mailgunmailgun
11

Pelican Protocol

screenshot of Pelican Protocol

In ancient Egypt the pelican was believed to possess the ability to prophesy safe passage in the underworld. Pelicans are ferocious eaters of fish.

Github

Overview

The Pelican Protocol introduces an innovative solution to combat phishing attempts, utilizing SSH technology to revolutionize web security. By providing a unique key for each website visited, users are liberated from the burden of managing numerous passwords, as a single strong passphrase is sufficient. This greenfield project disregards traditional SSL/TLS methods and proposes a decentralized, do-it-yourself trust model, designed to enhance the user experience for both everyday web browsers and developers.

In a landscape where online security is paramount, Pelican Protocol stands out by offering website operators a cost-effective alternative to SSL/TLS certificates while ensuring robust anti-phishing protection. For users, the protocol promises a safer browsing experience with built-in features that mitigate the risks associated with online threats.

Features

  • Unique Key Authentication: Each website you visit is identified by a unique key, preventing any mix-up of credentials across different sites.

  • Single Strong Passphrase: Users only need to remember one strong passphrase, entered once at machine startup, simplifying password management drastically.

  • Do-It-Yourself Trust Model: Pelican Protocol emphasizes a decentralized approach, allowing users to establish their own security without relying on expensive certificate authorities.

  • Local Password Management: The Pelican client stores and manages passwords locally, enhancing privacy and security without any additional costs for users.

  • Strong Man-in-the-Middle Protection: Users are safeguarded from man-in-the-middle attacks, ensuring that they interact only with legitimate websites after their initial visit.

  • Ease of Backup and Recovery: Built-in backup features facilitate easy key recovery and migration to new devices, minimizing hassle for users.

  • Trust-On-First-Use (TOFU) Security: Once a user visits a legitimate site, they cannot be deceived by look-alike sites, providing significant protection against phishing attacks.

  • No Reusable Credentials: Pelican never reuses login credentials across different servers, ensuring that even if a user falls victim to a phishing site, their real accounts remain secure.