Integration
If you're an engineer or developer for a secure communication service (small or large), please consider integrating CONIKS into your system to improve the security and privacy of your users' communications. This entails running a CONIKS key server for your users and adding support for the CONIKS protocols in your client software.
We're happy to help you get started and provide feedback -- feel free to get in touch!
Auditors
CONIKS's security relies heavily on the number of auditors checking that CONIKS key servers are not presenting different clients inconsistent views of the key directories. So the more auditors there are, the better the chances are of detecting such an attack.
Whether you've already integrated CONIKS into your service or you simply like CONIKS's goals, please consider running a CONIKS auditor. This will help grow the network of auditors and ultimately improve the security of all CONIKS users.
Note: Unfortunately, we are only now getting started with the development of our auditor software package. We're currently looking for feedback and volunteers to help kickstart this project. Please contact us via our mailing list or via email if you're interested in helping us with the auditor software!
Research
If you're a researcher interested in secure messaging, applied cryptography, usable security, and distributed systems, we welcome new collaborations on our research, as well as on any new research problems related to CONIKS that may be of interest to you.
We have also put together a list of open research problems that we learned about as part of design discussions with engineers working on secure communication tools at major tech companies. We'd like this list to inform future research in the space of secure messaging, applied crypto, usable security and distribtued systems. This list is by no means exhaustive, so please help us grow this list if you have encountered a new research problem we haven't included.
Open Source Software
In our efforts to bring key transparency to all users, we have several ongoing and planned open source software projects. We welcome volunteers, collaborations, and suggestions for new features or projects! Below is a list of projects we're developing and maintaining.
CONIKS Java library
The Java library includes basic reference implementations of a CONIKS server and client to serve as a model for implementing CONIKS. We plan to roll out a fully functioning standalone CONIKS server in Java in the near future.
Please see check the open issues to see how you can contribute.
CONIKS Go library
The Go library includes the core CONIKS protocol implementation, a Merkle tree implementation, a CONIKS crypto implementation, hooks for a C-based client, as well as a fully functioning CONIKS key server.
Please see check the open issues to see how you can contribute.
CONIKS Auditor Software Package (Planned)
This is a standalone auditor software. The main goal of this project is to allow any interested parties (communication providers, third parties etc.) to run an auditor to verify deployed CONIKS key servers.