The CryptoRights Foundation:

Mission    |    Donate    |    Podcast    |    News    |    Help
   
 

Services
Research
⇒ Overview
* HighFire
* HuRiCANE
* HighWire


About CRF
Join/Participate

 

Research & Development Projects

R&D Overview

CRF's Research & Development ("R&D") Group is now conducting research to produce secure data communications, processing and storage technologies that are useful to human rights organizations (and ultimately journalists, humanitarian aid workers, and others). We have ongoing technical development producing prototypes of the necessary hardware and software to provide these capabilities to our NGO clients.

Our R&D projects involve both integrative and creative security research on general security policy and maintenance, and on communications security, authentication and privacy for both fieldworkers and NGO home offices. We are also working on longer-term secure mobile wireless communication and wearable computing technologies.

Most of our current efforts are intended to produce tightly integrated hardware and software platforms which function as secure productivity workgroup tools that serve identified, genuine needs for human rights NGOs. CRF's R&D builds upon academic and other open source research and development, and integrates and extends inexpensive existing software and hardware to create more useful, friendlier and more high-assurance information security solutions for HR NGOs.

Our R&D projects also include long-term cryptologic research and security policy projects, including the development of Internet standards in cooperation with well-known standards bodies such as the Internet Engineering Task Force (cf. RFC 3156).

CRF R&D Philosophy

  1. Be Open
  2. Use Open Source Software
  3. Listen to Your Users
  4. Use the Technology
  5. Use What You Recommend to Others
  6. Keys Are Cheap but Lives Are Valuable
  7. Use Freeware
  8. Don't Reinvent the Wheel
  9. Adhere to Standards
  10. Remember That Reputation Is Critical
  11. Be Honourable

Please click here for detailed information on our R&D Philosophy.

R&D Project Summaries

CRF's Primary R&D Project (2003-present)

Project HighFire:

Human Rights Firewall System: network security hardware appliance and related server and application software for creating a secure network base-station and communications privacy infrastructure for humanitarian workers in remote locations that have power and connectivity.

The first research phase of this project was the Communications Assessment Tool (CAT) survey, to identify real-world security needs of active human rights organizations. CAT has informed our development projects, including the alpha version of the tamper-respondent FireBox field office/desktop appliance, which includes support for a secure subnet, public key crypto support, secure network tunnels, secure Internet voice telephony, ad hoc wireless networking, power management and related capabilities. Additional IceBox (secure communications server) components, to which FireBoxes connect, create a secure e-mail and Internet access solution for NGO home offices, which protects them from networked threats and provides pseudonymous network capabilities for identity protection while they are doing online human rights investigative work.

The HighFire platform allows NGOs to scale for virtually unlimited user accounts, connectivity to other participating NGOs in an IceBox-based wide-area network, onsite training, online tutorials, plus Web- and telephone-based technical assistance for designated NGO security officer(s). Among the features slated for later development is an alarm that goes off at all designated NGO affiliate sites if any individual FireBox goes offline (indicating that field personnel could be in immediate danger).

CRF's Future R&D Projects

(More information will be available about these projects as development continues. If you are interested in participating in any of this R&D, please contact us.)

Project HighWire:

Human Rights Wireless System: secure wireless hardware/software connectivity capability, and standard desktop/laptop computers. It's software-defined radio (SDR) architecture for emulation of any radio-based protocol with added security and authentication to protect humanitarian data, already has active development. Integration of HighWire into other projects, including HighFire network security appliances, will extend all capabilities to virtually any point on earth.

Project HuRiCANE:

Human Rights Cryptographic Application & Networking Extensions: OpenPGP-based crypto application and networking libraries and components, providing encryption and authentication functionality to HighFire and HighWire, as well as other projects such as the HROS operating system. One subproject that already has active development happening is the PEASOUP project: initially a key-splitting protocol, enabling workgroups to cryptographically divide and reconstruct critical digital resources among their members, PEASOUP's threshold encryption tools now allow CRF to implement the "two-person rule" in various contexts. PEASOUP makes possible group access to data, for splitting an NGO's Organizational Root Key among multiple trustworthy parties and protecting individual social justice workers from physical threats (i.e. by spreading capabilities across multiple people, making that person unable to provide access to attackers) and; Group Signatures on data to assure responsible use of an organization's public announcement capabilities, protect against reputation attacks and provide other public functions.

The HuRiCANE project also includes the Vote-Sec work on Secure Accurate and Fair Election Technology Voting (SAFETechVote) — the eventual open-source international freeware release of portions of Dr. David Chaum's software to provide voters with cryptographically-enhanced paper voting receipts, as well as other research into the viability and uses of cryptography in voting and election technology for building democracies worldwide.

CRF R&D Roadmap Projects

(More information will be available about these projects as development continues. If you are interested in participating in any of this R&D work, please contact us.)

Project HROS:

Human Rights Operating System: A trustworthy operating system, having security based on Capabilities-Based Computing rather than on traditional access control: a provably-secure OS to which our other projects can eventually migrate.

Project HUMANiKEY:

Human Rights Public Key Infrastructure: a global Public Key Infrastructure (PKI) for secure and authenticated information protection within and between international humanitarian NGOs. Includes a Universal Humanitarian Security Policy (UHSP) template and a cryptographic key registration and certification system for NGO users.

Project HUES:

Human Rights User Environment for Security: user-friendly, localizable human interface design and full electronic documentation for the H-OST operating system and all other system components, including HighFire and HighWire.

Project HURIWEAR:

Our longest-term project, which will integrate functions of all of the above, is the Human Rights Wearable): the world's first secure, wearable computer designed especially for humanitarian users. It will be both a personal safety device and a means for securely exchanging authenticated information between humanitarian and newsgathering organizations and their people in the field: those on the very front-most lines of the struggle for global justice.

 

Feedback        |         Policy    © 1998-2008 CryptoRights Foundation, Inc. — a 501(c)(3) nonprofit human rights NGO.