Home   > SILC Project   Software   Support   Community   SILC Network

About SILC   History   Contact Us   SILC Worldwide   News   In The Press

SILC Project   SILC Protocol     Overview Features Security Specifications White Paper

SILC Protocol     Security   The entire SILC network is secured and sending plaintext or unprotected messages is not possible. It is not possible to turn off the security features of the protocol. The security is not optional, external plug-in to the protocol, but integral and designed part of it. All sensitive information, such as, passwords and passphrases are never sent cleartext in SILC network. SILC protocol also supports anonymity to protect the origin of the user in the network.   The transport for the SILC packets is protected with secure binary packet protocol, which assures that the contents of the packets are encrypted and authenticated. The SILC packets are used to deliver all types of messages, commands, notifications and other packets. The packets are encrypted with session keys, message specific keys, or both, and authenticated with computed Message Authentication Codes (MAC). SILC packets can also be compressed to reduce the size of the packets.   The messages sent in the network, such as channel messages and private messages, are secured with message specific keys. Channels always have channel specific keys and channel messages are encrypted and authenticated with those keys. Private messages are secured by default with session keys, but they can also be secured with private message specific keys. All messages can also be digitally signed.   The keys to secure the packets and messages are generated with SILC Key Exchange (SKE) protocol, which is part of the SILC protocol suite. The SKE provides mutual authentication, uses digital signatures and Diffie-Hellman key exchange algorithm. It is possible to execute the SKE protocol between two users in the SILC network. The resulted keys can then be used to for example secure private messages or file transfer stream between the two users.   SILC protocol has also been designed so that it can fail securely. This means that even if some server or even router is compromised in the network the whole network is still not compromised. The protocol can also recover from security failure very fast, just by removing the compromised part from the network.   These security features designed into the core protocol guards the user against passive attacks and active attacks. For example, attacks like eavesdropping, replay attacks, man-in-the-middle attacks, IP spoofing, forgery attacks, etc. are ineffective. The SILC protocol has been designed from attacker's point of view to render all known attacks ineffective or inapplicable against SILC.   All security features in SILC are traditional and common in the world of cryptography. We have not invented any new algorithm or securing method, and there is no magic about the security of SILC. The SILC protocol specifications are openly developed in the IETF and everyone can verify the specifications. We are very humble when it comes to the security of SILC. It has been very complex and difficult task to develop new network security protocol.     Security Specifications   Ciphers AES, twofish, cast, serpent, rc6, mars, possibility for implementation to negotiate others.   Cipher key lengths Default 256, optionally 192 and 128 bits, possibility for implementation to negotiate others.   Encryption modes Default CBC with inter-packet chaining. Recommended Counter Mode (CTR). Optionally randomized CBC mode. Possibility for implementation to negotiate others. CTR mode in SILC is statefull in encryption and decryption.   Public Key Algorithms RSA, DSS, Diffie-Hellman, possibility for implementation to negotiate others. RSA in SILC is PKCS #1 version 1.5. Diffie-Hellman is used as the basis of SILC Key Exchange (SKE) protocol.   Public keys and certificates Supported key types are SILC public key, SSH2 public key, X.509 certificate, OpenPGP certificate and SPKI certificate.   SILC Public Key A simple RSA or DSS public key including information about the posessor of the key, such as, hostname, username, real name, etc. SILC Public Keys are not certificates and specifications does not define a public key infrastructure (PKI) usage for SILC Public Keys.   Key Exchange SILC Key Exchange (SKE) protocol. Uses Diffie-Hellman, digital signatures, provides mutual authentication, supports rekey with and without Perfect Forward Secrecy (PFS).   Diffie-Hellman Groups Supported well known groups of 1024, 1536, 2048 bits, possibility for implementation to negotiate others.   Connection Authentication SILC Connection Authentication protocol. Possibility to authenticate connection to server with passphrase or public key authentication based on digital signatures. Possibility to connect without explicit authentication.   User Authentication Authentication Payload provides user ability to authenticate itself to server to gain access to additional privileges or services. Authentication methods based on passphrase or public key authentication based on digital signatures.   Hash Functions SHA1, MD5, possibility for implementation to negotiate others.   MAC Algorithms hmac-sha1-96, hmac-md5-96, hmac-sha1, hmac-md5, possibility for implementation to negotiate others.   MAC Computation MAC is computed in Encrypt-Then-MAC order. The plaintext is first encrypted and MAC is computed from the ciphertext. For packet MAC also packet sequence number is used in MAC computation.   Padding All SILC packets are padded. Minimum padding length is 8 bytes, maximum 128 bytes. Message Payloads are also padded separately, and maximum padding length is 256 bytes.   Packet Encryption Packet header is encrypted with session key. The encryption of data area of the packet depends on the data payload in the data area. It may be encrypted with session key or key specified for the data payload encryption, for example with message key for messages. MAC for the packet is computed after encryption. The Initialization Vector (IV) used in encryption by default is not included in the ciphertext. Encryption and decryption is statefull. Possibility to add the IV with the ciphertext.   Message Encryption Message Payload provides encrypted and authenticated channel and private messages. Encrypted with message specific key. Messages have message specific MAC computed after encryption. The IV is always delivered with the message ciphertext. Message can be digitally signed by the sender. Possibility to use message private keys, that are generated or negotiated outside the SILC network.   Secure File Transfer Default file transfer protocol is SFTP, possibility for implementation to negotiate others. File transfer stream is secured with the algorithms and keys negotiated with SKE protocol between the file exchange parties.   Key Management Session keys are regenerated periodically. Rekey is performed with SKE, and can be performed with PFS. Channel keys are regenerated periodically by the server. Possibility to use channel private keys that servers do not know. Possibility to use private message keys negotiated using SKE between two users. File transfer key regenerated periodically with SKE rekey, and can be performed with PFS.

Got SILC? Download the latest version of the SILC now!   > SILC Client 1.1.5 > SILC Server 1.1.11 > SILC Toolkit 1.1.7   News Sep 6, 2008 SILC Client 1.1.5 is out! Lots of bugs fixed.   Jun 22, 2008 SILC Server 1.1.11 is out. More crashbugs fixed. Keep reporting those bugs please.   Jun 22, 2008 SILC Server 1.1.10 is out. More crashbugs fixed. Keep reporting those bugs please.   > More News   SILC Documentation See our software and protocol documentation for detailed information. > Read More   SILC FAQs If you have questions check our list of frequentely asked questions and answers. > Read More

Copyright © 1997 - 2008 SILC Project. Read our Privacy Policy and Copyright Notice