User:TheBeastdot/sandbox/Huddle

Microdot Huddle is an instant messaging system with an advanced end-to-end encryption protocol focusing on privacy and multi-platform availability. Huddle clients exist for mobile (Android and iOS) devices currently. Huddle users can exchange messages encrypted end-to-end, self-destructing messages, along with photos, videos, stickers, and files of any type up to 1.5 GB in size. It is built using Telegram and TextSecure source code (including the database).

Encryption protocol
The Huddle encryption protocol is an end-to-end encrypted messaging protocol with deniability guarantees and message-level forward secrecy, similar to the Off-the-Record Messaging (OTR) protocol. It uses Curve25519, AES-256, and HMAC-SHA256 as primitives.

The TextSecure protocol is derivative of OTR. The major difference is that the TextSecure protocol uses elliptic curve cryptography (ECC) keys, whereas the OTR protocol usesDSA keys. The TextSecure protocol also compresses some data structure formats and allows the ephemeral key negotiation to work asynchronously.

There have been two major releases of the TextSecure protocol. Version 1 used the OTR ratchet and custom binary structures. Version 2 uses the no header keys variation of the Axolotl ratchet and protobuf records.

Servers
Client-server communication is protected by TLS. Communication is handled by a REST API and push messaging (both GCM and APN). Support for WebSocket has been added.

The contact discovery mechanism is designed so that the server does not have direct access to the user's contact list. In order to determine which contacts are also TextSecure users, cryptographic hashes of the user's contact numbers are periodically transmitted to the server.The server then checks to see if those match any of the SHA256 hashes of registered users and tells the client if any matches are found.

The group messaging mechanism is designed so that the servers do not have access to any group metadata such as the membership list, group title, or group icon. Instead, the creation, updating, joining, and leaving of groups is done by the clients, which deliver pairwise messages to the participants in exactly the same way that group conversation messages are delivered.

Open Whisper Systems' server infrastructure is funded through grants and donations they receive. The server-side architecture is federated. The developers hope this will help spread the cost over time. The developers of CyanogenMod already host the servers that handle the traffic for their users. As Open Whisper Systems will launch more clients, their hope is that other stakeholders will take on hosting as well.