- Attackers may attempt active network interception, replay, or message tampering on untrusted networks.
- Malicious peers could try to exhaust resources via oversized frames, rapid reconnects, or crafted handshake data.
- Offline adversaries may capture encrypted traffic and attempt password guessing or key derivation attacks.
- Compromised endpoints are out of scope; the focus is on securing transport and key derivation between honest nodes.
- Password-based encryption now relies on Scrypt with parameters
N=2**15,r=8,p=1, andlength=32bytes. - Each encrypted payload stores a 16-byte random salt and 12-byte nonce before the ciphertext. These values must be supplied on decryption to recompute the AES-256-GCM key stream.
- Ephemeral session keys from X25519 handshakes are mixed with the Scrypt-derived PSK via HKDF (
SHA-256, info"neccrit session") to ensure forward secrecy even if long-term secrets leak.
- Nodes perform an ephemeral X25519 Diffie-Hellman exchange per connection. The shared secret is strengthened with HKDF and the deterministic PSK derived from the shared password.
- QR codes generated by
qr_utils.pyshould distribute only public information (peer display name and base64-encoded public key). Never embed passwords or private keys in QR payloads. - Users should verify public-key fingerprints out-of-band before trusting new peers (Trust-on-first-use is discouraged for high-risk environments).
- Messages include a 32-hex-character
msg_idand a Unix timestamp. Receivers maintain a bounded, TTL-protected LRU cache (300s / 10k entries) per peer to block replays and stale traffic. - Frame sizes are capped at 256 KiB, sockets enforce 10s timeouts, and connection attempts are rate-limited (20 per 30s per IP) to mitigate resource exhaustion.
- Open a private report via GitHub Security Advisories for this project.
- We aim to acknowledge reports within 3 business days and provide status updates every 7 days until resolution.
- Security updates currently target the
mainbranch; legacy releases are unsupported. Consumers should track the changelog for hardening updates.
The repository contains optional add-ons under addons/ that provide cover-traffic and steganography
features intended for research and defensive privacy studies. These modules are disabled by default.
Operational rules:
- Official core releases (artifact
neccrit-core-*.tar.gz) excludeaddons/. - To enable add-ons locally, use
python tools/enable_addons.pyand follow the confirmation prompt. - Steganography (
ENABLE_ZW_STEGANO) requires a second explicit confirmation (tools/enable_stegano.py). - Each enabling action is logged locally in
data/audit.log. - For distribution to third parties or enterprise use, prefer
neccrit-coreartifact or removeaddons/entirely.
If you are unsure about legal implications in your jurisdiction, consult legal counsel.