topbar.png

    Home

    Resume

    Projects


      - Realtime Analyzing
        Equalizer
      - Harmonic Distortion
        Reduction Feedback
      - Adaptive Filtering
      - Chat Program with
        Encryption
      - DIY Speakers
      - Amplifier
      - Preamplifier
      - Wireless Access
        Point
      - Wireless Antennas


    Contact

Chat Program with Encryption


This project started with a group of friends in high school.  We all wanted to learn socket programming.  One thing led to another and a friend and I ended up inventing our own encryption scheme as well.  Each of us ended up making our own clients which needed to adhere to strict rules to insure that each would work correctly with each other.  Development of my client lasted for over two years, beginning senior year of high school.

The highlights of my version are as follows.
    • Written in C++
    • GTK API used, originally written in GTK v1 and converted to GTK v2
    • Threaded gui (tricky!)
    • Home made encryption scheme using MD5, Diffie-Hellman, and Cubix algorithms (Cubix is the algorithm that a friend and I created)
    • Server less design
    • Basic plain text chatting as well as encrypted chatting
    • File sending
    • Chat logging
    • Automatic on line buddy checking
    • Sounds
    • Ability for away messages
    • Utilizes its own protocol
    The most interesting and challenging portion of the project was implementing encryption.  Rather than bore you over threaded programming, the protocol design, or details of the GUI, I will expand on the encryption scheme.  MD5, "Improved" Diffie-Hellman, and Cubix all work together to provide the basis.  

    Man-in-the-middle attacks where an unwanted and undetected individual stands in the middle of a "conversation" manipulating the passed data is an important problem in encryption schemes.  To hinder such an  attack, MD5 is used to create hashes.  Similar to SSH, when a user chats with another user using encryption for the first time, certificates are swapped (after a notice asking the user to make certain of the authenticity of person at the other end).  Now, when the encrypted session begins as well as all subsequent, the message is the first thing sent. The receiving side is expected to "watermark" the encrypted message with their personal secret key and then take a hash of this new watermarked message. This would then be returned to the original message sender who knows from an earlier trusted session what the secret key of the receiver is. The sender would then watermark the original message the same way as the receiver and take the hash of this. If the hashes are equal, with enough certainty, (2^64 random documents for MD5 share the same hash) it can be believed that the message was delivered to the correct recipient and the public key swap can be made.  As I understand it now, MD5 is now considered a weaker hashing algorithm, and if the program were to be reworked, a different hashing algorithm would be selected.
 
    Next in the encryption scheme is the "Improved" Diffie-Hellman key agreement system.  The strength of the system is based upon the fact that cracking a Diffie-Hellman secret key is the equivalent of solving a discrete logarithm problem which, as of today, there have been no shortcuts found. For all intents and purposes, with great minds having looked at discrete logarithmic problems, its safe to bet that an easy way does not exit. Quoted from RSA’s website “It assumes that it is computationally infeasible to calculate the shared secret key k = gab mod p given the two public values ga mod p and gb mod p when the prime p is sufficiently large.” So far this “assumption” has stood for longer than thirty years. Given this fact, Diffie-Hellman allows for the generate of safe private keys to be used by the Cubix symmetric encryption algorithm.  The prime number used to create the "key" is 4096 bits (last I remember).  This results in very large numbers being needed to compute the Diffie-Hellman algorithm.  Therefore, an infinite precision library was used, the GNU Multi-Precision (GMP) Library.

    Once public keys are exchanged and a private key is generated, the actual chat message text is encrypted using Cubix.  The Cubix algorithm maps the text onto a three-dimensional block of cells.  Each ascii character is placed in a cell on the cube and the cube has the columns and rows spun similar to the action of a rubiks cube.  The cube also "explodes" and swaps its halves.  After this is done, the ascii code for the characters are randomly altered according to the public keys.  The final cube is then read off as a text string and sent off the the recipient.  This method was invented after observing a rubiks cube and realizing the near impossibility to solve a rubiks cube making random changes.


Click to see a picture of the user interface.

Source code is available for viewing.  Please acknowledge that the source code is released under the GPL.  Also, this code has been abandoned.  I can't get it to compile anymore on my computer because of library problems (Slackware 10.2 w/GCC 3.4.5).  The executable lying around does work for me though.  Please do not contact me asking for support.

Download Source
Images, Sounds, Sample Buddylist Download

* Note that in order to run correctly, the executable created (bigtux) must be put into your home directory and the Images, Sounds, Sample Buddylist download must be placed on your home directory as well.  Such is (was) a work in progress.

Information and content Copyright © David Swiston
Images released under GPL