Skip to content
/ slyther Public

Encrypted peer-to-peer messaging platform written in Python.

License

MIT license
15 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ajstensland/slyther

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits
screens
screens
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
slyther
slyther
 
 
slyther-server
slyther-server
 
 

Repository files navigation

slyther

Slyther is an encrypted peer-to-peer messaging platform written in Python. Slyther employs the pycryptodome library for its cryptographical needs.

Created as a project-based learning venture because I wanted to design an application-layer protocol and learn how to use sockets and encryption.

Disclaimer

I make no claims regarding the security of this program. While it is encrypted, I may have made some errors blatant to the average cryptanalyst. Pycryptodome may also have vulnerabilities I am unaware of. Do not trust this program with anything remotely important. No personal information, no credit cards, no SSNs. I am not responsible for damages incurred by the improper usage of slyther or slyther-server.

If you notice that I'm making a severe mistake with the security of this program, please let me know. This has been purely a learning experience for me, and if you can provide more lessons for me to learn about this topic, please let me know!

Quickstart

# Install dependencies
python -m pip install -r requirements.txt

# Start server in one terminal
./slyther-server

# Start client in another terminal
./slyther

Screenshots

Main Menu

menu

Server Log

serverlog

Viewing a Conversation

conversation

Protocol

Given that Alice (A) wants to send Bob (B) a message through slyther, three steps take place. Slyther uses a mixture of RSA with OAEP and AES-128-EAX to encrypt messages, and SHA512 hashes (with RSA) for digital signatures.

  1. Public Key Exchange
    1. Alice sends Bob her public key (plaintext, since public keys are not secret)
    2. Bob checks this public key against a fingerprint shared over a trusted channel (fingerprints not yet implemented)
    3. Given that Alice's key is trusted, Bob sends his public key to Alice (again, in plaintext)
  2. Session Key Creation and Delivery
    1. Alice then creates a 128-bit AES session key for her message
    2. Alice encrypts this key with Bob's public key and sends the RSA-encrypted key to Bob
    3. Alice signs the SHA512 hash of the key
    4. Alice encrypts this signature with the AES key and sends the AES-encrypted signature to Bob
  3. Message Delivery
    1. Alice encrypts her message with the AES key and sends the encrypted message to Bob
    2. Alice signs the SHA512 hash of her message, encrypts it with the AES key, and sends it to Bob

Acknowledgements

Big thanks to Hedde van der Heide and Adam Rosenfield for their StackOverflow answer on sending and receiving large messages over sockets

About

Encrypted peer-to-peer messaging platform written in Python.

Topics

encryption aes peer-to-peer p2p rsa p2p-chat

Resources

Readme

License

MIT license
Activity

Stars

15 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages