---------> THIS PROJECT WAS NEVER FINISHED <---------
./oneop.rb -s
./oneop.rb -c
./oneop.rb -sc
or ./oneop.rb -c -s
- User enters the website. If he generates a new chat room he becomes administrator.
- Administrator generates public and private RSA keys and regular local symmetric key.
- Administrator awaits other users to connect.
- For each user following process takes place:
- User generates temporary public and private RSA keys.
- Magic happens and the user has symmetric key without noone in the middle knowing.
- User deletes his temporary RSA keys from memory.
- Every message is now encrypted using symmetric key generated by the administrator at the beginning.
Server has PrS, PuS
Administrator has PrA, PuA, (may have PuS)
1. NEW-CHAT-REQUEST-RECEIVED
2. SENT-SERVER-PUBLIC-KEY / sending PuS / TODO: think of a better way
3. RECEIVED-ADMINISTRATOR-PUBLIC-KEY / received PuS(PuA)
4. WAITING-FOR-CONNECTIONS
(step 2 may be bypassed if the administrator has server's public key and proves it in step 1. otherwise security risk of MITM attacks takes place)
Sever has PrS, PuS, PuA
Administrator has PrA, PuA, PuS
User has PrU, PuU, (may have PuS)
1. REQUEST-RECEIVED / can be dropped right away when chat filters say so
2. REQUEST-SENT-TO-ADMINISTRATOR
(waits for administrator approval)
3. ACCEPTED-BY-ADMINISTRATOR
1. SENT-SERVER-PUBLIC-KEY / sent PuS to user / TODO: think of a better way than unecrypted plaintext
2. RECEIVED-USER-PUBLIC-KEY / received PuS(PuU,timestamp1) from user
3. SENT-USER-PUBLIC-KEY / sending PuU(PuS,timestamp1) to user
4. RECEIVED-USER-APPROVAL / received PrU(PuS(timestamp1)) from user
5. USER-PUBLIC-KEY-SENT-TO-ADMINISTRATOR / sending PuA(PrS(PuU,timestamp2)) to administrator
6. RECEIVED-ADMINISTRATOR-ENCRYPTED-PUBLIC-KEY / received PuS(PuU(PuA,timestamp2)) from administrator
7. SENT-ADMINISTRATOR-PUBLIC-KEY-TO-USER / sending PrS(PuU(PuA, timestamp2)) to user
8. RECEIVED-USER-ADMINISTRATOR-PUBLIC-KEY-APPROVAL / received PuS(PuA(PuU, timestamp2)) from user
9. SENT-USER-ADMINISTRATOR-PUBLIC-KEY-APPROVAL / sending PrS(PuA(PuU, timestamp2)) to administrator
10. RECEIVED-ADMINISTRATOR-PASSPHRASE / received PuS(PrA(PuU(passphrase))) from administrator
11. SENT-ADMINISTRATOR-PASSPHRASE / sending PrS(PrA(PuU(passphrase))) to user
4. CONNECTED
(Step 3.1 may be bypassed if the user has server's public key and proves it in step 1. otherwise security risk of MITM attacks takes place.)
1. GENERATED-KEYS / administrator generates his keypair and symmetric key
2. SERVER-PUBLIC-KEY-REQUEST-SENT / sending request for server's public key (this may be bypassed when key is locally saved and valid)
2. RECEIVED-SERVER-PUBLIC-KEY / received PuS (TODO: security risk of MITM attack, may be bypassed)
3. SENDING-ADMINISTRATOR-PUBLIC-KEY / sending PuS(PuA)
1. GENERATED-KEYS / user generates his own keypair
2. SENT-REQUEST / awaits for response
3. ACCEPTED
1. RECEIVED-SERVER-PUBLIC-KEY / TODO: security risk of MITM attack
2. SENT-USER-PUBLIC-KEY / sending PuS(PuU,timestamp1)
2. RECEIVED-USER-PUBLIC-KEY / received PuU(PuS,timestamp1)
4. SENT-APPROVAL / sending PrU(PuS(timestamp1))
5. RECEIVED-ADMINISTRATOR-KEY / received PrS(PuU(PuA, timestamp2))
6. SENT-USER-ADMINISTRATOR-APPROVAL / sending PuS(PuA(PuU, timestamp2))
7. RECEIVED-ADMINISTRATOR-PASSPHRASE / received PrS(PrA(PuU(passphrase)))
4. CONNECTED