Lizard
E2E Rendez-vous and discovery
The Lizard project aims to develop a common protocol for end-to-end encrypted social applications using Tor as underlying transport mechanism, with the addition of store-and-forward servers discovered through the Tor hidden service directory. The protocol takes care of confidentiality and anonymity concerns, and adds mechanisms for easily synchronising application-level state on top. All communications are done "off the grid" using Tor, but identities can be publicly attested to using existing social media profiles. Using a small marker in your social profiles, you can signal to other Lizard users that they can transparently message you over Lizard instead. By taking care of these common discovery and privacy concerns in one easy-to-use software suite, we hope that more applications will opt for end-to-end encryption by default without compromising on anonymity.
- The project's own website: https://lizard.chat
Why does this actually matter to end users?
One of the things people enjoy the most about the internet, is that it enables them to talk to others remotely almost without limit. Internet allows anyone to keep closely connected with friends and family, and help their kids solve a math problem while they are at work. People collaborate with their colleagues from the couch of their living room, the cafe where they enjoy lunch or on their cell phone on the bus to the gym. Businesses can easily service their customers where this is most convenient to them, without having to travel themselves. This is so convenient, that some businesses have already moved entirely online. Internet communication has become the nerve center of whole neighbourhoods, where people watch over the possessions of their neighbours while these are away for work or leisure.
Connecting and communicating online begins with search and discovery and this is a crucial starting point that users should be able to trust. Ask yourself this: how do you find the person you want to talk with and how can you be sure they are who they say they are? And who logs what names and addresses you are looking for and how long your call was, where you connected from and with whom? Can you still be reached in any other way when your account is removed? Not all service providers give you clear answers to these very relevant questions. And probably the right answers are even more important in less democratic societies where this type of information is critical to bring down opposition and stifle human rights.
One popular method to attempt to anonymize ones internet presence is to use the Tor network. Tor is a network of millions of computers and users that send messages among each other to confuse someone watching internet traffic. This project uses the Tor network to let users safely and privately communicate with each other. Users can keep their existing social media profiles to find and connect new contacts, but use the new end-to-end encryption protocol this project will develop to talk and work privately. They simply show that they can use this technology, for example with a little marker on their social media profiles. This combines the best aspects of search and discovery with user-centric privacy protection, putting the user in the driver seat over how they communicate online.
This project was funded through the NGI0 Discovery Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.
