Crypto Messenger introduction
Main features are possibility to create custom size RSA key where message AES key is delivered to recipient. Note that these key's are created in your device, not at any remote location server. Messages are encrypted with AES encryption. New AES key is created for every message. When message is loaded from server, command to delete message is automatically send, so messages are never stored longer at server side than needed. Phones internal database is encrypted using SQLCipher 256 bit encryption with either user provided key (not recommended) or by app created key (recommended). App created key is recommended due very hard 128 bytes of length. If you remove your application or change phone you are not able to transfer database to other phone or retrieve messages in easy way. This application is in beta state and is not intended to replace any bigger messaging application never ever ever!
Want to try by sending messages to me?
My current uuid is: 316ecb05-6aec-4a9c-8c08-810c36622bc8
Or just read this image QR code with camera if you want that way.
This uuid may not work at the moment you read this documentation. You can still try.
My current uuid is: 316ecb05-6aec-4a9c-8c08-810c36622bc8
Or just read this image QR code with camera if you want that way.
This uuid may not work at the moment you read this documentation. You can still try.
Short tutorial
- First time launch app will ask for database key, provide a strong key or let app create key for you. It's recommended that app creates key.
- Create RSA keys (Internet connection is a must!). Select key size from top spinner menu, if your messaging secrecy is top level, choose bigger key.
- Click bottom right corner + button to get all available actions like seeing your uuid, adding recipients and so on.
- Have fun chatting.
Views explained
Messaging view
|
Here's example what kind of messaging view can look. You can input text at input field and send messages using send button on the right bottom corner. This view is constantly checking for new messages and messages are automatically appended to view while they are loaded and deciphered and also inserted to internal database for next time, when you visit this specific conversation.
When message is received it will send call to server API to delete that message when it is successfully delivered to recipient. This is one of the key ideas of this application. |
Key generation view
|
In this view you can specify yourself on RSA key with size of your messaging secrecy needs. Longer key makes communications slower but more secure via AES key being transmitted with much tougher encryption. AES key cannot be transferred without additional encryption, in this case RSA (asymmetric-key system) because it's symmetric-key is used to encrypt and decrypt the message. If AES key delivered without security, attacker could get both, message and key at the same time.
Choosing key size for example maximum 4096 byte key takes long time 15+ seconds to compute, depending on your device processor speed. So let it take it's time. Note that part of the key generation is also sending of public key which is always needed at your recipient side so that your recipient can encrypt messages which only you can open via your tightly secured private key. |
Conversation view
|
Here's main view where you see your conversations.
Right bottom corner button reveals or action like you can see on the image. You also have few options on right top corner three dots menu. |
Under the hood
Messages are encrypted with AES with following specifications:
- Key: 128 bit AES key.
- Key integrity: 256 bit Hmac SHA256 hash.
- Cipher: AES using CBC (Cipher Block Chaining) mode and PKCS5Padding.
AES keys for messages are encrypted with RSA public private method with user selectable variable key size.
More coming...
