[Remops] New Zax-style nymserver with forward secrecy

Jeremy Bentham Admin jeremyadmin at anemone.mooo.com
Wed Aug 13 16:54:01 BST 2014 

I wanted to let people know that we have developed a nice GUI client
script for using the enhanced Zax-style nymserver at nym.now.im.
The 'enhanced' nymserver uses ephemeral encryption on all
non-configuration messages sent to and received from the nymserver.

The new GUI client is written in python and supports nym
creation/deletion/reconfiguration as well as receiving messages
addressed to the nym via a.a.m and sending messages from the nym.

Source code and installation instructions for the GUI client are at:

https://github.com/felipedau/nymphemeral

Source code for the enhanced nymserver is cloned from Zax's original
nymserver code (thanks Zax!) and is at:

https://github.com/rxcomm/nymserv

Finally, details on how the ephemeral encryption works, as well as
the nymserver's public key and some other information are at:

http://nym.now.im/nymserver

As always, feedback is appreciated. For a bit more time, I am running
the nymserver logs in full debug mode so consider the operation
experimental and don't use it for anything sensitive at this point. I
will make a further announcement in a few weeks when I shut down the
logging and move the nymserver into production mode.

A couple of other notes: 1) The nymserver should also function as a
standard Zax-style nymserver, with or without symmetric encryption. 2)
It is not recommended to use both ephemeral and symmetric encryption
simultaneously. 3) More details on ephemeral encryption (why it is
important, as well some details about the Axolotl protocol used with
nym.now.im) can be found at https://github.com/rxcomm/pyaxo


On Thu, May 01, 2014 at 04:46:39PM +0200, Jeremy Bentham Admin wrote:
>I've been having some fun playing with Zax's nymserver script.
>
>I added the use of ephemeral symmetric encryption keys for forward
>secrecy on posts to a.a.m as well as mail sent to the nymserver's
>send address. Ephemeral keys are managed using the Axolotl protocol.
>
>Before I turn this loose, I'd appreciate some feedback on how
>things work. Details for using the nymserver, including the public
>key and a script to handle client-side ephemeral encryption can be
>found at:
>
>  http://nym.now.im/nymserver/
>
>Right now you should consider this nymserver in beta mode. I'm running
>full debug output on the logs. Don't use it for anything sensitive.
>
>I'll post my code after I get some feedback and make sure things are
>working okay.  Making the changes was pretty straightforward, thanks
>to Zax's neat coding style.
>
>Let me know what you think.
>
>-- 
>Jeremy Bentham Remailer Admin
>Key fingerprint = D7DE B0DF E6F9 9256 A070  B841 1942 840B 8743 B6B5



-- 
Jeremy Bentham Remailer Admin
Key fingerprint = D7DE B0DF E6F9 9256 A070  B841 1942 840B 8743 B6B5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.mixmin.net/pipermail/remops/attachments/20140813/b241afc7/attachment.sig>

More information about the Remops mailing list