The security framework developed by The Serval Project uses Elliptic Curve crypto system to provide authentication and digital signing, data encryption and decryption, and identity management for the Mesh network.
The main parts of the Serval security framework are:
- the per-device Keyring file contains encrypted secret keys for many identities, each identity unlocked with its own PIN (pass-phrase), and every identity deniable while not unlocked;
- the Serval routing protocol uses randomly generated Serval Identity (SID)s, not MAC or IMSI device addresses, making it difficult for eavesdroppers to link a person to a handset;
- Rhizome uses a strong hash (digest) algorithm to prevent tampering with the contents of files that it distributes;
- Rhizome uses cryptographic signatures on all manifests to prevent tampering with file meta data and identity;
- Rhizome can encrypt its payloads (independently of MDP encryption);
- Rhizome allows anonymous and fully deniable authorship.