GNUnet Messenger API: February 2025

Hi again,

My progress on the forward secrecy in the Messenger service of GNUnet is coming to a state where I have proper testing and results. You can find the current state of tests and benchmarks in a development branch of libgnunetchat which utilize a new ping tool for the Messenger service.

The tool sends a TEXT message into a selected chat room and waits for other clients using the same tool but acting as receiver to send a TAG message back choosing the TEXT message as target. As a result the sender will measure and print out the delay between sending and receiving the response. Like that it’s possible to measure latency added via the implemented forward secrecy as well as its key exchange mechanism.

The results so far are a mixed bag to be honest. Good news is that latency and general cost by symmetric encryption is negligible once the key for an epoch is exchanged. However bad news is that the amount of messages required for a proper key exchange as well as group formation scales in relation to N square if N is the amount of epoch members. So that’s far from ideal.

graph of messages visualizing authorization issue

Therefore more work on optimization is needed for desirable usage. Otherwise I’ve written a test to verify whether the implemented forward secrecy actually solved the original problem of accessing messages without proper authorization as described in this issue. The test can run locally because a new configuration option in the Messenger service (MESSENGER_LOCAL_REQUEST) allows disabling local requests to only forward its response to the original requesting client.

I’ve also added another option (MESSENGER_GROUP_KEYS) to optionally disable group keys to compare benchmark results without the group formation in each epoch. Technically it does reduce the overall cost from key exchange when disabled at the moment but it doesn’t seem to be the main problem. Also the original idea behind groups was to optimize key exchange rather to slow it down. So something definitely wrong in my implementation.

That’s everything so far. I’m still confident I can complete this feature over the next coming months to get it merged upstream.

Kind regards,
Jacki

Read original article

Popular posts from this blog

GNUnet Messenger API: March

Image
Hi again, Last time I had big hopes to make enough progress for a first release. But I think I’m gonna delay that a bit (maybe still this month but we will see) even though I could actually complete the things, I anticipated. However here is finally the long promised video of it running on the Pinephone Pro because there’s still much to show. The back-end of the messenger-gtk application called libgnunetchat now uses the GNUnet Name Store service to manage your chats instead of using a local directory and some configuration files for each chat as before. This means that it is now possible to start the application from any directory and it will properly sync the chats depending on the account/identity selected. Next big feature is that it is possible to generate so called lobbies. Lobbies are empty chat rooms which will be shared in form of a GNS record under a newly generated zone instead of your own identity zone. This has multiple reasons: Technically your own key could ...
Read more

GNUnet Messenger API: February

Image
Hi there, At the beginning of the month I didn’t think to make that much progress. But now I get the feeling that the GUI client could come to an end next month. Why do I have this feeling? It’s looking really good already, not gonna lie. So as stated in my last update in January, loading older messages needs to be implemented as well as switching accounts during runtime. Now it is. Getting older messages still needs some tweaking to not load all older messages but it’s good enough for now. image of messenger-gtk account selection Switching accounts was more difficult to implement because I had to go back looking into the Messenger service of GNUnet itself, fixing that the service will run as user to make use of the same EGOs as the client side library in multi-user setups. The client side library ( libgnunetchat ) now exposes each of your EGOs as account with name and own directory to store the files and configurations used by the applications. Another benefit of this is tha...
Read more

GNUnet Messenger API: September

Image
Hey, this is the last post under the topic “GNUnet Messenger API”. As mentioned last time I only had a few remaining things to implement in the messenger-cli application. So that is pretty much what I did with some small caveats. The only thing not working as planned is file sharing. Let me explain this: You can already write a file path to your text input and it will send the file. When a file gets received, you can select the message, hit ENTER and download the file. However depending on your GNUnet setup uploading a file might not work. This seems to depend on user access permissions of your selected files. The best work-around I know is to use a single-user installation for GNUnet. But I hope that this can be solved properly, so users don’t have to mess with configurations. More information about this issue can be found here . The second missing part is that you can technically download the file and progress of that will be visualized. However there’s still no opt...
Read more