{"id":24388817,"url":"https://github.com/nitsc/chraypt","last_synced_at":"2026-02-11T07:01:50.340Z","repository":{"id":273039378,"uuid":"918524042","full_name":"nitsc/chraypt","owner":"nitsc","description":"一个以保障人权为核心理念的命令行通讯软件，专注于信息安全与隐私保护。目前已实现哈希验证身份和多算法加密通信等功能，为用户提供可靠的隐私保障。这个是中国大陆特供版，没有Tor功能集成。","archived":false,"fork":false,"pushed_at":"2025-01-26T10:19:25.000Z","size":197,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-29T11:51:45.188Z","etag":null,"topics":["aes","argon2","blake3","chat","chat-application","curve25519","curve25519-dalek","decrypt","digital-signature","ecc","ecdh","eddsa","encrypt","hash","p2p","p2p-chat","sha3-512","sha512","sm4","socket"],"latest_commit_sha":null,"homepage":"https://blog.csdn.net/zwa20110606/article/details/145278649","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nitsc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-18T06:30:00.000Z","updated_at":"2025-01-26T10:19:29.000Z","dependencies_parsed_at":"2025-01-18T08:23:00.848Z","dependency_job_id":"91f8801f-fe4c-457c-a813-fa3a5f340a14","html_url":"https://github.com/nitsc/chraypt","commit_stats":null,"previous_names":["nitsc/chraypt"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nitsc%2Fchraypt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nitsc%2Fchraypt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nitsc%2Fchraypt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nitsc%2Fchraypt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nitsc","download_url":"https://codeload.github.com/nitsc/chraypt/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249770021,"owners_count":21323067,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes","argon2","blake3","chat","chat-application","curve25519","curve25519-dalek","decrypt","digital-signature","ecc","ecdh","eddsa","encrypt","hash","p2p","p2p-chat","sha3-512","sha512","sm4","socket"],"created_at":"2025-01-19T14:57:15.847Z","updated_at":"2026-02-11T07:01:45.297Z","avatar_url":"https://github.com/nitsc.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Chraypt: 中国大陆特供版\n\n![Chraypt](https://github.com/user-attachments/assets/da9b0294-479e-4814-a377-a934ef4ee8b6)\n\nChraypt 是一个以保障人权为核心理念的命令行通讯软件，专注于信息安全与隐私保护。目前已实现哈希验证身份和多算法加密通信等功能，为用户提供可靠的隐私保障。\n\n\u003e **特别说明**：该版本为中国大陆特供版，不含 Tor 功能集成。国际版请参见 [Chrayptor](https://github.com/nitsc/chrayptor)。\n\n---\n\n## 开发宗旨\n\n### 核心理念\n我们坚信每个人都有自己的人权。\n\n### 程序开发原则\n- **人权至上**：开发者必须坚持人权至上的原理。\n- **零数据收集**：禁止收集 Chraypt 用户的一切信息。\n- **P2P 和 E2E 特性**：坚持去中心化和端到端加密特性。\n- **安全与隐私**：高度关注用户的安全性和隐私性。\n- **开源透明**：支持高度开源和自由修改源代码。