Features

erikwt edited this page Sep 13, 2010 · 10 revisions

Encryption implementation
For detailed information about how we implemented the encryption, check out the implementation page.

Implemented features so far:

  • Generate a keypair using the Diffie-Hellman algorithm.
    • When generating a keypair, the user is asked for a password.
    • The private key is stored encrypted on the phone’s internal memory.
    • The password used to create the key is never stored.
  • Send public key to contacts.
  • Receive public key. Actions when receiving a public key:
    • Store the public key (when we dont already have a public key from this number).
    • Overwrite the existing public key (when we do already have a public key from this number).
    • Dont do anything, just ignore the key.
  • Manage public keys, and optionally delete them.
  • Sending a message…
    • …to one recipient without a key: the message is just sent in plaintext.
    • …to one recipient with a key: the message can be sent both in plaintext or encrypted.
    • …to multiple recipients, all without a key: the message is just sent in plaintext.
    • …to multiple recipients, all with a key: the message can be sent both in plaintext or encrypted.
    • …to multiple recipients, some without a key, some with a key: the user will see to which contacts it will be sent encrypted, and to which in plaintext, and can select to who to sent the message (this is an extra check to make sure the message is not sent in plaintext by accident).
  • Receiving messages, both encrypted or in plaintext
    • Encrypted messages are stored encrypted. The secret key is never stored, but generated on the fly when you need it.
    • Plain messages are stored plaintext. You can always read them with another messaging program, like the stock messaging app or Handcent for example.
  • Read messages, even when the encryption keys changes.
  • Password authentication when…
    • … generating a new keypair.
    • … actions that require the private key:
      • sending messages encrypted
      • reading encrypted messages (both inbox and outbox)
  • Re-encrypt stored messages when a key changes
    • Own private key
    • Contact’s public key
  • Option to forget the password when the screen goes off (manually or standby)
  • Option to remember the password for the lifetime of the application, usually many hours
  • Option to escape from encrypted conversations when the screen goes off (manually or standby). This basicly means that if you are in a ‘encrypted’ conversation, the conversation is closed when your screen goes off, so you never have encrypted messages readable on the screen when you turn the screen on.