CurveCP: Usable security for the Internet

Main features:
Protocol details:
Message handlers

Introduction to CurveCP

Sending data through the Internet is like sending it through the radio (and often is actually sending it through the radio). An attacker who sets up a radio nearby can spy on everything that you're sending, and on everything that you're receiving. Some, perhaps most, of the data you send and receive is public, but the attacker can also see all the private information.

The attacker doesn't have to be physically close to you. He could be halfway around the world. He simply has to have control over one computer on the same network as yours, or on the same network as the computer you're talking to, or on any network in between. Do you really think that these hundreds of computers are all trustworthy and secure and not spying on your communication?

Furthermore, the attacker can forge packets of data that look like they come from you, or from whichever site you're talking to. With slightly more effort the attacker can spy on each packet as you're sending it, quickly substitute a modified version of the packet, and prevent the receiver from seeing the original packet.

How does CurveCP help?

CurveCP is similar to TCP but uses high-speed high-security elliptic-curve cryptography to protect every packet against espionage, corruption, and sabotage. The cryptographic tools used in CurveCP are the same as the cryptographic tools used in DNSCurve. CurveCP was announced at the 27th Chaos Communication Congress on 28 December 2010.

The first CurveCP implementation, incorporated into the Networking and Cryptography library (NaCl), entered public alpha testing on 21 February 2011. CurveCP software isn't ready for users yet but is ready for experimentation and development by interested programmers. Jan Mojžíš has written a curveprotect package using CurveCP to protect HTTP and Jabber.

To join the CurveCP mailing list, send an empty message to curvecp-subscribe at


CurveCP was designed by Daniel J. Bernstein (University of Illinois at Chicago). Bernstein's work was funded by the U.S. National Science Foundation, grant number 1018836, Higher-Speed Cryptography. "Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation."


This is version 2017.01.22 of the index.html web page.