!IMPORTANT NOTE!
Please be aware that this project contains strong cryptographic capabilities.
You must determine if the cryptographic functionality in this product is legal in your
country/state/city/municipality/whatever. If not, you are responsible to not download,
build or use this product.
The Bumblebee Authors will assume no liability or responsibility, either legally or
ethically, for any particular usage of this product. This product is provided for
ethical application and usage only.
What Is Bumblebee
Bumblebee...
-
Allows you to encrypt files and messages to share with specific Bumblebee users.
-
Utilizes hybrid cryptography, combining both asymmetric and symmetric
cryptographic functionality.
-
Uses curve25519 and ed25519 for asymmetric functionality. Uses XChacha20-Poly1305 and Argon2
for symmetric needs. Random sequences are generated by Go's crypto/rand package.
-
Uses signing functionality so that the receiver is able to validate the sender's identity.
-
Is a single binary that runs on Mac, Windows and Linux. Mobile support may be provided in
the future.
-
Can encrypt large files, small files, keyboard text entry, clipboard inputs, and pipe inputs.
-
Can render encrypted text and binary secrets into text safe formats that can be safely embedded into
text docs, text messages, Slack posts, email, etc., which can be copied and decrypted by the intended user,
without requiring a file exchange.
Bumblebee Guides and Docs
-
Currently, the Quick Start Guide is the best doc to get you up to speed
on Bumblebee functionality. It will take you through a brief description of the current
installation options, show you how to set up and initialize Bumblebee, plus walk you through some
examples of sharing secret files and messages.
-
The User Guide is not available yet. For now, please refer to
Quick Start Guide.
-
The latest binaries and archives are here.
Refer to the Quick Start Guide for how to install.
-
For information on the current Bumblebee project status, see this.
-
Bumblebee is a CLI. For the status of the current command implementations, see the
Command Implementation Status.
-
For info on the future goals of this project, see the Project Road Map.
-
The Technical Details document provides a detailed description of the
crypto implementation logic, the specific crypto algorithms used, and their corresponding code sources.
-
There is a brief YouTube Overview Presentation that discusses the general goals and status of
the Bumblebee project.
-
There is also a YouTube Basic Demo that demonstrates some of the common usage scenarios of Bumblebee.
Bumblebee Project Status
- The initial CLI environment is still in progress.
- MVP flows are complete and tested, including critical cipher paths.
- It is ok to use now.
- Nevertheless, you may run into bugs. If so, please report them as described here.
An Overview Of The Bumblebee Project
BumbleBee is a system for sharing secrets.
It provides functionality for encrypting and sharing files, as well as text or binary inputs.
These can then be provided to the BumbleBee user for decrypting. These can be provided in
various ways and in various forms.
BumbleBee runs in common desktop environments, including Mac, Linux and Windows.
Future support for mobile environments may be provided.
BumbleBee is a Hybrid Encryption tool, utilizing well-known asymmetric and symmetric technologies.
This approach allows you to encrypt small and large files for sharing with other users.
Installing BumbleBee sets up a local environment and initializes various cipher components,
including a default profile, several required key sets and identities, and corresponding key stores.
Similar to some other tools, you will share public keys with other Bumblebee users.
This allows you to securely share secrets with each other.
BumbleBee supports emitting output in a text safe form to the console or clipboard, which can
be copied and pasted into services like Slack, or text messages, etc.
This allows the other user to simply copy the encrypted text and decrypt it with BumbleBee.
You could also paste it into an email body, or attach a secret saved as an encrypted file to an email, etc.
Bumblebee's local environment does not currently require any online access.
This has the benefit of allowing you to encrypt files and secrets for other users, while you are
offline. Secrets can be provided using any transport mechanism, like USB drives.
Of course, when you are online, you can deliver them digitally.
The basic functionality provided by the Bumblebee CLI may be sufficient for all of your use cases.
However, there are some more advanced features if you should need them.
If desired, you can add multiple key set identities for securing assets with specific keys
for specific users, or groups of users.
Also, BumbleBee allows you to create any number of profiles, which will allow you to
isolate multiple secret sharing or security domains. Each profile maintains a distinct set of identities and
user references.
Also, a key management service may be provided in the future, so that you don't have to import
keys manually. That service may also support more complex use cases and transport options.
Status
This system is still in initial development. The primary use cases are completed, and
testing is provided for critical paths, including all cipher constructs. Primary functional paths
for providing and processing secrets are complete. What is missing is generally related to
in-code and external documentation, as well as additional testing for non-critical paths.
The planned service functionality mentioned previously will be completed in the next phase,
once the initial "local" or "stand alone" functionality is sufficiently completed.
The project is in a state that should be safe to use for secret sharing, though all
desired documentation and non-critical functionality may not be available at this time.
For specific details on the current status, see Status.
For a roadmap of future project plans, see the Road Map
Given the current status, you may encounter bugs and missing or incomplete features.
Sufficient testing has been completed, such that any remaining issues should be in non-critical areas.
Both manual analysis and unit tests are used to validate functionality.
If you find or experience any issues, please report them as described below in
Reporting bugs and making feature requests.
Design, Security Approach and Technical Details
The design for this system creates no proprietary or unique cryptographic functionality.
All crypto-related functionality uses well-known industry algorithms and approaches.
BumbleBee simply wraps these known algorithms and approaches with an easy-to-use environment.
Having said that, you are welcome to analyze the design and code, as well as the crypto and
supporting functionality. If you uncover any concerns, feel free to report them as described
below. Any practically valid concerns that are reported will be addressed.
You will find details of crypto and related tech in the Technical Details document.
You will find some details of file construction and layouts here.
A Threat Model document can be found here, which describes threats, vulns,
mitigations and a response plan.
License
BumbleBee is licensed under an MIT license. For license details see License.
Reporting bugs and making feature requests
Please create an Issue for any bugs you find or suggestions you may have relating to
BumbleBee functionality. I will try to respond to these as quickly as I can.
When creating issues for bugs, please prefix the title with "Bug:", like "Bug: Blah Blah feature is not working right."
And for feature requests, please prefix the title with "Feature Request:", like "Feature Request: Adding blah blah functionality would make this utility such the major hotness"
Contributing
If you wish to contribute, you may fork and submit pull requests.
Please follow this GitHub guide to do so:
GitHub: Contributing to Projects
Those will be reviewed as time permits.