Introduction

Gith allows you to share data (mails, chat conversations, documents...) and guarantees :

Gith uses the following algorithms : RSA-2048, AES-256 CBC mode and SHA1.

Creation

When you create a new account from a standalone computer (Windows, MacOS) an RSA 2048 keypair is generated.



















In two words, Gith uses the best cryptographic standards and sends only very minimal information to our servers. All security parameters (private key, password) don't leave your computer to guarantee a complete security.



Import/Export

You private key is the only way to access your account and data. It can only be found on your hard disk after your account creation.

It is then essential to keep it in a safe place, there is no way to regenerate it !
This key is protected by your password, without it you won't be able to access your account.


To limit this risk, when creating your account, you will be asked to export this private key as a QRCode. This is a representation of your key, ciphered with your username.


Then you only need to print it and keep this A4 sheet in a safe place.













In case of system crash or lost password, an import procedure allows you to scan this QRCode using any webcam or scanner and then recover your key.
This process will ask you to provide the associated username to ensure a "minimal security" and to control the key integrity.
After checking the validity of your account, Gith server will send your associated public key and your complete contact list. You have then restored your account access !



This very same import process is also used to export your key to another device (smartphone). Thanks to this, your key will never be transmitted "online", in any form.
When you travel, you simply need to take this QRCode with you to get access to your mails from any computed connected to the internet !





Contacts management

To add a new contact, you start with a request in the Yellow Pages.
If this user has accepted to be present in the Yellow Pages and if they filled at least their profile, you will be able to locate them by Name, firstname, city ...
If they didn't, you will need to known their username to add them to your contact list.


You can then protect your anonymity by only filling a part of your profile or by choosing to be invisible.
In this last case, only your accepted contacts will be able to view your profile.

When you want to add a new contact, a request is sent to them.
If accepted, Gith server sends your respective public keys which will be store locally on your KeyStore.
This keystore is protected with your password, your contact list is then protected and no-one will known with whom you're in contact..

Data management

All your sent messages (mails, documents, etc.) are ciphered using AES-256. The generated symetric key is ciphered using the public keys of each recipient.
They alone will be able to get access to this symetric key and read the contents of this message.
Because you don't cipher this symetric key with Gith's server public key, we won't be able to read your conversations.

If you lose your computer, in case of malware activity on it, stored data might be read.

To prevent this, Gith stores all received data on their ciphered form. Gith deciphers them on the fly when accessed by you. An internal mecanism is used to erase all memory traces after viewing a message (the RAM memory zone containing clear data is overwritten after usage).


By default, our servers do not store your messages. Once delivered to all their recipient, we keep no trace of them.
The Gith interface allows you to choose what you want to store "online" if you want to consult some of them from another computer/smartphone.

Software integrity

Gith uses very few external libraries and those appear only in "non-critical" parts of the software (graphical libraries, etc.).
This guarantees a complete control over the executed code and fast response time in case of discovery of bugs.