StreamSec 2PCube

StreamSec 2PCube is a firewall friendly secure messaging service with 128 bit security, designed specifically as a StreamSec Tools support tool. The source code for the client is available for StreamSec Tools Enterprise subscribers.

The communication between the clients and the server is directed via HTTP on port 80. The data sent over the HTTP channel is in turn protected by 128 bit TLS (TLS-RSA-DHE-RC4-SHA). This means that the transport protocol is TLS over HTTP, contrary to regular HTTPS which is HTTP over SSL/TLS.

Each client registers by sending a Certification Request to the server. The server authenticates the request by comparing it to the corresponding entry in the StreamSec Tools customer data base. The client must use the issued Client Certificate for each subsequent request sent to the server.

The communaction between two clients is directed via the server and is encrypted a second time. The keys for this channel are established by the means of an Ephemeral Diffie-Hellman 3072/256 key exchange, authenticated by the Client Certificates. The bulk encryption method is AES-128-CTR with HMAC-SHA256. The plain text contents of the communcation between two clients is at no point known to the server.

Download