Version Tomorrow is the first day of the rest of your life
lecture: The state of the pretty Easy privacy (p≡p) project and what to expect next
Easy to use automatic encryption for the masses
The pretty Easy privacy (p≡p) project has the primary goal to make encryption accessible to the masses. By experience, the initiators know from CryptoPartys that regular users -- even after getting everything explained (e.g., basics of public key cryptography) -- continue to be unable to communicate in private on a regular basis in practice. That's where p≡p jumps in: instead of just providing good privacy, privacy must also be easy to achieve. p≡p automates all steps necessary to engage in end-to-end encryption without hassling the users involved or asking questions. The p≡p project started to provide easy to use OpenPGP-compatible encryption for as many platforms as possible, with the ultimate goal to transfer all written digital communications to the GNUnet, thus not just protecting contents, but also metadata. In this talk, the basic ideas and technologic foundations of p≡p are presented. Furtherly, it's shown in which cases p≡p is already operational and what's to be expected next.
#NetworkSecurity #DeviceSecurity #Privacy
p≡p has a broad cross-platform approach. Its core is written in C99, such as to run on a wide range of platforms, including microcontrollers. Still,
application programmers don't need to interface with the engine using the unsafe C programming language. Instead, "adapters" are available, which provide bindings with an easy to use API hiding as many cryptographic details as possible. The adapters have the goal to feel as native as possible in the application programmer's programming and development environment. Such bindings are available e.g. for
End-user software already integrating p≡p exists for all major platforms (Android, *BSD, GNU/Linux distributions, iOS and Windows). In the beginning, p≡p focussed on OpenPGP-compliant email encryption using already existing technologies like GnuPG or a NetPGP fork, for platforms where GnuPG is not available. Work is undergoing, to add more transports to the p≡p engine, such as to support XMPP-based communication channels or finally GNUnet, a fully decentralized framework for spanning a secure peer-to-peer network, basically replacing the current Internet stack. That is, in the very end, p≡p users shall be able to engage in secure peer-to-peer communications with a zero-touch experience.
An important trust anchor in the p≡p project is the Swiss-based, community-focussed and tax-free p≡p foundation, which holds all the rights on trademarks, the p≡p engine and adapters. The p≡p foundation ensures that all software, which is released under the name of "pretty Easy privacy" (be it commercial or not) gets code-audited, thus to avoid having backdoored implementations. The p≡p foundation is controlled by radical privacy advocates based in Germany and Switzerland.
As a project in line with the Cypherpunk Manifesto, all software published by the p≡p project itself is available as Free Software (under the GNU GPLv3).
- p≡p foundation website (providing the core technology)
- Wikipedia article on pretty Easy privacy (p≡p)
- p≡p press release of the first code audit of the p≡p engine (v0.8)
- Source code repository of p≡p's core technology (GNU GPLv3)
- Overview of p≡p software end-user software (everything Free Software)
- p≡p White Paper
- Speaker's page in SHA2017 wiki