
99 lines
6.2 KiB

**STATUS: Not actively maintained; bibliograpy now updated in Zotero group for**
# Awesome Secure Messaging
*A curated collection of links for secure messaging. Part of the ["Awesome X" series](*
The list is periodically updated with new links. Click "Watch" in the right top corner to follow.
Your [contributions]( are welcomed.
## Table of Contents
- [Fundamentals](#fundamentals)
- [Messaging](#messaging)
- [Anonymity](#anonymity)
- [Censorship Resistance](#censorship-resistance)
- [Coercion Resistance](#coercion-resistance)
- [Attacks](#attack)
- [Applications](#applications)
## Fundamentals
- [SoK: Secure Messaging]( - evaluation of current secure messaging solutions based on security, usability and adoption
- [Viewing Privacy as a Security Property]( - presentation by George Danezis that tells the story of privacy as security, informational self-determination
## Messaging
- [Double Ratchet]( - two-party protocol to exchange encrypted messages based on shared key
- [Bramble Transport Protocol]( - transport layer security protocol for delay-tolerant networks, provides secure channel between two endpoints
- [Bramble Synchronisation Protocol]( - data synchronisation protocol for delay-tolerant networks
- [TreeKEM - Asynchronous Decentralized Key Management for Large Dynamic Groups]( - efficient way of establishing shared key for large groups with asynchronous group modification perations; proposal for Messaging Layer Security protocol (MLS); similar to Asynchronous Ratcheting Trees (ART) and an evolution thereof
- [On Ends-to-Ends Encryption]( - Asynchronous Group Messaging with Strong Security Guarantees using Asynchronous Ratcheting Trees
- [Messaging Layer Security Architecture]( - IETF draft of security layer for group messaging applications with a large number of participants
## Trust establishment
- [X3DH]( - two-party asynchronous key agreement protocol
- [Bramble QR Code Protocol]( - in-person key agreement protocol to establish a shared secret
## Session management
- [Sesame]( - session management for async and-multi device setting
## Anonymity
- [The Differences Between Onion Routing and Mix Networks]( - brief comparison
- [Anonymity Trilemma: Strong Anonymity, Low Bandwidth Overhead, Low Latency—Choose Two]( - on fundamental tradeoff for anonymous communication protocols
- [Selected Papers in Anonymity]( - meta-list of selected papers in anonymity since 1977
- [Sphinx: A Compact and Provably Secure Mix Format]( - paper on secure and compact message format for mix networks
- [Sphinx Mix Network Cryptographic Packet Format Specification]( - specification for Sphinx mix network packet format
- [Introducing Anonymous Communications slides]( - notes by George Danezis on properties, threat models, systems & attacks
- [Anonymous Communications slides at CCC]( - another overview of anonymous communication systems by George Danezis
- [What is a Remailer?]( - anonyomus remailers tutorial building up from basics
- [Cwtch: Privacy Preserving Infrastructure for Asynchronous,Decentralized, Multi-Party and Metadata Resistant Applications]( - extension of the Ricochet protocol that provides asynchronous, offline and multi-party metadata resistant messaging
## Censorship Resistance
- [Pluggable Transport]( - specification initiative to allow applications being used as transports to make network traffic harder to distinguish and block, origins in Tor
- [So you want to write a Tor pluggable transport (video)]( - lightning talk about how to write a pluggable transport for Tor
- [Selected Research Papers in Internet Censorship]( - meta-list of papers on censorship and resistance thereof
## Cocercion Resistance
- [Coercion-Resistance and Receipt-Freeness in Electronic Voting]( - academic paper that outlines ways to provide coercion-resistance for electronic voting
- [Coercion-Resistant Electronic Elections]( - paper on coercion resistance and trusted setup requirement
- [On-Chain Vote Buying and the Rise of Dark DAOs]( - on problems of user generated keys and electronic voting
## Attacks
- [The Sybil Attack]( - attack on p2p systems from cheap identity generation, requiring some form of logically centralized authority
- [Tagging Attacks]( - adversary recognizing traffic by modfiying it in acceptable fashion
## Applications
- [Briar]( - messaging app employing several censorship-resitance techniques, like direct device-to-device comms (bluetooth, wifi), Tor routing
- [Signal]( - widely used security-based messaging app with intermediate server and phone based registration, includes voice calls