma ba su kariya daga matsaloli a gefen na'urar abokin ciniki. Don daidaita tsarin dangane da ɓoye-ɓoye na ƙarshe-zuwa-ƙarshen, ya isa a daidaita tsarin aiki, firmware ko aikace-aikacen manzo akan ƙarshen na'urar, alal misali, ta hanyar cin gajiyar raunin da ba a san su ba, ta hanyar gabatarwar farko na software ko alamomin hardware. a cikin na'urar, ko ta hanyar isar da sabuntawa ta ƙirƙira tare da bayan gida (misali, lokacin ba da matsin lamba ga mai haɓakawa ta sabis na leken asiri ko ƙungiyoyin masu laifi). Ko da maɓallan boye-boye suna kan wata alama ta daban, idan kuna da iko akan tsarin mai amfani, koyaushe yana yiwuwa a gano hanyoyin aiki, kutse bayanai daga madannai, da saka idanu kan fitarwar allo.
TFC tana ba da hadaddun software da kayan masarufi waɗanda ke buƙatar amfani da kwamfutoci daban-daban guda uku da mai raba kayan masarufi na musamman a gefen abokin ciniki. Ana watsa duk zirga-zirga yayin hulɗar mahalarta saƙo ta hanyar cibiyar sadarwar Tor da ba a san sunansu ba, kuma ana yin shirye-shiryen aika saƙon ta hanyar ɓoyayyun sabis na Tor (ana gano masu amfani ta ɓoye adiresoshin sabis da maɓallan lokacin musayar saƙo).
Kwamfuta ta farko tana aiki azaman ƙofa don haɗawa da hanyar sadarwa da gudanar da ɓoyayyen sabis na Tor. Ƙofar ɗin tana sarrafa bayanan da aka riga aka ɓoye kawai, kuma sauran kwamfutoci biyu ana amfani da su don ɓoyewa da ɓoyewa. Kwamfuta ta biyu za a iya amfani da ita ne kawai don rage ɓoyewa da nuna saƙonnin da aka karɓa, kuma na uku kawai don ɓoyewa da aika sabbin saƙonni. Don haka, kwamfuta ta biyu tana da maɓallan ɓoyewa kawai, na uku kuma maɓallan ɓoyewa kawai.
Kwamfutoci na biyu da na uku ba su da haɗin kai kai tsaye zuwa cibiyar sadarwar kuma an raba su da kwamfutar gateway ta hanyar kebul na musamman na USB wanda ke amfani da "” kuma a zahiri yana watsa bayanai ta hanya daya kawai. Mai raba bayanai yana ba da damar aika bayanai kawai zuwa kwamfuta ta biyu kuma kawai karɓar bayanai daga kwamfuta ta uku. Jagoran bayanai a cikin mai raba yana iyakance ta amfani da shi (hutu mai sauƙi a cikin layin Tx da Rx a cikin kebul ɗin bai isa ba, tunda hutu baya ware watsa bayanai a cikin kishiyar hanya kuma baya bada garantin cewa ba za a yi amfani da layin Tx don karantawa ba, kuma layin Rx don watsawa. ). Ana iya haɗa mai rarrabawa daga sassa masu yatsa, () kuma ana samun su ƙarƙashin lasisin GNU FDL 1.3.
Tare da irin wannan makirci, ƙofar yana raguwa sami damar yin amfani da maɓallan ɓoyewa kuma ba zai ba ku damar ci gaba da kai hari kan sauran na'urorin ba. Idan kwamfutar da ke cikin maɓallan ɓoye bayanan sun lalace, ba za a iya isar da bayanan da ke cikinta zuwa duniyar waje ba, tunda ana iyakance kwararar bayanai ta hanyar karɓar bayanai kawai, kuma ana toshe ta hanyar diode data.
Encryption yana dogara ne akan maɓallan 256-bit akan XChaCha20-Poly1305, ana amfani da aikin hash a hankali don kare maɓallan tare da kalmar wucewa. . Don musanya maɓalli ana amfani dashi (Dokar Diffie-Hellman dangane da Curve448) ko maɓallan PSK (). Ana isar da kowane saƙo cikin cikakkiyar sirrin gaba (PFS, ) bisa Blake2b hashes, wanda keɓance ɗaya daga cikin maɓallai na dogon lokaci ba ya ƙyale ɓarnawar zaman da aka kama a baya. Tsarin aikace-aikacen yana da sauƙin gaske kuma ya haɗa da taga da aka raba zuwa wurare uku - aikawa, karɓa da layin umarni tare da log na hulɗa tare da ƙofar. Ana gudanar da gudanarwa ta hanyar musamman .
source: budenet.ru