Home
Encrypted Chat App is an MVC Application build on top of ASP .NET Core with Real-Time Capabilities utilizing SignalR and Client-side Javascript to drive the front-end. It is developed as an University Project for Cyber and Information Security class at FMI Plovdiv. The project represents end-to-end encrypted real time web chat.
- Table "Messages"
- Id - Int, Auto Increment - The message ID, Primary Key
- [User] - Varchar - The username of the sender of the message
- Text - Varchar - The Encrypted Body of the Message (in Base64 Format)
- Date - DateTime - The Date and Time when the message was sent
- RecepientUserId - Varchar - the Id of the user, for whom the message is meant for, Foreign Key
- SenderUserId - Varchar - the Id of the user, who sent the message, Foreign Key
- signedMessage- Varchar - The RSA Digital Signature of the message (in Base64 Format)
- Table "AspNetUsers" (This is Autogenerated by .NET Core Identity system)
- Id - Var Char - The User Id, Primary Key
- UserName - Var Char - The User Name
- PasswordHash - Var Char - The Hashed Password
- Table "PublicKeys"
- Id - Int, Auto Increment - The Public Key Record Id, Primary Key
- UserId - Varchar - the Id of the user, to whom is the Public Key, Foreign Key
- PublicKey - Varchar - the Public Key (in Base64 Format)
- DateAdded - DateTime - When the key was submitted to the system
Message and PubKey have the same properties and structure as the corresponding Database tables. They are used by the ORM (Entity Framework Core), to query and manipulate data from the database.
MessageReceive - Deserialize and store the objects inside a List of the same type.
It is used when the client sends a JSON Serialized Array which the server receives via the Send(List<MessageReceive> messages) method in the Chat Hub (ChatHub.cs). It gets invoked in the Client side JS(chat.js) by on NewMessage. (Basically when a client sends a message)
We are using the build-in NewtonSoft JSON Serializer for Deserialization.
For more information, take a look at Backend and Frontend Methods Wiki Page .
The app uses SignalR which is a library for ASP .NET developers that simplifies the process of adding real-time web functionality to applications. Real-time web functionality is the ability to have server code push content to connected clients instantly as it becomes available, rather than having the server wait for a client to request new data. SignalR Supports the following data transport methods(the default is Web Sockets, others are fallback methods):
- WebSockets
- Ajax long polling
- Server Sent Events
- Forever Frames
We have made the back-end to accept only HTTPS traffic, making sure that all communications are secure. SignalR takes the settings, from the server, so WSS and Ajax over TLS, as a fallback method, are used by default, for data transportation. And on top of that we have added our own mechanism to encrypt the data with RSA via an external JS library called JSEncrypt developed by Travis Tidwell.