Secure Internet Live Conferencing (SILC) is a open instant messaging protocol that stresses security and flexibility.
The SILC protocol can be divided in three main parts:
- SILC Key Exchange (SKE) protocol
- The SKE protocol is used to establish session key and other security parameters for protecting the SILC Packet protocol. The SKE itself is based on the Diffie-Hellman key exchange algorithm (a form of asymmetric cryptography) and the exchange is protected with digital signatures.
- SILC Authentication protocol
- The SILC Authentication protocol is performed after successful SKE protocol execution to authenticate a client and/or a server. The authentication may be based on passphrase or on digital signatures, and if successful gives access to the relevant SILC network.
- SILC Packet protocol
- The SILC Packet protocol is intended to be a secure binary packet protocol, assuring that the content of each packet (consisting of a packet header and packet payload) is secured and authenticated. The packets are secured using algorithms based on symmetric cryptography and authenticated by using Message Authentication Code algorithm, HMAC.
SILC protocol additionally defines SILC Commands that are used to manage the SILC session.
SILC provides channels (groups), nicknames, private messages, and other common features. However, SILC nicknames, in contrast to many other protocols (e.g. IRC), are not unique; a user is able to use any nickname, even if one is already in use. The real identification in the protocol is performed by unique Client ID. The SILC protocol uses this to overcome nickname collision, a problem present in many other protocols.
All messages sent in a SILC network are binary, allowing them to contain any type of data, including text, video, audio, and other multimedia data.
SILC channels (groups) are protected by using symmetric channel keys. It is optionally possible to digitally sign all channel messages. It is also possible to protect messages with a privately-generated channel key that has been previously agreed upon by channel members. Private messages between users in a SILC network are protected with session keys. It is, however, possible to execute SKE protocol between two users and use the generated key to protect private messages. Private messages may be optionally digitally signed. When messages are secured with key material generated with the SKE protocol or previously agreed upon key material (for example, passphrases) SILC provides security even when the SILC server may be compromised.