Остання редакція: 20-11-2024
Тези доповіді
This paper introduces an architecture that leverages existing mobile devices and applications to facilitate end-to-end encrypted internet access in areas without direct connectivity. The system is a special case of a Delay-Tolerant Network (DTN) structured into three core components: a client application, a transport application, and a cloud server. The client application aggregates data from various applications on the device into a single data bundle and encrypts it using the Double Ratchet algorithm (part of the Signal protocol). This encrypted bundle is then transmitted over Wi-Fi Direct to the transport application, which acts as an untrusted courier. Upon reaching an internet-connected area, the transport application uploads the encrypted bundles to the cloud server. The server, in turn, decrypts these bundles and routes the data to their intended application servers. Responses from these servers are sent back to the client through the same routes. This architecture offers a seamless and secure solution for internet connectivity in disconnected zones, eliminating the need for additional hardware. It[1] [2] can handle various types of application data while ensuring the integrity and confidentiality of the data in transit without relying on a trusted centralized certificate authority or trusted data transports. We have implemented this architecture in the open-source Disconnected Data Distribution (DDD) project.