Brussels / 4 & 5 February 2017

schedule

p≡p – pretty Easy privacy


p≡p – pretty Easy privacy:

p≡p stands for pretty Easy privacy: We are thoroughly easing the use of well-known and established end-to-end cryptographic tools for already existing and widely used written digital communication channels (like e-mail, SMS or chat). Ultimately, p≡p wants to change the default in written digital communications: from unencrypted, unverified and unanonymized to encrypted, verified and anonymized – This means a unique and huge improvement for businesses, for public offices as well as for all citizens.   p≡p's protocols automate the steps taught to users at cryptoparties. Thus, we are able to provide total protection on a state of the art expert encryption level for everyone regardless of their technical knowledge or expertise and for a substantial portion of their communication needs. Our mission and message to clients and users is: With p≡p we automate all the steps to protect your personal security and privacy by default.   p≡p supports multiple platforms (iOS, Android, Linux, BSD, MacOS, Windows), multiple languages, multiple crypto technologies, multiple message transports as well as devices and protects even metadata. We offer a 100% Peer-to-Peer, End-to-End and device based secure synchronization of keys and configuration that is cheaper, faster, easier and better than any existing solution (“Faster” measures download and install. The p≡p Installer takes less than 10s, asks no question and for no information). Development wise we provide very simple APIs to allow for easy integration of p≡p into application programming.   p≡p is organized as (1) p≡p foundation, a non-profit organization that owns the p≡p engine and supports Free and Open Source Software and Privacy by Default; and (2) p≡p security, an enterprise to distribute p≡p applications and respective services (B2B and B2C).   All software published by p≡p foundation is and shall forever remain open source as well as freely available for the general public. All our software is and will be subject to an independent code review.   In summary p≡p innovates on multiple fronts to change the defaults: It Makes Digital Privacy Easy – and empowers the user to have Privacy on an Free and Open Source basis.

p≡p – pretty Easy privacy

=== Overview and Organization ===

The Right to Privacy and the Right to Freedom of Information are part of the inalienable Human Rights. We want the Internet to become a secure place for everyone. We want people and organizations to gain back their constitutional rights to communicate in private in the most effective way possible.

p≡p stands for pretty Easy privacy: We are thoroughly easing the use of well-known and established end-to-end cryptographic tools for already existing and widely used written digital communication channels (like e-mail, SMS or chat). Ultimately, p≡p wants to change the default in written digital communications: from unencrypted, unverified and unanonymized to encrypted, verified and anonymized.– for businesses, for public offices as well as for all citizens.

p≡p was founded by Volker Birk and Leon Schumacher in 2012. It's organizational structure is as follows: 1. p≡p foundation, a non-profit organization established under Swiss law that owns the p≡p software core engine and supports Free and Open Source Software and encryption by default (cf. https://pEp.foundation/). 2. p≡p security, enterprises incorporated in Switzerland and Luxembourg and licensed by p≡p foundation to spread p≡p software in B2B and B2C (cf. https://www.prettyeasyprivacy.com/).

All software published by p≡p foundation is and shall forever remain open source as well as freely available for the general public. All software will be subject to independent code reviews for all the releases, and the full technical reports will be published.

=== Usability, Applications/Implementations (cf. also Figure 1 in attached file)===

Basically, p≡p's protocols automate all the required steps to install and use existing encryption tools for the user. On a technical level, we made the APIs as simple as possible in order to facilitate application programmers to easily integrate into p≡p and thus provide encryption by default in other software programs. Accordingly, p≡p is able to offer the following features: - Total Protection: p≡p is the only cybersecurity solution that protects users automatically across all of their written digital communications: e-mail, messaging and SMS. - No Spearfishing: p≡p shuts the door on spearfishing and whaling, by authenticating trusted senders with color codes from those that are not. - 100% Peer-to-Peer, End-to End and device based - Ease of use: hassle-free installation, automatic configuration and integration, no more key management, Fingerprints ≡ Trustwords - Interoperability: convergence of messaging systems and devices (via KeySync) - Cross-platform support: free choice of multiple platforms.

Currently the following implementations are available (cf. also Figure 2 in attached file):

  • Thunderbird/Enigmail: to be released in the coming weeks
  • Windows/Outlook: https://pep.digitalcourage.de/lng/en/shop/p8801p-for-outlook.html
  • p≡p for Android: Beta app already available on the Google Play Store (https://play.google.com/store /apps/details?id=pep.android.k9) and F-Droid (https://f-droid.org/repository/browse/?fdid=pep.android.k9)
  • p≡p for iOS: to be released in the 4th Quarter of 2016.

=== Technology (cf. also Figure 3 in attached file) ===

p≡p consists of three components: - p≡p engine - p≡p adapters - p≡p plug-ins, add-ons and apps. Please consult the https://cacert.pep.foundation/trac/ site to get most detailed, complete and up-to-date (work-in-progress) resource status in this regard. For portability reasons, the p≡p engine is written in C99 programming language. The p≡p engine implements formats, applies cryptography, manages keys and trust and drives message transports. p≡p can also be made available for microcontrollers (on IoT components) with only minimalistic hardware. Part of the p≡p engine distribution is a replacement for GnuPG, NetPGP-et, a PGP implementation for platforms where GnuPG is not available (cf. https://cacert.pep-project.org/trac/browser/netpgp-et/). Any developer of add-ons, plug-ins, apps or desktop applications developer does not need to deal with cryptographic functionalities accessible by the p≡p engine; instead p≡p adapters are providing an easy API in the language and the native development environment of the application programmer. A list of repositories and adapters can be found here: https://cacert.pep.foundation/dev and here: https://letsencrypt.pep.foundation/dev.

=== Further Information ===

  • Documents like White Paper (https://pep.foundation/docs/pEp-whitepaper.pdf) and Code Audit (https://pep.foundation/docs/code-audits/2016-report-pepengine-v0.2e.pdf) can be found here: https://pep.foundation/docs/
  • Volker Birk’s talk at the “GHM-GNU Hacker's Meeting 2016”, Rennes: Part 1: http://videos.rennes.inria.fr/Workshop-GNUHackersMeetings2016/expose-GNUVolkerBirk18aout2016.mp4 and Part 2: http://videos.rennes.inria.fr/Workshop-GNUHackersMeetings2016/expose2-GNUVolkerBirk19aout2016.mp4

Speakers

Volker Birk

Attachments

Links