09-08-06, 02:07 AM | #1 |
Registered User
Join Date: Mar 2004
Posts: 10
|
CS Space
Re: CSPACE - p2p DHT secure Buddylist like WASTE open source
http://cspace.in/ What is CSpace? CSpace provides a platform for secure, decentralized, user-to-user communication over the internet. The driving idea behind the CSpace platform is to provide a connect(user,service) primitive, similar to the sockets API connect(ip,port). Applications built on top of CSpace can simply invoke connect(user,service) to establish a connection. The CSpace platform will take care of locating the user and creating a secure, nat/firewall friendly connection. Thus the application developers are relieved of the burden of connection establishment, and can focus on the application-level logic! CSpace is developed in Python. It uses OpenSSL for crypto, and Qt for the GUI. CSpace is licensed under the GPL. What applications are available now? The following applications are currently available with CSpace: Text Chat File Transfer Remote Desktop (based on VNC) How does it work? Here are some of the salient points regarding the CSpace architecture: User Identity All users create 2048-bit RSA keys for themselves. A user is uniquely identified by his RSA public key. Every user has a contact list, which is just a list of public keys known to that user. A user assigns names to the public keys in his contact list. This is done because it is easier to display & manage names rather than raw public keys. CSpace ensures that there are no duplicate names present in the contact list. This is done to allow a contact name to uniquely identify a public key in the contact list. To help with the exchange of public keys between users, a key server is used (somewhat like PGP key servers). Decentralized Network A Distributed Hash Table (DHT) based on the Kademlia protocol is used. When a user goes online, a mapping from his public key to his ip-address is created in the DHT. CSpace also registers with third party routers, so that the user can receive connections even if he is behind a nat/firewall. Connection Process When an application wants to utilize the CSpace platform, it establishes a local connection to the CSpace instance, and issues a connect request, say, something along the lines of connect(alice,TextChat). CSpace obtains the destination user's public key by looking up the name in the contact list. The DHT is used to obtain the destination user's network location (ip address). A TCP connection is established to the destination user's network address. In case the destination user is behind a nat/firewall, then a proxied connection is established using a third party router. A secure channel is established using the TLS protocol. The service name which was requested (say TextChat) is sent over the secure channel, and the destination CSpace instance responds with a success code. The application which issued the connect request is notified about the successful connection. CSpace proxies the data between the local application and the secure channel. Thus the application only sees a plain TCP connection to localhost. Screenshots |
09-08-06, 04:33 PM | #3 |
teh $
Join Date: Jun 2004
Posts: 21
|
I have been puttin some thought into starting up a gigantic Cspace community for these boards if you interested plz poste your interest here to let me know how big the community would be and if you know anything about the client (flaws/advantages/leaks/etc...) poste that too here too. Thank you. Look forward to gettin things fired up.
|
09-08-06, 05:52 PM | #4 | |
my name is Ranking Fullstop
Join Date: Dec 2001
Location: Promontorium Tremendum
Posts: 4,391
|
Quote:
|
|
09-08-06, 08:08 PM | #5 |
Join Date: Mar 2001
Posts: 7
|
My only question is:
"Remote Desktop (based on VNC) " Why?
__________________
Malk-a-mite =================== Insert clever .sig file here =================== |
09-08-06, 08:49 PM | #6 |
teh $
Join Date: Jun 2004
Posts: 21
|
from what I can tell from using it so far is that the only way for a user to browse files is for the user to connect through remote desktop or for you to send the file manually. this app is really neat though...also, there are permissions you can setup on a user based system to where who can and who cant connect to you through VNC etc...I have not figured out a way to share HD's yet but I think there is someway to allow it through permissions...just need some more time. but the app is kewl as crap so far..
|
10-08-06, 12:23 AM | #7 | |
Join Date: Mar 2001
Posts: 7
|
Quote:
*spends too much time watching the VNC bugtraq and full-disclosure postings*
__________________
Malk-a-mite =================== Insert clever .sig file here =================== |
|
10-08-06, 04:39 AM | #8 |
teh $
Join Date: Jun 2004
Posts: 21
|
still a very neat app though..I would love to see some sort of browsing of shared files/directories/roots/yadayada implemented in an easier fashion....
|
10-08-06, 11:29 AM | #9 |
my name is Ranking Fullstop
Join Date: Dec 2001
Location: Promontorium Tremendum
Posts: 4,391
|
browsing is a critical feature, imo - i often don't know i need something until i see it in somebody else's library
|
11-08-06, 08:12 AM | #10 |
teh $
Join Date: Jun 2004
Posts: 21
|
I find something everyday in messing with this program that needs work. I like the idea of coded permission it has but still that doesnt give you the ability to share a workspace etc... also, this app overwrites files instead of resuming them. there are some things that def need work with it.. if you have any experience poste your thoughts/findings/etc.. here....still a neat app though that could prove to be the next generation of p2p with enough work....the secure chat is awesome etc...
|
11-08-06, 01:58 PM | #11 |
Registered User
Join Date: Apr 2004
Posts: 42
|
at least for now , the only reason why it have much potential is the dht.
as far as security concerns it still quite far behind WASTE and specially to SILC. and hopefully cspace have a socks4a option and offline messaging or bulletin board much like filetopia bulletin board implementation. Incidentally theres Scatterchat by Hacktivismo and was launched during hackers conference last July (i think). Last edited by Dream Catcher : 11-08-06 at 02:23 PM. |
Thread Tools | Search this Thread |
Display Modes | |
|
|