Cryptic - An end-to-end encrypted (chat) communication system

Cryptic implements a secure messaging system:

• Uses Client Certificate to authenticate Users.

• Uses WebSocket TLS communication.

• Implements the X3DH and the Double-Ratchet cryptographic protocols.

• Admin-mediated GPG-based onboarding where users prove ownership with GPG-signed CSRs to get certificates.

Cryptic consists of:

• A server that route messages between users, and holds on to encrypted messages until they can be delivered to the receiver.

• A terminal console client.

• Local Sqlite3 database that stores historic messages (encrypted).

• A wizard script to facilitate onboarding of new users.

• Modular structure to make the core engines (X3DH & Double-Ratchet) available to be used in other contexts/applications.

• Docker images for both the server and the client exists for containerized deployment.

An external TUI (Terminal User Interface) exist, written in Rust, that connects via the Erlang distribution protocol as a hidden node. See: cryptic-tui

Demos:

Client Setup

Server Setup

Follow the containerized deployment instructions for a quick way to try out Cryptic.

Cheers, T.

ML-KEM was recently added to Erlang/OTP. Have you considered implementing PQXDH instead of X3DH?

Well, when I first read about PQXDH I was in the middle of implementing Cryptic so I just
made a mental note to take a look at it later. I guess it would be possible to implement this
I’ve created this plan for it: cryptic/docs/PLANS/PQXDH-IMPLEMENTATION-PLAN.md at main · etnt/cryptic · GitHub .

Not sure if/when I’ll implement it since right now I’m in the middle of
implementing a Mobile App for Cryptic using Flutter (and Dart). Btw, I don’t know (yet) if it
would be possible to implement PQXDH in Flutter/Dart, but I guess it would…?

Of course, nothing stops you (or anyone else) to go for it and implement PQXDH in Cryptic;
it would be great fun

Cheers, T.