To achieve it’s level of security and privacy, a few key concepts are enforced:
- Obscurity is not security. Do not assume that you’re secure because somebody does not know the rules you play by.
- Silence is a virtue. Do not respond to any invalid or unexpected requests, this allows you to hide from mass scanning attempts and some other attacks.
- Less is more. The less information you have to send, the better. The protocol only needs to send as little as possible.
- Deceive. Sending only requested data to your peers puts you at risk. Cryptor nodes will send random and decoy packets across the network to make the real ones harder to detect.
- 0 Pattern. Some ISPs and companies use advanced heuristics and ML tools to detect certain unwanted traffic and block it. By having random packet sizes and encrypted payloads makes Cryptor harder to pinpoint.
Cryptor as a package only provides the backend stack for accessing the network and managing local resources. The Cryptor clients are developed under
cryptor/cmd. Each client has its own binary and installation routine.
Visit the official documentation for a list of all clients are their purpose/usage.
You can download pre-compiled binaries from the GitHub Releases page. Always check checksum of what you download, and only download official binaries from the GitHub repo.
If you have Go installed, you can use
go get. Running
go get cpl.li/go/cryptor will download the entire Cryptor package and all clients. To download and install a specific client use
go get cpl.li/go/cryptor/cmd/<CLIENT NAME>.
The main Cryptor client is
- RFC 5869 - HKDF
- RFC 7693 - BLAKE2 MAC
- RFC 2898 - PKCS
- WireGuard Whitepaper
- Noise Protocol Framework