Secret Handshake Club

Secret Handshake (SHS) is an authenticated key exchange (AKE) protocol. This class of protocols is used during the initialization phase of encrypted connections. It was developed for the Secure Scuttlebutt (SSB) project and protocol suite.

In addition, it requires that the party initiating the connection knows some information about the responder (specifically, the public key) in order to connect. We call this piece of information capability, and protocols that have this feature Capability Handshakes.

Currently, work on Secret Handshake 2 is underway. This effort was started to achieve better analyzability, as well as introducing an optional mode for faster connection establishment.


Original Whitepaper

Description in the Scuttlebutt Protocol Guide

Protocol Visualisation (NSFW) by Nahee Kim


JavaScript: GitHub npm

Go: GitHub GoDoc

Python: GitHub

Rust - Sunrise Choir: GitHub

Rust - Kuska SSB: GitHub

C: GitHub

Note: Implements cryptographic operations only, no IO

Haskell: SourceHut (Project) SourceHut (File)


Protocol Analysis using the Tamarin Prover: GitHub

Attack on Capability Handshake feature: Paper (PDF)

Note: The attack was mitigated by performing additional checks. The protocol messages did not have to be changed.