Secure Coms

This is very similar to the image encryption tool, except for audio.

Record or upload your audio message, decide the quality, encrypt and prepare for transport.

Source here

This is just another way to transform data that allows for the universal copy paste function. Transforming to base64 opens up more possibilities and compatibility for transport.

Use cases are limited but its nice to have the capability.

Server Manager

UI

Demo

This application is a local only web instance that can be spun up in termux.

Here is the source code.

Its configured to be a local only service utility although it wouldn't take much to point this to the web.

After picking a image, you can configure the compression. I found large image files basically require the compression. There is a limit to how much text you can copy...its very large...but the higher quality the image the longer this string of text will be, so you may need to lower the quality if you run into problems.

You can either copy the text directly, or download a blob as the .txt file for transport.

Termux side server manager.

Encrypted blob example.

Want to send E2E encrypted messages and video calls with no downloads, no sign-ups and no tracking?

This prototype uses webRTC to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!

Check out the pre-release demo here.

NOTE: This is still a work-in-progress and a close-source project. Its far from finished and doesnt have the user-experience needed to promote the project to a wider audience. The implementation is based on the open source MVP seen here. It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.

• Docs: https://positive-intentions.com/docs/category/sparcle
• Reddit: https://www.reddit.com/r/positive/_intentions
• Mastodon: https://infosec.exchange/@xoron
• More: https://positive-intentions.com/

I have been working on a different type of self hostable secure coms called Torum designed to install on termux. (Tor+Forum= Torum)

This implementation of secure coms relies fully on the security that a hidden onion service provides. There is no additional encryption layers in the architecture. If you have the onion address, you can access the forum in full.

The security of a onion service comes from the fact that the traffic is not leaving the Tor network and isnt exiting unecrypted. In theory any onion service should be e2ee by default.

The source for torum is here.

After running the script, the file system spawns. Below is the file system that supports the webserver.

The script is also a all in one server manager. Once it's finished running you will be prompted with 3 options.

You will also be prompted to enter a admin password on start up. This password will allow you to login on the website to delete posts and files. The login page can be found at [insertyouraddress].onion/admin

Personally, I have built this so I can host the bible. I like the idea of having a unstoppable distribution of the word of God as a online "safe haven" to not only read, but discuss and communicate in a forum like format.

With the way I have laid out my personal torum, sharing a Bible verse may not only be a thing, but a place in space and time...and that's pretty neat!

With over 30,000 individual verses, it showcases the power of this tiny webserver paired with SQLite as robust and capable considering relatively small resources a phone has.

Enjoy and feel free to modify this program for whatever you want!

A peer to peer private anonymous and secure messenger that works over tor. It's also free and open source software which gives users the freedom of changing it and redistributing it under the terms of the GNU General Public License v3.

Onion Courier is a production-ready anonymous communication system that implements a mixnet architecture over Tor hidden services. It provides strong anonymity guarantees against both local and global adversaries through cryptographic layered encryption, traffic analysis protection, and systematic cover traffic integration.

Another P2P hidden service for private messaging.

This is V1 of secure code book.

Features -Wordlist shuffling -Easy key generation -Additional key configs

Key Generator

Each of the over 58000 words is mapped to one unique arbitrary bit of information. This boolean logical circuit is the foundation of the encoding and decoding process.

This is one time pad. Used correctly, it's unbreakable.

Shannon contributed to the field of cryptanalysis for national defense of the United States during World War II, including his fundamental work on codebreaking and secure telecommunications, writing a paper which is considered one of the foundational pieces of modern cryptography,[15] with his work described as "a turning point, and marked the closure of classical cryptography and the beginning of modern cryptography".[16] His work was foundational for symmetric-key cryptography, including the work of Horst Feistel, the Data Encryption Standard (DES), and the Advanced Encryption Standard (AES).[16] As a result, Shannon has been called the "founding father of modern cryptography".

There are more ways to utilize OTP then to 2FA accounts.

Using an offline otp manager like andOTP you can generate time based codes derived from any shared secret. This can provide a whole new level of security in a scenario where Alice and Bob want to self verify a communication channel.

Broad Guide to Bootstrapping your own Codebook

Using a few key formulas you can create a functional code book with enormous keys that no computer could possibly brute force.

First let me explain how many possible keys there are in this particular example.

In this example the word list contains 3000 words. Each subsequent column labeled k1-k9 contains another 3000 bits of unique information. Each number of key columns added exponentially increases the total key possibilities.

In this schema the "Key" to encrypt and decrypt is the unique state of each cell in relation to the word list.

3000!^10 represents the amount of possibilities.

That is 2^91312 possible keys which makes aes 2^256 look completely wimpy.

Important Functions To Master To Build your Code Book

• randbetween()

-vlookup()

-ifs()

-concatenate()

All of these formulas can help automate the encode/decode process.

Ways to mitigate Frequency Analysis

-Layer the final ciphertext with other string encryption protocols.

-Increase the amount of key columns so that the encoding formula can pick a random column. This will allow the same word to be encoded multiple ways so that someone analyzing plaintext will hit a wall.

-Generate new keys. New keys can be generated by shuffling the key and wordlist columns. You can use sorting functions to randomize and shuffle the wordlist.

Ideal Operational Security

-Air gap the computers running the encoding/decoding processes

-Share the keyfiles offline

-Rotate keys often

-Destroying old keys

-Use already secured communication channels to add layers.

Final Notes

This is obviously not a convenient way to share a message. It requires dedicated hardware, and disciplined protection of the keyfiles to really be secure.

Regardless of what anyone tells you about the strength of modern encryption ciphers like AES256...do you really think a the most powerful nation in the world would release a unbreakable encryption protocol 15 days after 9/11? I don't think so pal

This is torch. A termux hosted hidden chat service.

Find it here After saving run with chmod +x torch.sh > ./torch.sh

Included features -PTT (if your browser supports it) -Lockdown mode. Adds E2EE -OTP mode. Generate time based keys to enhance security. -Voice changer -Add time stamp -Pin message to spam -File Sharing -Per room file organization -Delete server logs from web -Delete chat logs from web -Generate and spam random packets -Filter out generated noise (keep generating packets in background) -Optional per room cloudflared tunnels.

Here is the directory that is formed on startup.

Example server side chat logs with encryption enabled.

Termux Torchat can be found here

This new version implements optional rotating time based keys, and a simple implentation of rachet forward secrecy.

Deploy secure world wide coms right from your own terminal or run the server on a old phone!