\n- **简洁实用**：不搞花里胡哨，减少攻击面。\n- **最小权限原则**：不打印不必要的信息，不获取不必要的权限。\n\n---\n\n## 当前问题\n\n### 1. 哈希完整性校验问题\n- 在 `receive_message` 函数内，未使用 Argon2 的 `verify` 函数，而是简单地使用 `==` 进行比较。\n- `crypt.py` 文件中 `Hasher` 类的 `ba33` 函数使用 Argon2 哈希 BLAKE3 的结果，这种做法不必要。建议直接使用 Argon2。\n\n### 2. 端口跃迁技术集成\n- 端口跃迁技术尚未完全融合到程序中，目前无法正常使用交换端口接收数据，相关问题正在解决中。\n\n---\n\n## 目标标准\n\n### 编程语言\n- **Rust**：在 Python 原型开发完成后，使用 Rust 重写 Chraypt。\n- **Python**：可能会保留部分 Python 实现。\n- **Go**：可能用于 Chraypt 的网络并发关键部分。\n\n### 加密算法\n\n#### 对称加密\n- **AES**：高级加密标准，广泛应用于通信协议（如 TLS）。**(已实现)**\n- **ChaCha20**：高效安全的流密码，通常与 Poly1305 消息认证码结合使用。\n- **SM4**：中国商用密码算法，广泛应用于金融和政府部门。**(已实现)**\n\n#### 非对称加密\n- **ECC**：椭圆曲线密码学，比 RSA 更高效，适合移动设备。**(已实现)**\n- **NTRU**：基于格的公钥密码算法。\n- **Lattice-based Cryptography**：基于格的密码学，后量子密码学方法。\n\n#### 密钥交换\n- **ECDH**：椭圆曲线 Diffie-Hellman，更高效的密钥交换。**(已实现)**\n- **Kyber**：基于格的后量子加密标准候选方案。\n- **Curve25519**：高效安全的椭圆曲线加密协议。**(已实现)**\n\n#### 数字签名\n- **EdDSA**：基于 Edwards 曲线的数字签名算法。**(已实现)**\n- **ECDSA**：广泛使用的椭圆曲线数字签名算法。\n\n#### 哈希算法\n- **SHA3-512**、**SHA2-512**：用于数据完整性校验。**(已实现)**\n- **Argon2**：抗硬件加速暴力破解的密码哈希算法。**(已实现)**\n- **BLAKE3**：高性能现代哈希算法。**(已实现)**\n\n#### 随机数生成\n- **CSPRNG**：密码学安全伪随机数生成器。**(已实现)**\n\n#### 通信协议\n- **TLS**：传输层安全协议，实现加密传输和身份验证。**(已实现)**\n\n#### 零知识证明\n- **zk-SNARKs**、**zk-STARKs**：未来计划实现。\n\n---\n\n## 端口跃迁技术\n\n### 概览\n**端口跃迁** 技术是自主研发的一项安全通信技术，主要步骤如下：\n\n1. 服务端监听 `52000` 端口。\n2. 客户端连接 `52000` 端口。\n3. 服务端生成随机的 \"交换端口号\"，并在 `52000` 端口上传输该端口号。\n4. 客户端连接 \"交换端口\"，并在该端口交换密钥。\n5. 服务端和客户端使用交换的密钥计算对应公钥。\n6. 服务端生成随机的 \"匿名端口号\"（端口跃迁点），并在 \"交换端口\" 上加密传输该端口号。\n7. 客户端连接 \"端口跃迁点\"，并在此端口进行加密通信。\n8. 每 5 分钟后，服务端重置密钥并重新跃迁端口。\n9. 服务端生成新的随机 \"交换端口号\"，并在 `52000` 端口上使用旧密钥加密传输该端口号。\n10. 重复步骤 4~7。\n\n### 技术优势 🌟\n\n1. **增强安全性**：\n   - 随机生成的端口和动态密钥更新减少固定端口带来的安全风险。\n   - 有效对抗流量监测和分析。\n\n2. **抗中间人攻击**：\n   - 初始握手后通过加密传输动态端口号，降低通信劫持的可能性。\n\n3. **动态性强**：\n   - 端口定期重置，难以预测通信路径，提高隐蔽性。\n\n4. **适应复杂网络环境**：\n   - 适用于高安全性需求的场景，例如绕过审查或抗流量分析。\n\n5. **灵活密钥管理**：\n   - 定期生成新密钥，降低长时间通信的密钥泄露风险。\n\n### 技术缺陷 ⚠️\n\n1. **复杂性增加**：\n   - 多次端口跳转和密钥更新增加设计和实现难度。\n\n2. **性能开销**：\n   - 频繁的端口重新连接和密钥交换可能导致延迟增加。\n\n3. **连接中断风险**：\n   - 跃迁过程中如果发生错误，可能导致通信断开。\n\n4. **兼容性问题**：\n   - 某些防火墙或 NAT 设备可能会限制动态端口通信。\n\n5. **管理成本高**：\n   - 高并发场景下的端口和资源调度可能复杂化。\n\n6. **初始端口暴露风险**：\n   - 固定监听 `52000` 端口可能成为被攻击的薄弱点。\n\n---\n\n## 结语\n\nChraypt 致力于打造一款安全、可靠、隐私至上的通讯工具，同时通过不断优化创新技术（如端口跃迁）提升用户隐私保护能力。未来将继续完善功能，进一步加强人权保障！\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitsc%2Fchraypt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnitsc%2Fchraypt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitsc%2Fchraypt/lists"}