-
Notifications
You must be signed in to change notification settings - Fork 0
Questions and Answers
Lantern uses the following cipher suite for all connections between peers: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA. That is, we use elliptical curve because of its shorter key lengths along with ephemeral Diffie-Hellman key exchange to preserve forward secrecy. We then use AES 256 in CBC block cipher mode instead of stream ciphers such as RC4 due to the greater number of known attacks on RC4.
What about certificates? Isn't Lantern vulnerable to man-in-the-middle attacks, especially with forged signing certificates from compromised certificate authorities?
First, Lantern connects to Google Talk servers over TLS. Lantern embeds the Google Talk signing certificate in its install and only trusts that certificate and a handful of others as trusted certificates, a sort of hard-coded form of certificate pinning. Lantern's connections between peers use self-signed certificates that are exchanged over XMPP through that trusted Google Talk connection. Lantern then only allows connections with those trusted certificates, thwarting any possible man-in-the-middle attack.
Lantern requires users to log in to Google for the following reasons:
- It allows you to easily connect with your existing Google Talk contacts via Lantern in order to bootstrap the trust network
- It allows Lantern to use Google's XMPP servers to negotiate direct P2P connections between users
- Google Talk is also largely unblocked, so it provides a channel through which Lantern can usually communicate
When you log in to Google via OAuth, Lantern stores your OAuth refresh token on your local computer in an encrypted form using your operating system's keychain.
If Google Talk is blocked, Lantern detects this and starts to tunnel access to Google Talk through fallback proxies. Those proxies are also distributed through the Lantern trust network using Kaleidoscope to keep them from being enumerated and blocked. Those proxies are also used in cases where no peers are available.
Lantern uses an algorithm called Kaleidoscope to distribute information about proxies. More information is available at Lantern's separate Kaleidoscope library implementation here. The core idea behind Kaleidoscope is to distribute information through a trust network in a limited manner such that no single actor on the trust network can enumerate all information distributed even if the trust network is compromised.
Lantern takes a number of precautions to make sure users are safe. First, Lantern does not allow any external computers to access your hard drive. Instead, Lantern simply acts as a conduit for your trusted contacts, relaying their requests to web pages on the open Internet as well as the replies from those web pages. External users have no access to your computer itself. Lantern also requires what's called mutual authentication for all connections, requiring that anyone connecting through you to the open Internet is someone you have a cryptographic key for, so someone who has learned about your computer through either being a trusted contact directly or through one of your trusted contacts. This ensures that not just anyone can connect to you through Lantern, but only people in your extended Lantern social network.
Lantern's goal is to be as lightweight and unobtrusive as possible. In Get Access mode, besides being able to access previously blocked sites, you shouldn't even notice it's running. In Give Access mode, a portion of your internet connection will be intermittently donated to other users, but based on the other users online at the time, you may not even notice. We plan to intelligently limit the resources Lantern consumes while you're using your computer in the future (see #19).
Lantern makes use of UDP to cross NATs and firewall. We then use those NAT/firewall traversed connections to send UDT data. Lantern runs true TLS directly on top of that UDT layer.
Lantern is free as in money and as in freedom: free to use, modify, and redistribute in accordance with its license. This documentation is likewise distributed under a free license.
Please see the Contributing page.
© 2014 Team Lantern. Some rights reserved. Don't understand a term? Try the Glossary.