En tête technical corner
LIME
Technical corner
Description
LIME is an encryption library for one-to-one and group instant messaging, allowing users to exchange messages privately and asynchronously. It supports multiple devices per user and multiple users per device.
It is available as a Liblinphone extension or as a standalone library.
LIME offers two major security benefits to instant messaging users:
- end-to-end encryption, which means that only you and your contact (and not even the server) can decrypt the content that you shared
- perfect forward secrecy, which ensures that encrypted messages cannot by decrypted by a third party, even if a key is compromised in the future
LIME is composed of a portable client library coupled with a public key server developed by Belledonne Communications to allow end-to-end encryption for messaging, without having to exchange cryptographic keys simultaneously.
LIME’s unique features are to support multiple devices per user and the use of the advanced cryptographic curve x448.
Main features
- end-to-end encryption based on modern Elliptic Curve Diffie-Hellman(ECDH)
- perfect forward secrecy with double ratchet algorithm
- designed for group communications
- asynchronous messaging system based on pre-positioned keys
- man-in-the-middle (MITM) detection based on ZRTP auxiliary secret
- signaling protocol agnostic
LIME library and LIME server
LIME library is a portable, signaling-independent component designed for sharing end-to-end ciphered text and documents. LIME is not linked to any signaling protocol and can be used with SIP alternatives like XMPP or any proprietary protocol with unique device identifier support.
LIME exposes a C, C++, Python and Java API for easy integration in mobile and desktop environments. Message overhead is limited thanks to the efficiency of X25519 or X448 Elliptic Curves Diffie-Hellman. LIME allows key agreements to be done asynchronously using pre-positioned public keys published to the LIME server over a secured https link.
License
LIME library is dual licensed, and can be licensed and distributed:
- under a GNU/GPLv3 license for free (open source)
- under a proprietary license, to be used in closed source applications. LIME is not included in the proprietary license for Linphone or Liblinphone, it shall be purchased separately.
LIME server is only distributed under a proprietary license (closed source).
Contact Belledonne Communications for costs and other service information.
Source code
The source code of LIME library is available from our GitLab, or can be cloned with Git:
| Project | Git repository |
| LIME |
LIME's API reference documentation will soon be generated using Doxygen.
The LIME specification document describes the encryption technologies used in this library.
Footer mentions
© Copyright 2023 - Linphone - Belledonne Communications SARL