aba617/CryptChat
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
Repository files navigation
Crypt-Chat: An Encrypted Messenger: To use: First, open a terminal and cd into the Server directory. The server is required to take two flags, -p portnumber and -b databasename. On my personal machine, port 9999 was ideal. use CryptChat.db for the database flag ./Server -p 9999 -b CryptChat.db Once the server is up and running, simply navigate to Chat-app/Chat-Executable and double click on "Crypt-Chat" At this point, I would recomend creating a user name at this point, or else the add user function will not work. Some users you could also login as are: username password george 1234 allen password max password dave password brian password Now you should be able to login. If login fails, kill the server with ctrl+c and run it again on a new port. If you are able to login with no issues, you can go ahead and log other users on the same or other machines (it behaves the same). to message a friend: if the person you are trying to message is not in your friend's list, you must add them and they must add you using the button in the top left corner. Double click on the person's name, type your message, and send. If the message received is identical to the message sent, then it is ok to login more clients and enjoy messenging each other. If for some reason a message is received that is still decrypted, or for some reason not the same as what was sent, then there is an issue with the ports, and while you can continue sending messages, the behavior will remain erratic, and logoff attempts will fail, resulting in the server considering the client logged in despite actually being logged off. If everything is working properly, then you should be able to message anyone in your friends list, as long as they are also friends with you and are logged on. When done with use, simply click the logoff button. General advice for strange behavior is to kill the server, run it on a new port, and try again. Also please note that any time ./Server -g is ran, new credentials will be generated. This updated credentials file, Credentials.txt, must be delivered (securely) to Chat-app/Chat-Executable or else the client will be unable to run properly. Server specific information: Compile instructions: just type into terminal: make (you can "make clean" if it builds weird for some reason) or type: g++ CompileFile/Server.cpp CompileFile/Encryption.cpp -std=gnu++0x -lpthread -Wall -Wextra -w -lsqlite3 -lcrypto -ldl -o Server database schema (sqlite3): CREATE TABLE USERS(USER_NAME CHAR(120) PRIMARY KEY NOT NULL, PASSWORD_HASH CHAR(120) NOT NULL, SALT CHAR(120) NOT NULL); How to run it: ./Server -p <Host Port> -b <database> optional flags: -d debug prints every step -D daemonize runs in the background -o logfile prints notable actions to a logfile -i initialize database (doesnt work) ./Server -g -g generate credentials into Credentials.txt How it Works: SUMMARY: The server runs on a port, listening for incoming clients. When a client connects, the server spawns a new thread. This thread is detached from the main, so there is no zombie catching, it will kill itself. When a client tries to connect to do anything, their credentials are checked and validated in the database before they are permitted to perform any functions. On login, they are validated, and then sent a unique session key iv pair needed to properly encrypt messages, and they are stored as an online user. Once logged on, they are permitted to send messages to other users who are online. The client sends an encrypted message with the user name of the person they wish to send it to. The server will decrypt the message, and then re-encrypt it with the key iv pair of the person who is supposed to receive the message, and then send it to the receiver, who upon receiving it can decrypt the message. To logoff, they simply press a client side button that sends a signal to the server to log them off. To add a user, the client sends a request to add a username and password pair. The name is checked in the database to see if it isn't taken, and if it is available, hashes the password and stores the username, hashed password, salt of the client. Changing a password is performed similarly to adding a user, except after being validated a query is ran to update the row in the database instead of adding to it. SECURITY: This application uses two layers of AES symmetric key encryption. When the server is ran with the -g flag, it will generate a key iv pair and store them in a file. These credentials are static, and too be distributed to each user. The best format for this is either via thumb drive, or by using the VSFTP or just SSH protocal to distribute the credential file. This decision is left up to the network administrator. This credential file is loaded into both the server and client, and used to encrypt the session key iv pair that is distributed to clients upon login. This protects the session kery iv pair from man in the middle attacks or snooping, as anyone listening on the wire will get an encrypted string, which they won't be able to decrypt without the credential file. If the credential file or system itself becomes compromised, the network admin just needs to run ./Server -g to generate a brand new set of credentials, and then the admin just has to distribute them in whatever secure format they see fit. Notable issues: The server does not dynamically log users off, so if a client drops unexpectedly, the server will still consider them logged on. The database locks, limiting add user functionality to being able to add 1 person per server session, and only if the database hasnt been queried beforehand, making changing passwords impossible. This is a bug we have been trying to fix, and although we considered simply reading/writing to a database, we decided that actually using a real sql database is important to the overall integrity of the system. Changing password does not currently work. The system will behave strangely on certain ports, while working perfectly on others. There is also occasional strange behavior. However, when it works, it is a lot of fun. Enjoy using Crypt-Chat!