Black Hat, Las Vegas: Hewlett-Packard researchers today unveiled "Veiled", a browser-based encryption system that...
could allow individuals and firms to conduct their internet communications with more privacy.
Defence contractors such as EADS have developed hardware-based communications encryption systems such as Ectocrypt that allow government and military agencies to create "black core" networks. These are secret networks that run with many internal levels of security on public networks such as the internet and telephone system.
The work by HP researchers Billy Hoffman and Matt Wood aims to give private individuals and firms similar capabilities simply using their internet browsers and peer to peer connections as they would with Skype for voice messages.
The researchers said advances in browser technology such HTML 5 support allowed files to be stored "persistently" on the client. This plus the peering of servers meant files could be available even after the sending browser was closed.
This made the darknet resilient, said Wood. "To destroy it, you would have to take down all of the clients, because if one server gets compromised, you just shift to a different server."
Setting up a darknet was as easy as a user responding to an encrypted e-mail that pointed him to a secret website that the sender set up. On going to the website, the visitor's browser started the Veiled application, and he could exchange messages in secret from then on.
Wood said HP had no plans to release the code or to offer Veiled as a commercial product. They were hoping delegates to Black Hat would pick up their ideas and refine them for commercial use.