icing/monorepo
4
0
Fork 0
Code Pull Requests 1 Actions Packages Releases Activity
1a6845760f
monorepo/docs/beta_test_plan.md
stcb 1a6845760f
All checks were successful
/ mirror (push) Successful in 4s
Details
Minor changes
2025-02-28 17:56:39 +02:00

291 lines
13 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Beta Test Plan
## Core Functionalities
---
### Action Plan review:
In our previous Action Plan, we listed the following functionnal specifications:
- Phone call encryption between two known pairs, that exchanged keys in person. *Mandatory*
- Phone dialer that is discret and functional, and should not disturb a normal use (clear phone call). *Mandatory*
- Phone call encryption between two unknown pairs, with key exchange on the go. Optional.
- SMS encryption between two known pairs (in person key exchange). Optional.
We now retain only the two first functional specifications.
### Core Functionalities
Based on this review, here are all the core functionnalities we set:
#### Icing protocol
- Advanced protocol documentation, paving the way for a full RFC.
The protocol definition will include as completed:
- Peer ping
- Ephemeral key gestion
- Perfect Forward Secrecy
- Handshakes
- Real-time data-stream encryption (and decryption)
- Encrypted stream compression
- Transmission over audio stream
- Minimal error correction in audio-based transmission
- Error handling and user prevention
And should include prototype or scratches functionalities, among which:
- Embedded silent data transmission (silently transmit light data during an encrypted phone call)
- On-the-fly key exchange (does not require prior key exchange, sacrifying some security)
- Strong error correction
#### The Icing dialer (based on Icing kotlin library, an Icing protocol implementation)
The Icing dialer should be a fully transparent and almost undistinguishable smartphone dialer.
Any Icing-unaware user should be able to use the dialer smoothly to make calls to anyone.
The dialer should propose a full set of functionnalities to handle its Icing protocol implementation.
Here is the list of all the functionnalities our dialer will integrate:
- Call
- Ringtone on incoming call
- Incoming and ongoing call notification
- Complete dialer with all numbers, star *, pound #
- Mute button
- Speaker button
- Normal call
- DTMF transmission
- SIM choice on call
- Encrypted Call
- Encrypted call if pair public key is known
- Encrypted DTMF transmission
- Data rate indicator
- Data error indicator
- Disable encryption button
- Call history
- Call details (timedate, duration, ring number)
- Missed calls filter
- Outgoing calls filter
- Incoming calls filter
- Call back function
- Contact modal on history tap
- Block call number
- Contacts
- Sorted contact listing
- Contact creation / editing buttons
- Contact sharing via QR code / VCF
- Contact search bar (application wide)
- Favorite contacts
- Contact preview (picture, number, public key...)
- Visual voicemail
- Play / Pause
- Notification
- Quick link to call, text, block, share number...
- Miscellanous
- Settings menu
- Version number
- Storage of user public keys
- Blocklist gestion (list / add / del / search)
- Default SIM choice
- Asymetric Keys
- Secure storage
- Generation at startup if missing
- Full key management (list / add / del / search / share)
- Secure generation (Android Keystore generation)
- Insecure generation (RAM generation)
- Exportation on creation (implies insecure generation)
- Importation
- Trust shift (shift trust from contacts)
## Beta Testing Scenarios
- Clear call from Icing dialer to another dialer (Google, Apple...)
- Clear call from Icing dialer to another Icing dialer
- Clear call from Icing dialer to an icing pubkey-known contact but without Icing dialer
- Encrypted call from Icing dialer to a known contact with Icing dialer
- Encrypted call from Icing dialer to an unknown contact with Icing dialer
- Create / Edit / Save contact with(out) public key
- Share contact as QR code / Vcard
- Import contact from QR code / Vcard
- Listen to voicemail
- Record encrypted call and check the encryption
- Change default SIM
## User Journeys
Mathilda, 34 years-old, connects to her PayPal account from a new device.
To authenticate herself, PayPal sends her a code on her voicemail.
