During last years social networks, online collaborative office suites and file sharing websites gained a huge popularity. They allow us to easily share contents, pictures and collaborate with our friends and colleagues. However this comes at the cost of our privacy: all of our communications are available to the service provider and government agencies of the hosting country. We wanted to fix this, we want to have the same ease of use but with built-in privacy and security. Snake obtains this thanks to end-to-end cryptography: your messages are encrypted in a way that makes them readable only to the intented recipient before leaving your browser, and viceversa, they are decrypted when you fetch them.

Confidentiality
Guarantees that the exchanged data is protected from eavesdroppers and whoever has direct access to the stored data.
Integrity
Guarantees that the contents of the exchanged data has not been modified by a third party.
Authenticity
Guarantees that the exchanged data actually comes from the declared sender and no one is impersonatig him.
Anonymity of data
Our implementation of the data storage server guarantees that, in case someone gets access to the data (e.g. in case of a break-in or seizure), he will not be able to obtain any useful information. This means that we don't protect just the contents of a message but also its metadata such as who is the sender or the recipient of a message.

The prototype currently offers a minimal set of features for establishing releationships among users and communicating asynchronously, both privately (one-to-one) and in group. This is the solid ground on which we intend to build all the other features.

Multiple profiles
Each user can have multiple profiles showing different amount information to different groups of people.
Private messaging
We offer secured-by-default 1-to-1 communications.
Group messaging
Many-to-many communications are handled in the form of groups. Groups can either be the group of friends of a particular user, or more generic groups such as the group of members of an association.

Real time communication

We are working on adding support for a real-time chat, which means that messages are delivered to the recipient immediately and minimum delay. This is important not only for the chat itself, but also to support seamless collaboration on a document (see next point).

Collaborate

Thanks to existing technologies such as WebODF, Snake will let its users edit collaboratively and in real-time documents using standard and open formats, compatible with the most widespread office suites such as Microsoft Office or LibreOffice. Snake is the first system offering the possibility to collaborate on a document in an end-to-end encrypted environment providing strong privacy guarantees and following the security-by-design principle.

Share files

Snake will also allow to share pictures, videos and other media with the same convenience of classical picture sharing websites, but with technical guarantees that only the intended recipients will be able to actually see them, not even the storage provider will have access to them.
Moreover, thanks to WebRTC, peer-to-peer file sharing will also be available with the same privacy features.

If you are curious to know how our prototype looks like, take look. It's pretty basic, but it serves its purpose.

Multiple profiles

User's profile

Users have the possibility to create multiple profiles. Each profile contains a list of the users' friends and groups he is in. This lists are customizable, so you can have different profiles showing different portions of your whole real profile.

Messages

Messages

You can exchange messages with your friends having the guarantee that you are acutally talking with the person that you have authenticated. You can also create a group and communicate with more than one person.

Relationship establishment

In Snake, to communicate securely with another user you can have to establish a realtionship, which in certain occasions means you have to verify the identity of your friend by asking him a question. This method is used to authenticate the public key of the other user in a simple way, without using an external comunication channel.