We are CAD - Centro de Autonomía Digital!

The Centro de Autonomía Digital (CAD) is a non-profit organization based in Quito, Ecuador. We are a multicultural organization that researches, improves and creates user-friendly tools and techniques that strengthen the digital sovereignty of people. Our work is also aimed at improving state-of-the-art academic research in cryptography and secure communication. Those are the same technologies that lie at the heart of all digital communication and financial transactions on the internet.

We started CAD because we wanted to strengthen peoples’ right to privacy as defined under Article 12 of the 1948 Universal Declaration of Human Rights: “No one shall be subjected to arbitrary interference with their privacy, family, home or correspondence, nor to attacks upon their honor and reputation. Everyone has the right to the protection of the law against such interference or attacks”. We believe that privacy is a human right that must be respected. Therefore, we work on how to bring the right to privacy defined as a universal human right to fruition in the digital world.

We also believe in free and open source software. Free and open source software allows anyone to read, change, use or delete it without any charge or condition. In turn, that strengthens the security of any software created by allowing anybody to inspect the code and verify that it has not been changed by unknown parties and that no malicious code has been added. Our work is entirely released in an open source fashion and can be freely accessed and used.

CAD Ecuador was formally organized in 2018. Some of the founders had been working together in Latin America on related free and open source projects since 2015. As of last year we have been entirely based in Quito. Besides our own team, renowned software developers have worked with us, creating tools, giving talks, writing papers and helping us to improve our processes. They include people from all over the world who, out of a shared commitment, create, sustain, or improve privacy-enhancing or privacy-preserving tools.

We have had, as part of our team, people who design websites and create programming languages, who think about the linguistic part of the computer science field, who build databases, who conduct research on cryptography, and work on enterprise software. We strive for a diverse, multicultural, multi-country team that works in our diverse world.

As part of our efforts to build, enhance or help privacy-preserving tools, we have worked with several communities, universities and leading academic figures. At present, we are working on the development of version 4 of the Off-the-record messaging protocol (OTR: https://en.wikipedia.org/wiki/Off-the-Record_Messaging) with Ian Goldberg and Nik Unger from the University of Waterloo, Canada. The OTR protocol is an academic cryptographic protocol that aims to provide security in a two-party conversation. As the cryptographic algorithms have improved, and the messaging understanding has changed, we have decided to create a version 4 of the protocol (https://github.com/otrv4/otrv4).

As a sign of the importance of privacy, WhatsApps (owned by Facebook) recently introduced end-to-end encryption for similar reasons. However, WhatsApp uses proprietary technology which is not amenable to rigorous vetting, unlike OTR.

On the basis of this work, we have presented talks in major cryptographic academic symposiums, in open source conferences and in universities. One of our developers, Sofía Celi, has been extremely active in this area. If you are interested in this work, you can watch a presentation given at the renowned Privacy Enhancing Technologies Symposium (https://petsymposium.org): https://youtu.be/Px2WEQAzDCg?t=4769) for which we also wrote a paper: https://petsymposium.org/2018/files/hotpets/7-bini.pdf. Sofía has made presentations twice at the Internet Engineering Task Force (IETF), the premier global body that develops and promotes voluntary Internet standards, in particular, the global standards of the Internet protocol suite TCP/IP. She has presented the OTRv4 work and has also collaborated with the current MLS (Messing Layer Security) effort to create a standard for achieving security in a group chat setting (https://datatracker.ietf.org/wg/mls/about/). She has also presented at the Computer Security and Industrial Cryptography (COSIC) seminar (https://www.youtube.com/watch?v=JYTEn2as0Rg&t=3s). This is a group that researches on computer security and industrial cryptography from the Catholic University of Leuven, Brussels. She will present her work in the future in two renowned universities, where her papers have been accepted.

We have also presented, at the Chaos Computer Congress (35c3) (https://www.youtube.com/watch?v=KR4s6t9D9Jo), an annual four-day conference on technology, society and utopia; at FOSDEM (https://fosdem.org/2019/schedule/event/otr4/), a free event for software developers to meet, share ideas and collaborate around open source; at Cryptorave, an annual event in São Paulo, Brazil; at the LLVM Euro meeting (https://llvm.org/devmtg/2019-04/talks.html#Talk_17), a bi-annual 2-day gathering of the entire LLVM Project community which develops compiler infrastructure.

As part of this work, we have also collaborated on the implementation of an elliptic curve (Ed448-Goldilocks), which is one of the basic mathematical components used by the Internet to secure communications. Every time you visit a website, the connection you are using takes advantage of the mathematical concept of an elliptic curve. Our work has contributed to the new generation of encryption technologies which will help protect users against attacks on the safety of their data and their privacy. In an age of fraud, counterfeit websites, phishing attacks and similar risks, encryption is part of a class of technologies crucial for the continuing growth of the Internet.

We also aim to improve state-of-the-art academic research on cryptography, especially, on secure communication. We are currently working, for example, on a paper in which the different chat clients are compared with regard to their privacy properties.

We have also developed CoyIM (https://coy.im/), a chat client that is secure by default, and that anyone can download and use. We have collaborated in the past with the Tor Project, the Thunderbird (Enigmail) project, the Let’s Encrypt project, and the SubgraphOS project. We plan to collaborate with many more communities in the future. Our idea is to create a network of organizations we can help each other with their work.

CAD is a group of people working on the core Internet technologies, in the same vein as its originators such as Tim Berners-Lee, so that anyone can use them, benefit from the basic human right to privacy, and—especially for users without technical knowledge—protect themselves in a simple and accessible manner.

Links for further information

  • Off-the-record messaging protocol: https://en.wikipedia.org/wiki/Off-the-Record_Messaging
  • Off-the-record messaging protocol version four: https://github.com/otrv4/otrv4
  • Presentation given at the Privacy Enhancing Technologies Symposium: https://petsymposium.org): https://youtu.be/Px2WEQAzDCg?t=4769,
  • Presentation at the Chaos Computer Congress: https://www.youtube.com/watch?v=KR4s6t9D9Jo
  • Presentation at Fosdem: https://fosdem.org/2019/schedule/event/otr4/
  • Abstract of the presentation at the at the LLVM Euro 2019 meeting: https://llvm.org/devmtg/2019-04/talks.html#Talk_17
  • CoylM chat client main website: https://coy.im/