Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
86 lines (50 sloc) 5.6 KB

SafeCom

Feel free to point out spelling mistakes. I am well aware my typing isn't exactly the finest. (Dyslexics)

This is a beta. Do not use this if your life depends on it!

SafeCom is a project aiming at making asymmetric encryption available to the normal, DAU, Day-To-Day user by implementing an intuitive interface and the option to permanently save your keys.

What Is Asymmetric Encryption?

You use asymmetric encryption every single day, whenever you log in anywhere. (Or at least I hope so.) It's the reason the lock to the left of your URL lights up and what makes the modern internet (i.e. anything that has to do with personal data) possible.

You can imagine it as the Website/Server (Or whoever you want to talk to) sending you a lock (Public Key) but keeping the key (Private Key). You then lock your message using that lock and only the server can unlock it with that key. Of course the lock can be cracked but it takes a lot of time and effort and it is much harder to crack the lock than needed due to it changing frequently.

Why should I use SafeCom?

The problem with embedment into an app, like WhatsApp for example, is that security agencies all around the world are increasingly pressuring the companies behind such apps to implement backdoors. You might be ok with that, you probably tell yourself you have nothing to hide, but first of all governments change and it's only a matter of time until an independent group discovers and abuses said backdoor.

SafeCom poses a solution to this problem as it gives you full control over who can read your messages. It removes the trust factor from your communication and lays all the power back into your hands.

SafeCom might be impractical for direct-messages but If you are writing e-mails to someone in China, or the US and you want your discussion to remain secret, this aims at being your goto tool. With SafeCom I aim at a as simple as possible interface for that, even when you know nothing about encryption you can still make your life safer.

How to use SafeCom?

When opening the tool you will get confronted with the option of whether you want to create a new conversation key or load an existing one.

Init Menu

Creating a conversation key

As you do not have an open conversations yet you will want to create a new one. When you click this button a menu opens up, consisting of two text fields and three buttons:

Creating Menu

The upper text field shows your public key (lock) and to the right a button which copies your key to the clipboard. You will need to send your friend and request his key from him. Note how you can not edit this key, as it is mathematically linked to a private key in the background. You then need to post your friends key in the lower field.

After doing that you might want to save your keys. You can do so by pressing the save button, and then choose a directory and a filename in the Java-Browser.

Saving your key

If you do not include the file extension ".key" in your filename the program will automatically add it for you. After you saved your key you can press "Go" and open up the encryption-interface.

Encryption Interface

Using the Interface

At the top you again can see your public key, in case your friend forgot to save it. Below this key you can spot two text areas equipped with one button each. The text area on the left side is for you to type in your message, the one on the right hand side for the received messages. The corresponding buttons below are for encrypting and decrypting your messages after being entered into the text area above.

In case the encryption generates an error, something went wrong when creating the keys. This error should have been caught by the previous menu but it must have slipped through somehow. Try redoing the key exchange and make sure you enter the entire key. If the decryption outputs an empty message ask your friend to resend the message and make sure he copies the entire message. If this does not work the keys again might be corrupted.

Loading saved keys

When communicating with someone you will need to load the keys you previously used in that conversation, especially when talking in non-instant medium like mail for example. To load your previously saved keys choose "Existing" in the main-menu.

Menu for Existing

Again the Java-Browser will open up and you get asked to choose a file. From this file the program then reads your keys and display them to you in an interface.

Saved Keys

Meanwhile you cannot edit your own key pair you can request a new key from your friend in case he lost the key-file. If you edit your friends public key you will be asked to save your key pair before you get to the cryptography-interface.

Technical Information:

Key size: 1024bits in the Public Key.

Saving Format

The keys are saved in byte format as follows: [Password Indicator]+[Size of public Key: 4 bytes] + [Public Key] + [Size of Private Key: 4 bytes] + [Private Key] + [Size Of Friends Public Key: 4 bytes] + [Friends Public Key]

Libraries

java.security.KeyPairGenerator
java.security.KeyPair
java.security.PrivateKey
java.security.PublicKey
javax.crypto.Cipher

Commitment Guidelines

  1. When committing you should explain what you have changed and how the new code works.
  2. You should try to explain why your version is better than the previous.
  3. No self promotion.
  4. No begging.