How Pikcio’s Peer to Peer protocol enables privacy and secure interactions

PikcioChain
PikcioChain
Published in
3 min readJan 16, 2019

The Pikcio browser will act as a full node within the Pikciochain, enabling a number of features like decentralized chat and file sharing. The following explains how the Pikcio browser will ensure privacy and data security for our users.

Routing protocols support communication and the distribution of information between users by linking any two nodes from a computer network. They determine how routers communicate with each together and generate traffic between networks.

Existing systems currently lack the ability to ensure anonymity and therefore privacy and security. Pikcio’s Matryoshka routing system addresses these shortcomings by complying with privacy requirements and ensuring the anonymization of exchanges. Much like TOR, Matryoshka resembles onion routing because it works in layers.

How it works

A) Untraceable and anonymous interactions

Matryoshka routing bounces TCP exchanges on the Internet to neutralize traffic analysis on network clusters, especially man-in-the-middle attack analysis. As a result, there is no way of tracking sender or recipient IPs and therefore it’s impossible to identify single users of the network, as well as their interactions. In total, this ensures that the exchange is safe and private.

B) Map of network links for enhanced trust

A Matryoshka is a trust-of-trust structure providing an individual with data communication obfuscation services.

Unlike TOR, the Matryoshka layer maps the physical links of the “F2F” (Friend to Friend) social network, in order to increase the notion of trust within the network.

Concentric layers of nodes (or rings) called shells surround each user V — namely the core. The first layer gathers trusted contacts with consequent TCI, or mirrors. This layer participates in the exchange of data from V. Each mirror has a layer connected to a trusted node which builds a multi-hopcommunication link (chain), until the outermost layer is reached. The nodes of this envelope, called entry points, act as gateways for all data requests addressed to the core V.

Data request messages reach a mirror of the node from an entry point and through a trajectory of jump-to-hop trust relationships.

Once again, the Matryoshka layer thus ensures the anonymization of exchanges between users and a trusted path for data.

C) Hybrid encryption

The Matryoshka layer also includes hybrid RSA and AES encryption.

  1. Sender V retrieves recipient R’s public key from the DHT (Distributed Hash Table).
  2. The Matryoshka protocol will generate a 256-bit AES random key in order to encrypt the content of the exchange.
  3. In turn, recipient R’s RSA2048 public key encrypts this AES key.
  4. Sender V adds a signature with its own private key so its identity can be verified by the recipient.

This hybrid encryption provides an optimized balance between system security and performance. The user’s equipment generates the public and private key to ensure the integrity, security, and non-disclosure of the private key.

What is the outcome for users?

The Matryoshka layer presents the advantages of the TOR network with added reinforcement in terms of security.

Even in the event of a corrupted node, it still would not be able to identify the original sender, the final recipient or the content of the interaction.

As a result, two individuals exchanging bank details cannot be identified or the content of their exchange intercepted. The same is true for companies or governments that wish to ensure their internal resources and communications remain strictly within the organization.

This applies of course to all kinds of sensitive information, exchanged daily on communication platforms such as Gmail and Facebook. The latter unfortunately do not enforce strict enough confidentiality measures or are the constant targets of cyber-attacks.

In short, regardless of who the users within the Matryoshka infrastructure are (individuals or businesses), they can be sure, the content of their communications as well as the identity of both sender and recipient remain strictly confidential and protected from malicious external actors.

--

--