Mathilda being aware of the risks of this technology, she has set up strong Icing authentication with her network provider by registering a pair of her Icing public keys.
When she calls her voicemail, Icing protocol is triggered and checks for her key authentication ;
it will fail if the caller does not pocesses the required Icing keys.
Mathilda is thus the only one granted access, and she can retreive her PayPal code securely.
Jeff, 70 years-old, calls his bank after he had a problem on his bank app.
The remote bank advisor asks him to authenticate, making him type his password on the phone dialer.
By using the Icing protocol, not only would Jeff and the bank be assured that the informations are transmitted safely,
but also that the call is coming from Jeff's phone and not an impersonator.
Elise is a 42 years-old extreme reporter.
After interviewing Ukrainian opposition's leader, the SBU (ex KGB) are looking for her accross the whole country.
She hides in western moutains near Romania, and she barely receive cellular network.
She suspects her phone line to be monitored, so the best she can do to call for extraction safely, is to use her Icing dialer.
Paul, a 22 years-old developer working for a big company, decides to go to China for vacations.
But everything goes wrong! The company's product he works on, is failling in the middle of the day and no one is
qualified to fix it. Paul doesn't have WiFi and his phone plan only covers voice calls in China.
With Icing dialer, he can call his collegues and help fix the
problem, safe from potential Chinese spies.
## Evaluation Criteria
### Protocol and lib
1. Security
- Encryption Strength: Ensure that the encryption algorithms used (e.g.
AES-256, RSA, ECC) are up-to-date and secure.
- Key Management: Evaluate the mechanism for generating, distributing, and
storing encryption keys (e.g., public-key cryptography, Diffie-Hellman, or
ECDH).
- Forward Secrecy: Confirm that the protocol supports forward secrecy, meaning
that session keys are discarded after use to prevent future decryption of
past communication.
- End-to-End Encryption Integrity: Verify that no plaintext data is exposed
outside the encryption boundary (client-side only).
- Zero Knowledge: The protocol and library should implement zero-knowledge
principles, ensuring that the server cannot access or decrypt the
communications.
- Authentication and Authorization: Evaluate the authentication method (e.g.,
multi-factor authentication) and ensure that only authorized users can
initiate calls.
- Replay Protection: Ensure that mechanisms are in place to prevent replay
attacks (e.g., using nonces or timestamps).
2. Performance
- Latency: Measure the round-trip time (RTT) for call setup and audio quality
during the call. A good system should aim for low latency to ensure real-time
communication.
- Bandwidth Efficiency: Evaluate the protocols ability to minimize bandwidth
usage while maintaining acceptable audio quality.
- Scalability: Ensure that the protocol can handle varying user numbers and
call volumes without degradation in performance.
- Audio Quality (Codec Selection): Assess the choice of audio codecs (e.g.,
Opus, G.711) for their impact on call quality at different network
conditions.
3. Usability
- Ease of Integration: Evaluate how easy it is to integrate the library into an
Android application, including the availability of well-documented APIs and
clear examples.
- Cross-platform Compatibility: Ensure that the protocol supports multiple
platforms (e.g., Android, iOS, desktop) to allow seamless communication
between devices.
- Seamless User Experience: Check for smooth call initiation, handling of
dropped calls, and reconnection strategies. The app should handle background
operation gracefully.
- UI/UX Design: Assess the user interface (UI) of the Android dialer for
intuitiveness, accessibility, and design consistency.
- Error Handling and Recovery: Evaluate how the system handles unexpected
errors (e.g., network issues, connection drops) and recovers from them.
4. Interoperability
- Support for Multiple Protocols: Verify if the library and protocol can
integrate with existing standards (e.g., SIP, WebRTC) for interoperability
with other services.
- Cross-device Compatibility: Ensure that calls can be initiated and received
across different devices, operating systems, and network conditions.
- Backward Compatibility: Test whether the library is backward compatible with
older versions of protocols or legacy systems where applicable.
