This part is about the working prototype of our homework project. You have to remember that this was made in a very short time and is a prototype so probably not all functions will work properly or at all.
The basic architecture of the application is server based and as such the user is not expected to trust anyone other than himself/herself and the communication partners. This makes it necessary to encrypt all messages transmitted through the server in a way that makes it impossible to read any sensitive data even if an attacker has access to the server. The idea behind all this is that the first user that connects generates a key that is used to encrypt all messages between users. This key is then only sent through the server when a new user joins and then only after receiving the public key of the newly connected user and using that to encrypt the key. The public key of the new user is of course public (so it's not sensitive information to send unencrypted) and only the new user can decode anything encrypted with it. Every message has the source of it inside, and a sidniture in the end, so with theese two a origin is easily validated, and the sign is providing integrity protection.
The very basics of identification is built upon presumed previous knowledge of the server and all clients (not implemented). This means that all users are supposed to keep a whitelist of all accepted public keys (this public key is different to the one used for encryption), these public keys are used only for one thing, signing messages. All parties have one that is unique to them, even the server, which is only important in one case (when the first user joins).
We use 3 different kinds of messages (ENC means encrypted, after the - is the method):
- INI - Used by newly connected users to identify themselves and get the key used for the rest of the communication.
- KEY - Used to send the key used for the communication to the newly connected user.
- DAT - Most messages are DAT messages, these are the ones that are used for the actual communication.
- The first thing that exists by itself is the server awaiting connections, than the first user (Alice) joins and since she doesn't know that she's the first to join sends an INI message to the server which is supposed to forward it to all other participants, but since there are none it sends back an INI message to Alice signed by the server's own public key. From this Alice knows that she's the first and generates the key that will be used for the actual conversations between users.
- After that the next user (Bob) joins and sends an INI message to the server, which forward is to Alice who in turn sends back a KEY message that is encrypted with Bob's public key (received in the INI message) and signed by Alice's public key. The KEY message contains the key generated by Alice that is used for the actual communication.
- If a third user joins the same happens as before but he/she might receive the key used for the communication from multiple sources as nobody exactly is ever declared as a "master". This is important in case the first user (Alice) leaves, since this way nobody needs to be notified that she left and the communication can continue without her and new users can join it as long as somebody remains online. If not than we start form the very begginning.
- The messages themselves (DAT) are sent encrypted with the key originally generated by the first user and signed by the sender. We use 256 bit AES cipher and 4096 bit RSA cipher just to be sure. The plain messages are padded with random bytes (0-256 spaces), so the length of the message is not public.
The connection of a new user (that is not the first) looks something like this:
You need to have python and pycryptodome installed, installation instructions for python 3 available here:
You can install the pycryptodome library with pip:
pip install pycryptodome
Now you're ready to clone this repository like this:
git clone https://github.com/Kuvesz/secure-chat-homework.git
And change the directory:
cd secure-chat-homework
You're all set!
You should run the server with python server.py and from a different terminal or command line window connect to it by starting a client like python client.py. You can have as many clients as you like but we only tested with up to 3.