Skip to content

Pratik068/BlackBox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
client
client
 
 
core
core
 
 
data
data
 
 
server
server
 
 
tests
tests
 
 
README.md
README.md
 
 
blackbox_gui.py
blackbox_gui.py
 
 
requirements.txt
requirements.txt
 
 
run_client.py
run_client.py
 
 
run_server.py
run_server.py
 
 

Repository files navigation

BlackBox — Secure Dead Drop Communication System

A multi-component encrypted communication platform built for the ST5062CEM Programming and Algorithm 2 coursework.

What It Does

BlackBox is a secure dead drop system — users deposit encrypted messages that recipients can retrieve without sender and receiver ever communicating directly. Intelligence agencies use this technique to prevent interception.

Security Features

Feature Implementation
Session Encryption AES-256-CBC with HMAC-SHA256 (encrypt-then-MAC)
Key Exchange Diffie-Hellman (RFC 3526 Group 14, 2048-bit prime) — custom implementation
Forward Secrecy New DH keypair generated every connection
Identity RSA-1024 keypair per user — custom Miller-Rabin prime generation
Replay Attack Prevention Custom hash-table Nonce Registry (300s TTL)
DoS Prevention Custom Token Bucket rate limiter (per-IP)
Tamper Detection HMAC-SHA256 on every message
Audit Log SHA-256 linked blockchain — tamper-evident
Data at Rest All message bodies AES-encrypted before DB storage
Self-Destruct Messages forensically wiped from DB after retrieval

Architecture

blackbox/
├── core/
│   ├── crypto_engine.py   # DH, AES, RSA, NonceRegistry, TokenBucket
│   └── database.py        # SQLite + AuditChain (blockchain log)
├── server/
│   └── server.py          # Multi-threaded TCP server
├── client/
│   └── client_lib.py      # Client library
├── tests/
│   └── test_blackbox.py   # 30+ unit + integration tests
├── blackbox_gui.py         # Main GUI (Tkinter)
└── requirements.txt

Setup

pip install cryptography pytest

Running

# Launch the full GUI (starts server internally)
python blackbox_gui.py

GUI Tabs

  1. CONNECT — Start server, register/login
  2. DEAD DROP — Compose and deposit encrypted messages
  3. INBOX — List and retrieve drops
  4. SERVER INTEL — Live stats, user list, rate limiter status
  5. AUDIT CHAIN — View and verify blockchain audit log

Running Tests

python -m pytest tests/test_blackbox.py -v

Tests cover:

  • DH key exchange (shared secret agreement, forward secrecy)
  • AES encryption/decryption, tamper detection, wrong-key rejection
  • RSA key generation, encrypt/decrypt, sign/verify
  • Miller-Rabin primality test
  • Nonce Registry replay attack detection (including thread-safety)
  • Token Bucket rate limiting and refill
  • Envelope (full crypto pipeline) round-trip
  • Audit chain integrity and tamper detection
  • Database CRUD + self-destruct behaviour
  • Full client-server integration (register → login → drop → retrieve)

Custom Data Structures

  • NonceRegistry: Custom polynomial hash table with chaining (not Python dict)
  • TokenBucket: Custom per-IP rate limiter with time-based refill
  • AuditChain: Custom linked-list blockchain with SHA-256 block hashing
  • DiffieHellman: Full DH implementation over 2048-bit RFC 3526 prime
  • RSAKeyPair: Custom Miller-Rabin prime generation, modular inverse via Extended Euclidean Algorithm

GitHub Branching Strategy

main
├── feature/crypto-engine
├── feature/server
├── feature/client
├── feature/gui
├── feature/database
└── feature/tests

References

  • RFC 3526: More Modular Exponential (MODP) Diffie-Hellman groups
  • NIST SP 800-38A: AES-CBC mode specification
  • HMAC: RFC 2104
  • Miller-Rabin: Probabilistic primality testing algorithm
  • DoD 5220.22-M: Data sanitisation standard (forensic erasure)

About

This is an Ultra Secure Communication System Built on Python

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages