SENG360 Assignment 3: Message Application
Group members:
Lucas Mayall
Dylan Hughes
Sylvain Taghaoussi
Josh Blanch
=======
This is because of the usage of signal.alarm().
See signal.alarm() documentation. There are workarounds but they were not discovered until after the project was complete.
https://www.youtube.com/watch?v=7m4rYDt7DeE
- Clone the repo
- Run
python main.pyorpython main.py -debug. - type
helpto see commands. - Start chatting!
-
SM must support 1:1 messaging and may support group chats (that’s optional)
-
Text messages must be supported. Multi-media (such as pictures) are optional
-
Message history is kept in encrypted form (at-rest encryption)
-
Message history (for a particular conversation) can be deleted by a user. (This will not delete the message history on the other user's side.)
-
Message transport uses end-to-end encryption with perfect forward secrecy (https://en.wikipedia.org/wiki/Forward_secrecy)
-
Users are authenticated (i.e.,they should be guaranteed to talk to the right person)
-
Message integrity must be assured
-
Users can plausibly deny having sent a message (see https://signal.org/blog/simplifying-otr-deniability/)
-
Users can sign up for an account and also delete their account
-
SM must be implemented in Python
Bob initializes chat with Alice and sends her his public key encrypted with her public key.
Alice checks that public key against her contact list to find if Bob is in her contacts
If he is in her contacts she generates a temporary RSA keypair. She sends one of the keys to Bob, she encrypts that key with her private key and Bob's public key.
Bob recieves this key, and decrypts it with his private key and her public key. Then he saves it as the "session key" for that chat.
Bob and Alice have now exchanged keys and will use this session key to encrypt and decryt their messages.
- Message format: timestamp, message hash, message
- Message hash for message integrity
- Encrypt with sender private key and reciever public key
Generate public/private key pair - this was done by using the RSA key generation method - to do this, function such as euclidean algorithm and extended euclidean algorithm, get_prime(), is_prime() were created - the GeneratePair() function returns a tuple of tuples: ((pubKey, modula), (privKey, modula))
Forward secrecy handshake (see docs) - This security method is explained in the key exchange section
Encrypt strings via key - the message is encrypted using the specified key and returns a encrypted string of hexadecimals representing characters
Decrypt bytes via key - the decrypt function uses the corresponding key to decrypt the encrypted hexadecimals back into a string
- Save label, public key at top of file
- save timestamp, sender label, and message for each message
IMPORTANT: The code only works on unix due to use of SIGNAL, and only run the code while inside the /src directory
- Run it with "python main.py" or "python3 main.py"
- Waits for you to input valid commands listed below.
COMMANDS: login create_account delete_account chat delete_history exit help logout create_contact list_contacts
- User gives label and IP to initiate chat with someone
- If label doesn't exist user will have to provide label, IP, and public key.
- When saving message history it will also save the label and public key if the connection was successful.
- PRovide username and private key
- If successful unlock
- Have to be logged in
- User provides "contact name" of conversation to be deleted
- Delete that file
- Generate "long term" public and private keys
- Create folder with "username" for message history and key pair storage
- Delete folder with username