Magic Wormhole/SPAKE2
Securely send files between two computers with minimum fuss
SPAKE2 is a modern academic password-authenticated key exchange mechanism, originally designed by two security researchers from Ecole Normale Superieure. It allows to set up an ad hoc encrypted channel between two users that share a combination of words in real-time. Magic Wormhole is an open source implementation of SPAKE2 (both client and server) by Brian Warner, one of the founders of the TAHOE-LAFS.
The server part of Magic Wormhole can creating a rendez-vous/relay, so it can be used in a LAN, behind firewalls, NATs, etc. There are many cases in which a person wants to quickly exchange a file in an untrustworthy environment (say a presentation deck) without running either the risk of an Evil Maid attack or uploading to a trusted server and then giving someone access to that. Most people do not even have such a trusted infrastructure, which forces them to trust their data to third parties. This solution allows for very user-friendly exchange of files with modern encryption, without the need for anything else. Secure exchange of files is a critical problem of all ages, this solution has potentially disruptive qualities.
This project will try to make SPAKE2 primitives available to mobile app developers and will support standardisation of SPAKE2 inside the IETF.
- The project's own website: https://github.com/warner/magic-wormhole
Run by Least Authority
This project was funded through the Internet Hardening Fund, a fund established by NLnet with financial support from the Netherlands Ministry of Economic Affairs and Climate Policy.
