Witcrypt is a protocol designed to provide end-to-end encryption for 1:1 and N:N users secure interaction. It is originally developed for use in witkit.com for group collaboration, instant messaging and file sharing. The protocol is available for the web, native applications, and mobile devices.
The protocol design assumes that the communication channels that are used for data transmission are insecure and can be analyzed, logged, and modified in real-time by a 3rd party. The goal is to achieve a security level of the client computer (or mobile device), where no default trust is required for a network or service platform provider.
The Witcrypt cryptographic scheme uses a combination of elliptic curve Diffie–Hellman (ECDH) key exchange, elliptic curve digital signature algorithm (ECDSA), AES-256 symmetric-key algorithm for payload encryption and the HA-256 hash function.
To facilitate Witcrypt, support for both the client and server components are used. The client side library is open-source and provides cryptographic primitives by which data can be encrypted before being transmitted through a network or verified and decrypted afterwards. The server API is used to store/access information primarily encrypted on client side. No secret keys are shared with server at any time.
In order to utilize the Witcrypt protocol, it is required to create a key pair. The Key Pairs are created from a user's passphrase. This process also involves several steps to prevent brute-force attacks are is considerably slow.
For usability purposes and automation of certain operations, a user may decide to register a public key as part of a newly created key pair with the server API.' The result is that this piece of information can be publicly accessible.
Passphrase verification for previously used key pairs involves a public key comparison operation. Re-created public key pair's should match a stored one, otherwise the passphrase is considered invalid and needs to be entered again.
Once a key pair is activated, the user can create and manage access keys. Access keys are used to encrypt/decrypt user generated content. Content can be arbitrary, and combined into logical groups and shared securely between certain participants. To achieve this, every group is required to have an associated access key which can be distributed securely (automatically or upon request) among all group participants.
Client side actions:
Server API actions:
When a user key creation is needed, the user is required to specify the other party's public key that they are granted with. A shared secret is calculated and used as an intermediate symmetric key to encrypt the actual access credentials. Therefore every access key can be accessed and decrypted locally only by a designated user and his activated key pairs
Once an access key is created it can be assigned to a designated user with the server API. There are two options for key owner to assign access keys to other participants:
Every access key is identified and accessed by ID which is derived from underneath access credential. Thus every access key assigned to different users will have the same ID if it represents access with the same credential.
Once the access key is activated, a user can perform encryption and decryption operations. Each encryption (in the form of a crypto container) will contain information about an access key being used and a digital signature that is calculated by the user who encrypted the data. The recipient must ensure that the signature is valid, and created by a known and trusted user.
To maximize security, the Witcrypt client library can be stored locally, re-audited and executed from local copy to ensure it contains the trusted code only. This model eliminates the risk of code being modified or hacked while in transmission. This also provides reliable protection from cross-site scripting (XSS) and website spoofing.
This model is based on the demarcation of the crypto-library and other client code which the user receives over the network. Communication between these are based on sending and receiving simple messages without the ability to directly access and control any program structures. Therefore if an exploit or vulnerability is found in the client code, it would not allow the hacker to get direct access to passphrases or key pairs.