A secure group messaging protocol allowing instantaneous communications between any number (n) of people.
In Spring 2017, the Open Technology Fund engaged NCC Group’s Cryptography Services Practice to perform a targeted review of the Equalitie cryptographic library, (n+1)sec.
The (n+1)sec library aims to provide a secure group chat mechanism that provides secrecy and consistency of messages. The library is general purpose and can be used in a variety of chat clients much like Off-the-Record3 (OTR). The engagement included security review of the cryptographic design and the end-to-end group chat protocol. The review covered the most recent public version of the (n+1)sec library(44d7b28) and specification(5dd2055). Two consultants and one shadowing consultant performed the engagement over a span of two weeks, from April 24 to May 5, 2017 and it consisted of 20 person days of effort.
NCC Group’s evaluation focused on issues specific to group key exchanges, ratchets used in secure messaging applications, and general cryptographic concerns.
The full audit can be viewed below.