Secure communications

IRC server communication diagrams

This section shows diagrams of encrypted communications used by CrypticIRC without using the TLS/SSL protocol.

You can also see a diagram of IRC communication using SSL/TLS protocol, normally using OpenSSL.
This protocol causes a false sense of privacy. Although the information travels encrypted through the Internet, this doesn't happen when it's processed on the IRC server. Your messages in private chats or channels are processed in plain text on the IRC server.

Colors and terminology:
Green color -- Communications encrypted and secure.
Red color -- Communications not encrypted and insecure.
Messages -- Text messages (sent and received) in private chats or channels.
Files -- Files sent between users.
Rest of the data -- IRC commands, usernames, nicknames, channel names, access passwords to the IRC server, access passwords to channels, etc ...




► Messages from users to IRC Server and from IRC Server to users: Not encrypted
► Messages processed on IRC Server: Not encrypted
► Files between users: Not encrypted Files are sent point to point but without encrypting.
► Rest of the data from users to IRC Server and from IRC Server to users: Not encrypted



► Messages from users to IRC Server and from IRC Server to users: Encrypted
► Messages processed on IRC Server: Not encrypted
► Files between users: Not encrypted Files are sent point to point but without encrypting.
► Rest of the data from users to IRC Server and from IRC Server to users: Encrypted



► Messages from users to IRC Server and from IRC Server to users: Encrypted
► Messages processed on IRC Server: Encrypted
► Files between users: Encrypted Files are sent point to point and encrypted (AES-256 bits algorithm).
► Rest of the data from users to IRC Server and from IRC Server to users: Not encrypted

Messages are always encrypted (AES-256 bits algorithm), even when they are processed on the IRC server. Prevents any possibility of messages being decrypted by the IRC server.

... but ... ¿ what about the rest of the data without encrypting when I use the CrypticIRC application?
The access passwords to the IRC server are not encrypted. The access passwords to the channels are not encrypted. Everyone will be able to see what kind of channels I am connected to.

Answer: Are you really going to use your registered account to access the IRC server if you want to chat securely, privately and anonymously ?
If someone uses your password to access an encrypted channel with the CrypticIRC application, the only thing the spy will see are blocks in hexadecimal code.
The channels where you are connected are not a secret, any user of the IRC server can see that information.