Hi,
I have developed a foss program that ciphers data. Target audiences are groups of non-tech savvy activists, not able or not willing to use programs such as Kleopatra or Veracrypt, that need to protect highly sensitive data that needs to be accessed after an unknown amount of time (could be weeks or months, i.e. only in case of emergency). An example are antirepressive files in case of arrest, that provide the arrestee's colleagues with instructions on the arrestee's needs (medication, pets to take care of, lawyer to contact etc.). In this example, threat actors are primarily authoritarian governments.
The program consists of a serverless HTML file intended to be used in Tails in the Tor Browser, and it offers a symmetric and an asymmetric cipher mode, and an asymmetric cipher mode that includes Shamir's secret sharing for the decipher key.
It also has some extra features such as the option to export and import data from/to QR codes, and set default text fields (among other). The collective asymmetric cipher mode (the one with Shamir's secret sharing), as you can see in the docs, is made to target the threat vector of police infiltrators or collaborators.
I have detailed the cryptographic processes as diagrams and other info in the repo:
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric-collective.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/symmetric.md
The program is meant to be used collectively: e.g. a group of activists manage their files through a single key pair.
It would be awesome if somebody could take a look at the cryptographic processes and provide feedback, last thing I want to do is provide insecure software to my friends and other activists, and I want to make sure I have not made a mistake somewhere. This is not the first review iteration, but I just want to be completely sure before I mark my software as production ready.
If you know somebody that has the needed knowledge to review this I would greatly appreciate it if you could ask them to take a look <3
Hi! :) Just as clarification, I do have experience, but I think such software should be externally reviewed by more people instead of just trusting the developer and their knowledge. However, something I do not have experience with is developing code that is free and open source, so that's maybe where my somewhat confusing statement came from ':) (edited it to be clearer). One thing is to program stuff that isn't really important to get paid, and the other thing wanting to double, tripple and quadruple check so you don't create a security risk for your friends and other like-minded people.
Yeah gpg is super powerful and simple to use if you are comfortable in the terminal, but at least a lot of people that I know would never do this.
As I say in the repo, the program is not meant to replace Veracrypt or Kleopatra (or terminal based gpg), but to be a viable option if the user is not comfortable with anything else, which would be the case for many of the people that I know.
It also incorporates some features that would otherwise be needed to be done separately in tedious processes (e.g. the program protects file names, includes sss directly into the cipher/decipher pipeline, print options and more).
But yeah, it is kind of in a niche I guess.