|a collection of fast, cross-browser cryptographic algorithms
(license: BSD, repository)
|for those who wants to inspect the code or run a local instance of Clipperz web app
(license: AGPL v3, repository)
Why crypto code wants to be open
A fundamental assumption in cryptanalysis, first enunciated by August Kerckhoffs in the nineteenth century, is that the secrecy must reside entirely in the key. Kerckhoffs assumes that the cryptanalyst has complete details of the cryptographic algorithm and implementation. It was reformulated by Claude Shannon as “the enemy knows the system”.
There’s been a lot of debate by security practitioners about the impact of open source approaches on security. Clipperz stays on the side of security expert Bruce Schneier when he says:
“In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. For us, open source isn’t just a business model, it’s smart engineering practice.” (source)
And along the same lines is Vincent Rijmen, co-author of the AES algorithm:
“Not only because more people can look at it, but, more importantly, because the model forces people to write more clear code, and to adhere to standards. This in turn facilitates security reviews.” (source)
Why an open source version of Clipperz?
Because we want to enable as many people as possible to play with the very same code that is powering Clipperz online service. The goal is building trust. Trust in the code, not in its developers!
So we released the frontend code under an open source license. That was not enough. In order to allow anyone not just to inspect the code running in the user browser, but also to analyze the traffic it generates between the client (the user’s browser) and the Clipperz server, we also made available several backends that are easy to deploy.
You can choose among the available backends (PHP/MySQL, Python/AppEngine, …) or contribute your own. Whatever is your motivation for playing with Clipperz code, we would love to hear from you: get in contact!
The open source version of Clipperz is suitable for testing and educational purposes only!
As an example, the current PHP backend lacks several critical capabilities such as bot protection and concurrent sessions management, moreover it could be vulnerable to serious threats (SQL injections, remote code execution, …).
The actual Clipperz service use a far more robust backend, while the communication protocol between backend and frontend is of course identical.