[ local ]
[ off site ]
BET : BET's Encrypted Talk
Blowfish Encrypted Talk ? | Better Encrypted Talk ? |
Best Encrypted Talk ? | Bad Encrypted Talk ?
Most recent: Stable 1.1
BET will be a replacement for the classic
All data from client A to server to client B will be encrypted. This
is good. There does not exist any talk variant that currently does
By downloading any version of BET and the Blowfish library, you agree that:
- You and your computer are operating within the United States.
- You are not a foreign national.
- You are aware of the United States Export Administration
Regulations on cryptographic software.
- Diffie Hellman key exchange
- 128 bit CBC Blowfish encryption
- Superduper ciphertext viewer
- Process time random exponent generation
- biff notification: point an xbiff at $HOME/.bet.requests and
the biff will notify you of talk requests (in addition to having the
daemon write to your tty)
- Jun 24 - Project begins. Currently client connects to server
and performs Diffie-Helman key exchange.
- Jul 8 - Back from fishing. Fishing was good. Now I code.
Currently the client and daemon communicating very well. client
states name and host, and with whom to speak to, and daemon checks
utmp to see if the fellow is logged in. If so, writes a message to
the correct tty. Optimistically, if I don't do anything this
weekend, I might have some encrypted bet sessions in test.
- Jul 10 - Wow. Major rewrite. I had made a mistake early on in
the protocol and that required lots of changes. But now the clients
connect and talk to each other and stuff. I already wrote the key
exchange stuff, so shoving that in should be trivial. Maybe
tomorrow. Probably not. By next weekend i hope to have the key
exchange and at least one encryption algorithm in place.
- Jul 15 - Guess what? Another rewrite. No more forks.
Multiplexing the I/O now. Should clean up a lot of the stuff. Hope
to be back to where I was by Friday.
- Jul 18 - Most everything is done (for a ver0.0 release). Just
finished the curses stuff for the terminals. Key exchange is done.
Everything is working, cept I haven't added the actual code to do the
Oooh! A screenshot of Jeff talking to
Oooh! A screenshot of Jeff talking to
himself (from cali to mad).
- Jul 19 - I added code to take the 1024 bit secure Diffie-Hellman
exchanged key and ... mod it by 128! Yup, the first cipher
implemented in BET is a shift. Secure? No. Proof of concept?
Okay. Also some nice command line stuff. The 31337 bitstream can be
replaced with a k-r4d ciphertext viewer, or turned off. I am just
beginning to appreciate ncurses. If the BET window starts looking
too much like a circa 1989 bbs with ANSI art, just let me know and
I'll let up on the nostalgia.
- Jul 20 - All functionality for an alpha release has been
included. Clients resolve names and a specific tty can be specified
to talk to. Just need to clean up all the code and add a configure
script to it.
- Jul 21 - 128 bit Blowfish added. Slightly better than
- July 23 - Alpha available. Requires
Gnu Multiple Precision library.
This builds for certain on OpenBSD and Linux. I did not have a
successful compile of BET on Solaris. I assume the other BSDs work
- July 25 - Works on Solaris. Needed a more recent ncurses
- July 26 - Scrolling of ciphertext is more l33t now. d00d.
And backspace works better.
- July 27 - Fixed all known problems. Put in a divider. Turned
cipher hex off for default. Use -x to turn it on.
- Aug 4 - Added date output to the betd tty write. Only makes
- Aug 6 - Thought I fixed backspace. I didn't. Please try again.
- Aug 6 - I fixed backspace. I think.
- Aug 6 - Default port is 1337. That is what it was supposed to
be originally. It kinda looks like it spells "BET", but not really.
- Aug 6 - Changed the exponent generation to depend upon key
timings. This is good. Your welcome.
- I guess it's time for another
- Aug 7 - Noticed that the ut_name field of struct utmp on OpenBSD
stores the X display also, thus fooling betd when doing a strcmp().
Changed it to do a strncmp().
- Aug 8 - "./configure ; make"
- Aug 9 - I have added some safety features to improve security (for
example, not trusting betd to give out a prime). I am hard coding in a prime
and residue of proper form for the key exchange. If anyone has a 1024 bit or
greater Sophie Germain prime lying around, please give it to me.
- Aug 10 - What did I fix in the new 0.0l ? Wow. Well, now the clients
expect the prime that they were compiled with. I have a 512 bit Sophie
Germain prime as the current modulus. Small enough to foil most, but not
all. I think the first beta will have an ~ 4000 digit modulus. The
configure script is nicer, and stops when it should. I also clear out
unneeded memory better now. I still need to lock the memory required for
the Blowfish key to keep that from swapping.
There was also a typo. The clients were expecting betd to give them p, and
then x. The daemon was sending x, then p. I'm sorry. Something like this
couldn't happen now, since the clients make sure that the daemon gives them
primes. And if the prime isn't what betc expects, it tells you. If you
are using this program frequently, you definitely want this version. Lots
better than the previous.
- Aug 10 - Added mlock() around all the secret agent keys. Warns if can't
mlock() the memory.
- Aug 11 - betd now finds the least idle tty of the requested user and
writes the message to that device. Previously, the first tty encountered
while reading utmp was used. Of course, you may still specify a particular
tty that you know the user to be logged in on.
- Sep 2 - don't return -1 if stat() of device fails.
- Sep 27 - upped the version to 1.0
- Oct 28 - after a long hiatus, I have done something. A -d option adds
a small (0.0 - 0.25) second delay to the transmission of ciphertext to
thwart timing attacks.