5. Privacy
- Data Storage: Evaluate how the system stores any data (e.g., user details,
call logs). Ensure that sensitive information is encrypted both in transit
and at rest.
- Data Minimization: Ensure that only the minimum necessary data is collected
for the protocol to function.
- No Call Metadata Storage: Ensure that no metadata (e.g., call logs, duration,
timestamps) is stored unless necessary, and, if stored, it should be
encrypted.
6. Compliance and Standards
- Regulatory Compliance: Ensure that the protocol adheres to privacy and
security regulations, such as GDPR, HIPAA (if relevant), and other
region-specific laws.
- Open Standards: Verify whether the protocol adheres to recognized open
standards for secure voice communications (e.g., ZRTP, DTLS).
7. Reliability
- Connection Stability: Test the stability of the connection during real-world
use cases (e.g., fluctuating network conditions, roaming, mobile data).
- Error Logging and Monitoring: Assess the logging system to track errors,
anomalies, or potential security threats. The system should have proper
monitoring to help with diagnosing issues.
- Redundancy and Failover: Ensure that the system can handle server failures or
network issues gracefully with proper redundancy mechanisms in place.
8. Maintainability
- Code Quality: Review the library for clarity, readability, and
maintainability of the code. It should be modular and well-documented.
- Documentation: Ensure that the protocol and library come with thorough
documentation, including how-to guides, API references, and troubleshooting
resources.
- Active Development and Community: Check the active development of the
protocol and library (e.g., open-source contributions, GitHub repository
activity).
### Dialer
1. User Interface
- Design and Layout: Ensure that the dialer interface is simple, intuitive, and
easy to navigate. Buttons should be appropriately sized, and layout should
prioritize accessibility.
- Dialer Search and History: Ensure theres an efficient contact search,
history logging, and favorites integration.
- Visual Feedback: Verify that the app provides visual feedback for actions
such as dialling, incoming calls, and call termination.
2. Call Management
- Call Initiation: Test the ease of initiating a call from contacts, recent
call logs, or direct number input.
- Incoming Call Handling: Verify the visual and audio prompts when receiving
calls, including notifications for missed calls.
- Call Hold/Transfer/Forward: Ensure the dialer supports call hold, transfer,
and forwarding features.
- Audio Controls: Check whether the app allows users to adjust speaker volume,
mute, and switch between earpiece/speakerphone.
- Call Waiting: Verify that call waiting functionality works, allowing users to
switch between active calls.
- Call Recording: If supported, check whether the call recording feature works
in compliance with privacy regulations and user consent.
3. Integration with System Features
- Permissions: Ensure the app requests and manages necessary permissions (e.g.,
microphone, camera for video calls).
- Integration with Contacts: Ensure that the app seamlessly integrates with the
Android contacts and syncs correctly with the address book.
- Bluetooth Support: Test whether the app supports Bluetooth devices such as
headsets and car kits.
- Notifications: Ensure that call notifications work even when the app is in
the background or the phone is locked.
4. Battery and Resource Management
- Battery Usage: Evaluate the dialer apps impact on battery life during active
calls and idle periods.
- Resource Efficiency: Ensure the app doesnt excessively consume CPU or memory
while operating, especially during idle times.
5. Security and Privacy
- App Encryption: Ensure that any stored data (e.g., contacts, call logs) is
encrypted.
- Secure Call Handling: Verify that calls are handled securely through the
encrypted voice protocol.
- Minimal Permissions: The app should ask for the least amount of permissions
necessary to function (e.g., no unnecessary location or contacts access).
6. Reliability
- Crash Resistance: Test for the apps stability, ensuring it doesn't crash or
freeze during use.
- Network Resilience: Test how the dialer handles varying network conditions
(e.g., switching between Wi-Fi and mobile data).
- Reconnect and Retry Mechanisms: Ensure that the dialer can gracefully handle
dropped calls and reconnect automatically.
View Git Blame Copy Permalink